AI is no longer just a tool people use to write emails, summarize documents, or speed up coding. It is also becoming part of how cybercriminals work.
That does not mean every attacker suddenly has advanced skills. It means they now have a faster way to do things they were already trying to do: research targets, find weaknesses, write code, hide malware, and create more convincing scams.
The real concern is not that AI creates a completely new kind of crime overnight. The concern is that it makes existing attacks easier to run, easier to scale, and harder to spot.
From Experimentation to Everyday Use
A few years ago, many attackers were mostly experimenting with AI. They were testing prompts, asking for code snippets, or using chatbots as research assistants.
Now the use is more serious.
Attackers are beginning to build AI into their normal workflow. They use it to help analyze software, troubleshoot broken code, generate fake content, and automate repetitive tasks. In some cases, AI is not just helping them prepare an attack. It is becoming part of the attack itself.
That shift matters. A tool that saves an attacker time can make a campaign larger, cheaper, and more consistent.
AI Can Help Find Software Weaknesses
One of the most important areas is vulnerability research.
Traditionally, attackers had to spend a lot of time reading code, testing software, and looking for mistakes. AI can speed that up. A model can help review code, explain what certain functions do, and point out places where the logic may not make sense.
This is especially useful for flaws that are not obvious.
Some vulnerabilities are not caused by a simple typo or a classic bug. They happen because the software makes a bad assumption. For example, a system may trust a user, process, or condition that it should not trust. These kinds of logic flaws can be difficult for traditional scanning tools to catch, because the code may appear to work as intended.
AI is better suited to reasoning through those situations. It can compare what the software seems designed to do with what it actually allows. That makes it useful for both defenders and attackers.
Malware Is Getting Easier to Rewrite
AI is also helping attackers develop and change malware faster.
Malware often needs to avoid detection. Security tools look for suspicious patterns, known code, unusual behavior, and repeated indicators. If attackers can quickly rewrite parts of their malware, add extra code, or change how it looks, they may have a better chance of slipping past older defenses.
Some attackers use AI to generate fake or irrelevant code. This kind of code does not help the malware do its job, but it makes the file harder to understand. It can waste analysts' time and make malicious activity look less obvious.
Others may use AI to produce different versions of the same tool. The goal is not always to create something highly advanced. Sometimes the goal is simply to move fast enough that defenders struggle to keep up.
The Rise of AI-Assisted Malware
A bigger concern is malware that uses AI while it is running.
In the past, malware usually followed a fixed set of instructions. It would collect data, connect to a server, wait for commands, or perform a specific action. Now, some tools are starting to use AI to interpret what is happening on a device and decide what to do next.
That creates a more flexible attack.
For example, malware on a phone could look at what is shown on the screen, understand which buttons or menus are visible, and then choose the next action. Instead of needing a human operator to guide every step, the malware can use AI to help navigate the environment.
This does not make malware unstoppable, but it does make it more adaptive.
Reconnaissance Is Becoming Faster and More Personal
Before attackers send a phishing email or attempt to break into a system, they usually do research.
They want to know who works at a company, which departments matter, what vendors the company uses, what software might be in place, and who has access to sensitive systems. That kind of research can take a long time.
AI makes it faster.
Attackers can ask models to summarize organizations, identify likely decision-makers, map business relationships, and help create believable messages. A phishing email that once looked generic can now sound more specific and informed.
This matters because people are more likely to trust a message that feels relevant to their job, team, or current situation.
Phishing Does Not Need to Be Perfect
There is a common mistake people make when thinking about AI-generated scams. They imagine the content has to be flawless to be dangerous.
It does not.
A scam only needs to be convincing enough for the right person at the wrong moment. If AI helps attackers produce thousands of slightly better messages, that can still increase their chances of success.
AI can help with tone, grammar, translation, formatting, and personalization. It can also help attackers test different versions of a message quickly.
The result is not always sophisticated, but it is often good enough.
Information Operations Are Becoming Cheaper to Produce
AI is also being used in influence campaigns.
Threat actors can use it to create articles, social posts, fake images, voiceovers, translated content, and political messaging. Synthetic audio and video are especially concerning because they can make false claims appear more credible.
This does not mean every fake video will fool everyone. Many are still clumsy or easy to question. But the cost of producing them is falling, and the speed is increasing.
That means more misleading content can be created, tested, and distributed with less effort.
AI Systems Are Now Targets Too
The other side of the issue is that AI tools themselves are becoming valuable targets.
Many companies are connecting AI systems to internal documents, customer records, cloud platforms, code repositories, ticketing systems, and workflow tools. That makes AI useful, but it also increases risk.
An attacker may not need to break the AI model directly. They may only need to compromise one of the tools around it.
That could mean stealing an API key, abusing a plugin, compromising an open-source package, or attacking an agent that has too much access.
The Weak Point Is Often the Surrounding Software
The model itself may be well protected. But the surrounding ecosystem can be messy.
AI tools often rely on connectors, browser extensions, third-party libraries, plugins, automation scripts, and agent frameworks. These pieces may have permission to read files, call APIs, execute commands, or move data between systems.
If one of those parts is compromised, the attacker may gain access to sensitive information without ever attacking the model directly.
This is why AI security is not only about prompts and guardrails. It is also about software supply chain security, access control, logging, and basic operational discipline.
Why AI Agents Need Extra Attention
AI agents are especially important because they can take action.
A simple chatbot may answer questions. An agent may read files, browse internal systems, run code, send requests, update tickets, or interact with business tools. That makes it powerful, but also risky.
The more an AI agent can do, the more carefully it needs to be controlled.
Organizations should ask practical questions:
- What can this agent access?
- Can it execute commands?
- Can it send data outside the company?
- Can it use credentials or tokens?
- Can it install or call third-party tools?
- Is anyone reviewing its actions?
These questions are not theoretical. They are the difference between a helpful assistant and a new attack path.
What Security Teams Should Do
The lesson is not to avoid AI. The lesson is to manage it properly.
Companies should treat AI tools like important business systems, not side projects. That means limiting permissions, protecting API keys, checking third-party integrations, reviewing plugins, scanning dependencies, and monitoring unusual activity.
It also means keeping humans involved in sensitive workflows. AI can help move faster, but it should not be trusted blindly with high-risk actions.
Good security still comes down to familiar habits: least privilege, strong authentication, logging, patching, code review, vendor checks, and incident response planning.
AI does not replace those basics. It makes them more important.
AI Can Help Defenders Too
This is not only bad news.
The same technology that helps attackers can also help defenders. AI can assist with vulnerability discovery, malware analysis, alert triage, code review, and patch development. It can help security teams move faster and handle more information than they could manually.
The difference is how responsibly it is used.
Defenders can use AI to find weak points before attackers do. They can use it to detect suspicious patterns, investigate incidents, and improve software security. In that sense, AI is becoming part of both sides of the fight.
The Bottom Line
AI is not replacing cybercriminals. It is making them faster.
It helps them research, write, test, hide, and scale their work. At the same time, the growing use of AI inside companies creates new systems, tools, and supply chains that attackers want to exploit.
The organizations that handle this best will not be the ones that panic or ignore the problem. They will be the ones that treat AI as real infrastructure, with real access, real risk, and real security requirements.
AI is useful, but it should not be treated as harmless. Once it connects to business data and systems, it becomes part of the security perimeter.
Source: Google Threat Intelligence Group AI in vulnerability exploitation and initial access