From 4 to 10 August 2025, I attended Hacker Summer Camp in Las Vegas for the first time. I spent the first three days at BSides Las Vegas, followed by four intensive days at DEF CON. The experience was overwhelming and offered deep insights into the world of cybersecurity and artificial intelligence. This first episode of my short series focuses on the interface between cyber and AI.

AI: Blessing and Curse

One of the dominant topics was generative AI. Several proof of concepts clearly demonstrated how AI can automate and accelerate attacks.

AI-powered malware

In the presentation “Agentic AI Malware” by Candid Wüest (Slides), it was shown that , it was shown that agentic AI malware is not yet mature, but full of potential. Early examples such as LameHug and AI-assisted DDoS scripts show how attackers are using models to write and adapt code and circumvent security solutions. Particularly exciting was the demo ‘Yutani Loop’, a proof of concept for self-adapting malware that dynamically generates commands and evolves.

Key takeaways:

• AI malware is easy to generate, but its effectiveness is currently still limited.
• Autonomous malware tends to replace planning rather than execution.
• Traditional protective measures (AV/EDR, behaviour detection) continue to work.
• Attribution is becoming more difficult as AI obscures traces.
• The real danger lies in automation and scaling.

Deepfakes and social engineering

Particularly impressive were the live competition in the Social Engineering Village and the talk by Fred Heiding and Simon Lermen: “Automating Phishing Infrastructure Development Using AI Agents”.

Voice phishing is becoming increasingly realistic. Fred and his team have developed a tool that uses AI crawlers for OSINT research and generates fully automated, highly personalised vishing attacks, including the automated phone call.

Positive aspects of AI

AI was not only a topic on the attacker side:

• Sec-Gemini from Google impressed me at the CTF with its broad applicability and deep integration (e.g. with VirusTotal).
• Deepfake Detection: Mike Raggo presented “Fake Image Forensic Examiner v1.1”, a ChatGPT-based tool that can expose fake images using EXIF data, noise maps and error level analyses.
• DARPA AI Cyber Challenge: The winning teams showed impressive results in automated vulnerability detection and patch development. This type of AI will be particularly interesting for blue teams to monitor and evaluate

Conclusion Episode 1:

AI is a double-edged sword in the context of cybersecurity: it gives attackers speed and scalability, but also opens up new opportunities for defenders. One thing is clear: AI is here to stay and will fundamentally change the rules of the game.