The most boring true thing about LLMs in warfare: they are doing the workflow tasks that humans were doing the day before. Summarizing intel. Sorting alerts. Reading disassembly. Drafting briefings. Cracking obfuscated strings. They are not running autonomous offensive operations · they are accelerating analysts.
That said: the acceleration matters. A SOC that triages 10× faster with the same headcount has different capability. A threat-intel team that synthesizes 20× faster has different capability. A red team that automates routine prep has more time for novelty.
Below is what is publicly known to be deployed as of mid-2026. Sourced. No speculation.
LLMs ingest streams of cable-traffic-equivalent material, signals reports, intercepts, OSINT and produce ranked summaries faster than human analysts working alone. Public reporting through 2024-2025: Bloomberg disclosed CIA's Osiris generative-AI analysis tool in mid-2024; DoD's Task Force Lima (stood up 2023) coordinated LLM acceleration across the DoD enterprise; the UK MoD's Defence AI Centre stood up parallel capability.
Public security research (Microsoft + OpenAI joint disclosure February 2024) attributed observed use of OpenAI APIs by named threat actors (Forest Blizzard/APT28, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon, Salmon Typhoon) for code-generation tasks supporting offensive operations. None of the use was novel-capability-creating — it was acceleration of existing playbooks.
Vishing (voice phishing) using voice clones, spear-phishing with LLM-generated personalized lures, fake personas at scale across social platforms. Public examples cited by CISA, the UK NCSC, and Microsoft in 2024-2025. The defensive countermove is identity verification + out-of-band confirmation, not better filters.
Public reporting by The Guardian and +972 Magazine (April 2024) on the IDF's reported use of AI systems named 'Lavender' and 'The Gospel' for identifying and prioritizing targets in Gaza. These systems are publicly reported but controversial; their accuracy claims, oversight, and rules-of-engagement have been heavily debated in subsequent reporting. Cited as the most consequential public example of ML in modern targeting decisions.
Microsoft Security Copilot, Google Threat Intelligence powered by Gemini, CrowdStrike Charlotte AI, SentinelOne Purple AI, Palo Alto Networks AI Copilot — every major SOC platform shipped an LLM-augmented analyst assistant in 2023-2024. Tier-1 alert triage that took an analyst 4-15 minutes now takes 30-90 seconds with an LLM doing the first pass. The job didn't disappear · the throughput multiplied.
Vannevar Labs (defense OSINT), Recorded Future, Mandiant Threat Intelligence — all integrated LLMs into the analyst loop for synthesizing multi-source intelligence into briefings. The throughput gain is on the analyst side · the same human reviews and signs.
Public RE tools (Ghidra, IDA Pro) ship LLM-assistance plugins. Malware analysts now use LLMs to summarize disassembly, suggest function names, identify cryptographic primitives. The 80% that's deterministic is faster · the 20% that's hard is still the human's job.
Mixed public results. Google Project Zero published in late 2024 a real CVE found by LLM-augmented fuzzing (Big Sleep). Anthropic, DeepMind, OpenAI all published cyber-related capability evals through 2024-2025. The field consensus: LLMs accelerate certain narrow vuln-discovery workflows · they don't replace senior researchers. The capability is real, the hype is overcorrected, the trajectory is upward.
Microsoft PyRIT (Python Risk Identification Toolkit), Anthropic's published red-team frameworks, Lakera and Mindgard commercial offerings — the tooling for automated LLM red-teaming matured rapidly through 2024-2025. The red team's job didn't go away · the surface they need to cover did.
If you're going to work in this field, you are going to face decisions that don't have clean answers. Some patterns worth sitting with before you sign anywhere: