A year ago, AI-assisted cyber operations were mostly a trouble-shooting story, threat actors trouble-shooting tasks faster. That's no longer the picture. Drawing on Anthropic's threat intelligence from nearly 800 banned actors over twelve months and going deep on a few cases studies, this talk walks through what's actually changed: low-skilled operators clearing technical bars they couldn't before, small teams punching at what before would be considered APT weight, and the first documented cyberattack executed with AI doing 80–90% of the tactical work while humans largely supervise.

The talk will ground this in real cases, then zoom out using a MITRE ATT&CK analysis of a 9 months worth of enforcement data, which shows a measurable shift in actor risk profile.