Large Language Models (LLMs) and Generative AI in Cybersecurity and Privacy: A Survey of Dual-Use Risks, AI-Generated Malware, Explainability, and Defensive Strategies

arXiv:2607.06963v1 Announce Type: cross Abstract: Large Language Models (LLMs) and generative AI (GenAI) systems, such as ChatGPT, Claude, Gemini, LLaMA, Copilot, Stable Diffusion by OpenAI, Anthropic, Google, Meta, Microsoft, Stability AI, respectively, are revolutionizing cybersecurity, enabling both automated defense and sophisticated attacks. These technologies power real-time threat detection, phishing defense, secure code generation, and vulnerability exploitation at unprecedented scales. Following a rapid surge where LLM-generated malware grew to account for an estimated 50% of detected
The rapid development and deployment of LLMs and generative AI are creating immediate and significant dual-use risks, particularly in cybersecurity, which is now being formally surveyed and quantified.
This survey highlights how generative AI is fundamentally reshaping the cybersecurity landscape, enabling both advanced defenses and new vectors for sophisticated attacks at scale, requiring strategic adaptation.
The emergence of LLM-generated malware and vulnerability exploitation tools means security organizations must now contend with an accelerated, AI-driven threat environment.
- · Cybersecurity defensive AI companies
- · Organizations with adaptive security architectures
- · Generative AI platform providers
- · Organizations with legacy security systems
- · Individuals susceptible to advanced phishing
- · Developers with insecure coding practices
The cybersecurity industry will see a rapid acceleration in AI adoption for both offensive and defensive purposes.
There will be increased regulatory pressure on AI developers to incorporate security-by-design principles and mitigate dual-use risks.
The proliferation of AI-generated attacks could lead to a 'cyber arms race' and potentially diminish trust in digital systems.
This signal links to a primary source. Continuum Brief monitors and indexes it as part of the live intelligence stream — we do not republish source content.
Read at arXiv cs.CL