Google report that:
“Threat Actors Developing Novel AI Capabilities For the first time in 2025, GTIG discovered a code family that employed AI capabilities mid-execution to dynamically alter the malware’s behavior. Although some recent implementations of novel AI techniques are experimental, they provide an early indicator of how threats are evolving and how they can potentially integrate AI capabilities into future intrusion activity. Attackers are moving beyond “vibe coding” and the baseline observed in 2024 of using AI tools for technical support. We are only now starting to see this type of activity, but expect it to increase in the future”
Bottomline: A more critical view, malware developers are experimenting with AI, but we’re not seeing effective AI-powered malware at scale yet, just interesting experiments.