#5: Understanding the Adversary
Getting ahead by learning the enemy's methods
AI Agents Frontier
Join the pioneers behind AG2 and autonomous research agents for a 5-hour deep dive into controlled orchestration, reproducibility, and safe deployment of scalable multi-agent architecture systems. Discover how to build deterministic, explainable, verifiable agents that eliminate hallucinations and support secure, auditable decision workflows.
Limited early-bird seats remaining.
Welcome to CYBER_AI, a new newsletter from the Packt team focusing on—well, exactly what it says on the tin: cybersecurity in the age of AI.
Here we go on another step into the future, into a world where the world of cybersecurity brims with the confidence that AI can bring to our practice. Of course, this goal—like all goals—requires us to set up the foundations properly and figure out how we stand on them. That means, for all those struggling to make these ambitious bounds forward, establishing the “101” topics and making sure they are widely understood. For a look into the future, here’s our plan:
1. What “Cybersecurity AI” Actually Means
2. Machine Learning 101 for Security Professionals
3. Threat Detection with AI: From Rules to Models
4. Adversarial Machine Learning Basics
5. LLMs in Cybersecurity: Capabilities and Limitations
6. Securing AI Models and Pipelines (AI Supply Chain Security)
7. AI-Enhanced Offensive Techniques
8. Privacy and Data Protection in AI Systems
9. AI Governance, Ethics, and Risk Management
10. Building a Security-Aware AI Workflow
Sound good? Head over to Substack and sign up there!
Join us on Substack to find our bonus articles!
In this newsletter, we’ll explore how AI is transforming cybersecurity—what’s new, what’s next, and what you can do to stay secure in the age of intelligent threats.
Welcome aboard! The future of cyber defence starts here.
Cheers!
Austin Miller
Editor-in-Chief
This week’s deep dives
Threat Detection with AI: From Rules to Models
Artificial threat detection started with rules: signatures, static indicators, and hand-crafted correlation rules in systems like firewalls and traditional SIEMs. Rules still work well for known threats because they are precise and explainable. The limitation is scale: modern environments produce huge volumes of logs and telemetry, and attackers continu…
Adversarial Machine Learning Basics
Adversarial machine learning is a part of cybersecurity that studies how artificial intelligence systems can be tricked, attacked, or misled, and how we can defend against those attacks. As AI tools become a normal part of daily work, and especially in security operations, understanding these risks is important.
News Wipe
How Agentic AI Can Boost Cyber Defense: This article explains how “agentic AI” — autonomous AI agents — are being deployed by security teams to triage and prioritise cyber threats. The approach helps reduce noise and speed up response times, enabling defenders to manage large volumes of alerts more effectively.
Disinformation and Cyber-Threats Among Top Global Exec Concerns: A new report from the World Economic Forum (WEF) highlights that AI-powered disinformation and cyber-threats are among the biggest worries for global executives, reflecting growing fears around social-engineering, deepfakes, and AI-driven malware.
Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools: Security researchers disclosed that a malicious npm (Node.js) package is using embedded “hidden prompts” and scripts to bypass AI-driven security tools — a novel kind of supply-chain attack aimed at poisoning AI defenses. This underlines how AI itself can be targeted and manipulated by attackers.
HTB AI Range offers experiments in cyber-resilience training: The article describes a new initiative from Hack The Box (HTB), offering an “AI Range” — a sandbox environment where organisations can test how AI agents respond to simulated cyber-attacks, helping improve detection and resilience against automated threats. This reflects growing industry emphasis on using AI defensively, not just offensively.
Exclusive: Palo Alto Networks CEO says AI demands a new focus on threat detection: At the recent AI+ Summit, the CEO of Palo Alto Networks warned that as organisations adopt AI — and attackers start doing the same — cybersecurity strategies must shift from protecting legacy systems to prioritising advanced threat detection and real-time response. He argued that AI-powered cyberattacks are now among the top risks facing enterprises globally.
Culture, You, and AI
Like Social Media, AI Requires Difficult Choices: In his 2020 book, “Future Politics,” British barrister Jamie Susskind wrote that the dominant question of the 20th century was “How much of our collective life should be determined by the state, and what should be left to the market and civil society?” But in the early decades of this century, Susskind suggested that we face a different question: “To what extent should our lives be directed and controlled by powerful digital systems—and on what terms?”
Banning VPNs: This is crazy. Lawmakers in several US states are contemplating banning VPNs, because…think of the children!
As of this writing, Wisconsin lawmakers are escalating their war on privacy by targeting VPNs in the name of “protecting children” in A.B. 105/S.B. 130. It’s an age verification bill that requires all websites distributing material that could conceivably be deemed “sexual content” to both implement an age verification system and also to block the access of users connected via VPN. The bill seeks to broadly expand the definition of materials that are “harmful to minors” beyond the type of speech that states can prohibit minors from accessing potentially encompassing things like depictions and discussions of human anatomy, sexuality, and reproduction.
The EFF link explains why this is a terrible idea.
Four Ways AI Is Being Used to Strengthen Democracies Worldwide: Democracy is colliding with the technologies of artificial intelligence. Judging from the audience reaction at the recent World Forum on Democracy in Strasbourg, the general expectation is that democracy will be the worse for it. We have another narrative. Yes, there are risks to democracy from AI, but there are also opportunities. We have just published the book Rewiring Democracy: How AI will Transform Politics, Government, and Citizenship. In it, we take a clear-eyed view of how AI is undermining confidence in our information ecosystem, how the use of biased AI can harm constituents of democracies and how elected officials with authoritarian tendencies can use it to consolidate power. But we also give positive examples of how AI is transforming democratic governance and politics for the better.
From the cutting edge
Artificial intelligence and machine learning in cybersecurity: a deep dive into state-of-the-art techniques and future paradigms: This 2025 review presents an in-depth survey of state-of-the-art AI/ML techniques applied to cybersecurity tasks — intrusion detection, malware classification, behavioral analysis, threat intelligence. It highlights both the progress and critical gaps: for example, lack of explainability, adversarial ML risks, scalability and privacy issues. The paper also maps out future paradigms (e.g. federated learning, quantum-AI convergence. (N. Mohamed et al.) From Knowledge and Information Systems (2025)
Generative AI revolution in cybersecurity: a comprehensive review of threat intelligence and operations: This paper reviews how generative AI (GAI / LLMs) is transforming cybersecurity: not only for defense (e.g. threat detection, anomaly detection, automation of responses) but also how attackers may leverage GAI for social engineering, malware, phishing, and more. It discusses limitations (misuse potential, incorrect outputs, high resource/training cost) and calls for balanced, cautious adoption. (Mueen Uddin, Muhammad Saad Irshad, Irfan Ali, Fuhid Alanazi, Fahad Ahmed, Muhammad Maaz, Saddam Hussain, Syed Sajid Ullah) From Artificial Intelligence Review 58 (2025)
Organizational Adaptation to Generative AI in Cybersecurity: A Systematic Review: This 2025 systematic review studies how real-world organizations are adapting their cybersecurity operations to integrate generative AI. It analyses 25 studies (2022–2025) and identifies patterns: adoption of LLMs in threat detection, automation of incident response, hybrid human–AI workflows. The paper also discusses challenges: explainability, data quality, bias, training, governance. It offers a roadmap for secure and responsible GenAI deployment in enterprise cyber-defense. (Christopher Nott)
Adversarial Defense in Cybersecurity: A Systematic Review of GANs for Threat Detection and Mitigation: A systematic review of how generative adversarial networks (GANs) can be used—not just to mount attacks, but as defenses. The paper surveys studies (2021–August 2025) on using GAN-based techniques for network intrusion detection, malware analysis, IoT security. It lays out a taxonomy (defensive function, GAN architecture, threat model, cybersecurity domain) and discusses strengths (improved detection accuracy, resilience) and persistent challenges (instability, lack of explainability, high computational cost, absence of standard benchmarks). (Tharcisse Ndayipfukamiye, Jianguo Ding, Doreen Sebastian Sarwatt, Adamu Gaston Philipo, Huansheng Ning)
Thanks for reading Packt Cyber_AI! Subscribe for free to receive new posts and support our work.