AI vs. Hackers: How New Models Are Outpacing Cybersecurity Defenses
- AI models are accelerating the cycle of cyberattacks and defenses by automating the discovery of software vulnerabilities and improving the sophistication of phishing attempts, according to a June...
- The speed of this cycle has increased as large language models (LLMs) become more capable of writing and debugging code.
- AI models lower the technical barrier for entry into cybercrime.
AI models are accelerating the cycle of cyberattacks and defenses by automating the discovery of software vulnerabilities and improving the sophistication of phishing attempts, according to a June 26, 2026, report from Science News. An AI expert warns that these tools create a continuous cat-and-mouse game between hackers and security professionals.
The speed of this cycle has increased as large language models (LLMs) become more capable of writing and debugging code. Hackers use these models to scan for weaknesses in software faster than human analysts can patch them. This automation reduces the time required to launch a successful exploit from weeks to hours.
How do AI models increase cybersecurity risks?
AI models lower the technical barrier for entry into cybercrime. According to Science News, attackers now use AI to generate highly personalized phishing emails that lack the traditional spelling and grammar errors that once signaled a scam. These models can analyze public data to mimic the tone and style of a specific individual or organization.
Beyond social engineering, AI is being used for automated vulnerability research. This process involves using AI to analyze millions of lines of code to find “zero-day” vulnerabilities—flaws unknown to the software vendor. Once found, AI can help draft the exploit code needed to penetrate a system.
The risk is not limited to text. AI-driven deepfakes are now used in “vishing” or voice-phishing attacks. Attackers clone the voice of a company executive or a trusted relative to authorize fraudulent wire transfers or divulge sensitive passwords.
How are cybersecurity experts using AI to fight back?
Defenders are deploying the same AI technology to monitor networks for anomalies in real time. Traditional security software relied on “signatures”—known patterns of previous attacks. Modern AI-driven systems use behavioral analysis to identify suspicious activity that has never been seen before.
According to reports on AI defense trends, these systems can automatically isolate an infected computer from a network the moment a breach is detected. This prevents “lateral movement,” where a hacker moves from one low-security device to a high-security server.
Security teams also use AI to prioritize patches. Instead of fixing every minor bug, AI analyzes which vulnerabilities are actually being targeted by hackers in the wild, allowing teams to secure the most critical points first.
Why does this matter for healthcare systems?
Healthcare infrastructure is a primary target for AI-enhanced attacks due to the high value of protected health information (PHI) and the critical nature of hospital uptime. A breach in a medical setting can lead to the theft of patient records or the locking of life-saving equipment via ransomware.
The integration of AI into medical devices, such as insulin pumps and heart monitors, creates new attack surfaces. If a hacker uses AI to find a flaw in the firmware of a connected device, they could potentially alter dosages or disable alerts remotely.
Hospital systems often struggle with “legacy software”—older programs that are no longer supported by the original vendor. AI models can identify these outdated systems across a network with high precision, making hospitals easier targets than updated corporate environments.
What are the remaining uncertainties?
It remains unclear whether AI will ultimately favor the attacker or the defender. Some experts argue that the “defender’s dilemma”—the fact that a hacker only needs to find one hole while a defender must plug every hole—is magnified by AI. Others suggest that AI’s ability to automate patching will eventually close the window of opportunity for attackers.

Regulatory bodies are still debating how to govern the release of powerful AI models. There is an ongoing tension between the desire for open-source AI, which helps researchers find flaws, and the risk that open-source models provide a blueprint for malicious actors.
The outcome of this competition depends on the speed of adoption. According to the analysis in Science News, the side that integrates AI into their workflow more efficiently will likely hold the advantage in the short term.
