The Commonality Problem in AI-Assisted Offensive Code Develeopemnt.

Since the public debut of ChatGPT, the security community has continued to focus on the wrong question. The issue is not whether AI can generate malware that capability is already established. More importantly, it is not the most significant development.

This talk focus three evidence-based ways genAI is reshaping the offensive security landscape, along with a fourth emerging risk that is closer than many defenders assume.

First is code convergence. When different threat actors rely on the same genAI systems, the resulting malicious code begins to show structural similarities. This is not due to coordination, but to shared training data and model behavior. As a result, detection systems designed tend end to catch only lower-skill actors, while more advanced operators evade detection.

Second is novel technique synthesis. Similar to how AI in drug discovery evolved from searching known compounds to generating entirely new ones, genAI is likely to produce offensive techniques that do not exist in current datasets. Evidence from various research initiatives shows the integrations with LLMs, and academic research into automated exploit generation supports this shift from replication to creation.

Third is the two-world problem. genAI does not impact all threat actors equally. Disclosures from Microsoft and OpenAI identified multiple state-linked groups and actors using LLMs o support offensive activity. This talk analyses what each tier gains, what each tier does not, and why a single defensive response to “the AI threat” is already insufficient.