A future of cybersecurity, powered by AI, promises a world where it’s not just about defending against threats, but preemptively shaping a resilient digital landscape. But of course the technology is equally attractive to attackers and that means ethical hackers need to adopt it to.
A new study from Bugcrowd finds that 82 percent of hackers now use AI in their workflows, up from 64 percent in 2023, with AI primarily used for automating tasks, accelerating learning, and analyzing data.
The report’s findings show a decisive shift toward human-augmented intelligence, with hackers integrating AI into their workflows at significantly higher rates than in previous years. In parallel, a growing move toward collaborative hacking shows that team-based efforts increasingly outperform working in isolation. in isolation. These shifts reflect a broader evolution in the hacker psyche, balancing professionalization with foundational values. While financial incentives remain a primary motivator, most researchers still take deep pride in their ethical contributions, continuing to view hacking as a creative art form.
“While the industry often frames the AI conversation as a choice between humans and machines, we have reached a point where those forces are converging,” says Dave Gerry, CEO at Bugcrowd. “This year’s report highlights a new era of human-augmented intelligence, where hackers are leveraging AI as a force multiplier to scale their ingenuity and impact. This technological evolution is paired with a clear shift toward collaborative, team-based hacking, proving that collective intelligence is the most effective way to secure a rapidly expanding attack surface.”
Drawing on surveys and interviews with more than 2,000 security researchers worldwide, the report shows 72 percent of hackers believe team collaboration yields better results, with 61 percent finding more critical vulnerabilities when working in teams
In addition 75 percent report hacking is becoming more about money than curiosity, while 56 percent say geopolitics now outweighs pure curiosity as a driving factor,
Despite economic pressures, 85 percent believe reporting critical vulnerabilities is more important than making money, and 98 percent remain proud of their work. However, 65 percent have chosen not to disclose vulnerabilities due to lack of clear reporting pathways, highlighting critical gaps in organizational security processes.
You can read more and get the full report on the Bugcrowd blog.
Image credit: Arsenii Palivoda/Dreamstime.com
