APT45 used AI at scale to recursively analyze CVEs and validate proof-of-concept exploits, showing DPRK-linked interest in AI-augmented vulnerability research and exploit development. GTIG also observed PRC and DPRK-associated clusters using persona-driven prompts, specialized vulnerability datasets, and agentic testing tools to improve vulnerability discovery workflows. The broader report documents adversaries applying AI to zero-day development, malware obfuscation, autonomous Android malware operations, reconnaissance, information operations, LLM access abuse, and supply chain attacks against AI components, but the DPRK-relevant finding centers on APT45's high-volume exploit-analysis prompting.