How Agentic AI Is Reshaping The Cybersecurity Threat Landscape

Artificial intelligence is a hot-button topic in every industry, and cybersecurity is no exception. Over the past few years, with the rise in popularity of the term, we have seen tools claim to leverage or be powered by AI to better detect new threats. All of this has been in preparation for the shift where we would eventually see AI used in attacks. As we continue to adopt AI, it is only natural that adversaries will do the same.

We have already seen this in action, first with LAMEHUG, a data-stealing malware that uses a large language model (LLM) to generate commands dynamically, and PromptLock, a ransomware variant powered by a local AI model to evade heuristic detection. These threats signal a move from static, preprogrammed attacks to adaptive, decision-making adversaries capable of evolving their behavior on the fly.

According to Malwarebytes’ S"tate of Malware 2025" report, nearly 80% of ransomware attacks now incorporate some form of AI-driven automation to increase speed and efficiency. Similarly, research from ISACA notes that agentic AI is shifting the threat model from “tool-assisted” to “autonomous,” which poses challenges that most traditional controls are not designed to address (ISACA, 2025).

For Latin America, this is not just a technical challenge, it represents a strategic breaking point, where traditional responses based on identifying signatures and patterns are no longer as effective in countering new techniques and threats.

With malicious actors adopting agentic AI, the threat landscape as a whole is and will continue to be reshaped. In response, the cybersecurity industry must be prepared to adapt and innovate to rise to the challenge.

How Agentic AI Changes the Threat Landscape

It is clear that new threats will continue to leverage AI to ensure they are widespread, dynamic, and more effective. However, with the introduction of agentic AI, attackers now have a new tool in their arsenal one that allows them to change the rules of the game.

This shift is not theoretical. Threat intelligence reports from IBM’s X-Force and MITRE’s Emerging Threats team highlight early-stage use of AI agents in automating reconnaissance, privilege escalation, and exfiltration tasks, which until now required skilled human operators. As threat actors adopt these tools, the scale, speed, and sophistication of attacks will grow exponentially.

Speed

We can expect that the speed of attacks will increase, as they will likely be highly automated. What used to take days will now take hours.

A recent study by the European Union Agency for Cybersecurity (ENISA, 2025) noted that AI-assisted attack development can reduce preparation time by 80%, drastically shrinking the detection window for defenders.

As such, response efforts will need to adapt, leveraging technology and automation that allows defenders to keep up with the speed of attacks. Detection, triage, and containment cycles will need to become significantly shorter.

Adaptability and Evasion

Malware is generally created with fixed signatures and payloads, which require updates through a development process.

With the introduction of agentic AI, malware can now dynamically adapt to its environment and/or controls implemented, improving its evasion techniques. This means signature-based defenses will no longer be sufficient on their own.

An example of this is LameHug, that leverages Qwen 2.5-Coder-32B-Instruct model via the Hugging Face API to generate new commands on the fly, based on the specific system it has compromised.

A dynamic threat requires an equally adaptive defense that is capable of analyzing patterns, not just matching known signatures.

Scalability

Where in the past reconnaissance, exploitation, and exfiltration required technical skills from a human-driven team, this is no longer the case.

AI agents can now perform similar tasks autonomously, allowing for a much larger scale of attacks. This lowers the barrier to entry for cybercriminals and increases the volume and complexity of threats defenders must handle simultaneously.

New Attack Surface

The widespread use of LLMs expands our attack surface and creates new opportunities for attackers to exploit. New attack vectors include prompt injections, poisoning of data pipelines, memory-based persistence, multi-agent compromise, and exploitation of trust boundaries.

MITRE has already begun cataloging these under its ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) framework, highlighting how AI-driven ecosystems bring entirely new attack classes that traditional frameworks like ATT&CK never covered.

Threat actors no longer just automate tasks, they now automate decisions, using agents capable of goal setting, planning, and autonomous action.

Attribution

Attribution has always been a complex matter, often relying on signatures, hashes, and other indicators of compromise to identify an attacker.

With these new threats, attacks will be even harder to track, as agents will act autonomously or even operate from legitimate AI platforms. This makes what was already a difficult matter an even more complicated affair, complicating legal, forensic, and diplomatic responses.

What Are the Next Steps?

It’s clear that artificial intelligence has reshaped more than cybersecurity, and as such, we need to adapt our strategies to prepare for the new challenges this will bring. Agentic AI escalates the latent threat of artificial intelligence into an actionable tool set that allows for automated and autonomous attacks where an attacker can have an army of agents to lead.

Agentic AI represents a paradigm shift in cybersecurity. Threat actors are no longer automating isolated actions, they are automating entire decision-making processes, enabling threats that can think, plan, and evolve.

As these capabilities spread, traditional defenses will fall short. To stay ahead, organizations must act decisively by adapting, innovating, and embedding resilience into every layer of their cybersecurity posture.

The next wave of attacks will not just be faster or stealthier, they will be smarter. And the only way to defend against threats that think is to start thinking just as fast.