AI-generated ransomware capable of evading mainstream defenses was spotlighted at Black Hat USA 2025, where researchers detailed proof-of-concept malware trained on open-source LLMs to bypass Microsoft Defender for Endpoint roughly 8% of the time after three months and about $1,500 of tuning, underscoring how generative AI accelerates polymorphic payload creation and antivirus evasion across sectors including banking and healthcare. Conference coverage and industry analyses describe attackers leveraging AI to automate reconnaissance, generate constantly mutating code, and scale ransomware-as-a-service, while tools like WormGPT, FraudGPT, and emerging dark‑web platforms lower barriers for non-experts to orchestrate campaigns at speed. Reports through mid‑2025 highlight a surge in AI-powered polymorphic phishing and rising ransomware payloads delivered via email vectors, reflecting the operationalization of these techniques beyond theory. Experts and vendors at the event urged emphasis on behavior-based detection, SOC-hardening against EDR bypass, secure-by-design software, and resilient backup and recovery, as defenders and adversaries increasingly wield the same AI capabilities with divergent aims for critical infrastructure and enterprise networks.