Tech

How AI Is Changing Cybersecurity For Better & Worse

Nov 4th 2025

AI-generated, human-reviewed.

AI is rapidly changing the cybersecurity landscape, offering powerful tools to both defenders and attackers. On This Week in Tech, expert panelists explained how large language models and AI coding assistants are making software development easier and more secure for some, while simultaneously giving cybercriminals advanced capabilities to find vulnerabilities and automate attacks.

How AI Coding Tools Impact Software Development and Security

According to Alex Stamos, former Facebook CSO and current chief security officer at corridor.dev, AI coding assistants like Claude Code, OpenAI Codex, and others are enabling even non-experts to write complex software or analyze large datasets. This means millions more people can directly interact with computers at a higher level than ever before, potentially accelerating innovation in every industry.

At the same time, Stamos pointed out a critical shift: these same AI-powered tools are now being used by advanced hacking groups, making it easier for lesser-skilled attackers to discover vulnerabilities ("zero-days") that used to be the domain of only a few highly-resourced state actors. He cited threat intelligence reports from OpenAI and Anthropic that show a marked increase in adversaries using AI to automate the process of intrusion, exploit creation, and tool development.

This democratization of powerful coding aids poses a double-edged sword for global cybersecurity. While defenders can use AI to catch more mistakes and harden systems, adversaries are leveling up their operations with the same technology, amplifying the risk and raising the bar for defense teams everywhere.

Will AI Layoffs and Investment Lead to a Tech Bubble—or a Lasting Revolution?

The explosive rollout of AI capabilities is deeply affecting the tech economy. As discussed by Stacey Higginbotham, Jill Duffy, and Alex Stamos on the show, major companies like Amazon and Meta are making significant layoffs despite record profits. One driver is the immense cost of AI infrastructure—spending billions on NVIDIA chips and new data centers, even as they reduce headcount.

Panelists acknowledged that while AI is delivering tangible productivity gains in some areas, much of the current investment is speculative and sometimes involves questionable financial engineering. Real economic value from AI remains concentrated in relatively few companies and use cases, leading some experts (and articles in publications like The Atlantic) to question whether the sector is in a bubble reminiscent of the dot-com boom—or if it will leave a lasting, valuable infrastructure like the railroads did.

AI in the Hands of Hackers: What the Security Community Should Know

On This Week in Tech, Stamos emphasized that the largest risk may not be flashy new exploits, but the sheer number of mid-tier attackers who can suddenly operate at a much higher level with AI assistance. Previously, discovering and using advanced bugs (zero-days) was mostly the realm of a few top-level groups like Russia's SVR or US "Five Eyes" agencies. With AI, smaller or less skilled threat actors can find and exploit vulnerabilities faster and with fewer resources.

This trend makes professional, ongoing use of AI-driven defense tools essential for any organization with critical infrastructure or sensitive user data. Security teams must evolve alongside these tools and anticipate increasing automation—from both insiders and outside threats.

What You Need to Know

  • AI coding tools are empowering both software creators and hackers to work faster and more effectively.
  • Businesses adopting AI development tools must implement strict security frameworks to avoid compliance, privacy, and architectural errors.
  • Advanced adversaries are already using AI for automated intrusion, exploit creation, and threat campaigns.
  • Layoffs at tech giants like Amazon are tied in part to enormous AI infrastructure investment, not just financial downturns.
  • Speculation persists about the potential for an AI-driven economic bubble, though the underlying technology has real, transformative uses.
  • The threat from AI-aided cybercrime is growing, making proactive defense, skilled oversight, and software auditing more important than ever.
  • Security teams should expect attackers to quickly "level up" as AI tools proliferate, raising the baseline skill level of threat actors worldwide.

AI is transforming cybersecurity and the tech sector at breakneck speed, making powerful coding and attack tools widely accessible. As This Week in Tech's guests emphasized, organizations should adapt now by leveraging AI to bolster defenses, enforce software quality, and prepare for more sophisticated threats on the horizon. Navigating these changes will require not just new tools, but new security frameworks, investment strategies, and a vigilant approach to risk at every level.

Stay tuned to This Week in Tech for in-depth analysis of tech’s most pressing challenges.

Subscribe to future episodes: https://twit.tv/shows/this-week-in-tech/episodes/1056

The Great Router Ban This Week in Tech #1056
Nov 2 2025 - The Big Sleep
The Great Router Ban
All Tech posts