The cybersecurity landscape experienced a major shift in 2025 as threat actors transitioned from experimenting with artificial intelligence to fully integrating it into real-world cyber operations.
According to new insights from the Google Threat Intelligence Group (GTIG) and Mandiant, attackers are now deploying adaptive malware and autonomous AI agents that dynamically modify their behavior during attacks, significantly increasing the speed, scale, and complexity of cyber threats.
Early uses of generative AI in cybercrime largely focused on productivity improvements. Threat actors used large language models (LLMs) to draft phishing emails, translate messages, and assist with basic coding tasks.
However, researchers observed that by the end of 2025, attackers had moved far beyond these limited uses, incorporating AI directly into malware and attack infrastructure.
gbhackers.com
