Black Hat & DEF CON 2025: Where AI Meets Adversaries

My annual pilgrimage to Las Vegas for Black Hat USA and DEF CON—what many of my friends affectionately call “Hacker Summer Camp”—took place from August 2–7, 2025, at the Mandalay Bay Convention Center, with DEF CON extending the festivities through August 10 at the Las Vegas Convention Center.

Last year’s highlight was me catching Cirque du Soleil: Michael Jackson ONE. This year, I was hoping to see the Backstreet Boys at The Sphere—but after a few disapproving looks from my friends, that plan didn’t quite happen.

AI Everywhere (and I mean everywhere)

If there was a single dominant theme at Black Hat this year, it was AI. I heard the term “AI” at least once an hour—sometimes more. It was the focus of countless talks, hallway conversations, and vendor pitches. Organizers framed the event around the “escalating arms race between malicious generative AI tools and the defensive AI systems built to stop them.”

Real-world demos included AI-generated phishing campaigns, deepfake voice attacks, and offensive AI techniques that stretched the imagination of even seasoned attendees.

At the opening keynote, Mikko Hyppönen, outgoing Chief Research Officer at WithSecure, captured the duality of the moment:

But Hyppönen also warned that the advantage won’t last forever—attackers are closing the gap, with AI systems already credited with discovering around two dozen zero-day vulnerabilities in 2025.

IR Shortcuts, AI Reversers, and Missed Opportunities

Microsoft’s incident response panel spotlighted “cheat codes” for accelerating threat containment. Yet they also revealed a sobering fact: only 26% of organizations rehearse incident response plans in practice.

Meanwhile, Booz Allen’s “Vellox Reverser” stole the expo floor—a cloud-native, AI-first malware reverse-engineering platform designed to turn binaries into actionable defensive guidance in minutes.

My Research: Targeting at Scale with AI

I also had the opportunity to showcase some of the research I have been conducting. I demonstrated how threat actors could potentially fine-tune AI to identify and target high-profile individuals at scale.

By combining facial recognition systems with social media data, attackers could filter targets by county, geolocation, or even inferred personality traits. AI could then automate both target selection and custom attack generation.

While our work was presented as a theoretical scenario, I don’t think we’re far from seeing adversaries experiment with these exact techniques in the wild.

DEF CON: Hands-On and Community-Driven

Over at DEF CON, AI wasn’t just a buzzword—it was hands-on. Specialized training sessions like “Solving Modern Cybersecurity Problems with AI” taught attendees how to build their own AI frameworks, from ingestion pipelines to defending against adversarial attacks.

Of course, DEF CON wouldn’t be complete without LineCon, the rite-of-passage badge pickup experience. With the move to the Las Vegas Convention Center, LineCon has evolved but kept its soul.

• Badge pickup started Thursday at 8:00 AM, with the hardcore arriving at 4–5 AM.

• Prices rose to $500 cash (up from $460 in 2024), with pre-purchase options reaching $580.

• Despite online pre-sales, the two lines still merged, ensuring the wait lived on.

  
  

But LineCon was less a chore and more a celebration: DEF CON goons blasting music from backpack speakers, swag giveaways, and the legendary beach ball passing made it arguably “the most fun line you’ll ever stand in.” Wait times were 1.5–2.5 hours, but the atmosphere made it fly by.

Final Reflections

Black Hat and DEF CON once again delivered an action-packed week for the global cybersecurity community. Black Hat’s business- and research-driven briefings contrasted with DEF CON’s raw, hands-on hacking chaos—but together they reflect the innovation, urgency, and community spirit that define this industry.

Would I change my approach next year? Absolutely. After years of hitting both conferences back-to-back, I’ve realized it’s exhausting—especially when I inevitably fail at staying hydrated or eating properly. Next year, I’ll likely skip Black Hat and stick to DEF CON (and maybe BSides), where I find the technical depth and community interaction align more closely with my interests.

For now, I’ll be keeping an eye out for the detailed reports and follow-up research that always emerge in the weeks and months after Hacker Summer Camp.