Oliveira, PedroDias Lousã, Mário JorgeDias Lousã, Mário JorgePereira de Morais, José CarlosPereira de Morais, José CarlosMorais, José CarlosLousã, Mário2026-01-292026-01-292026-01-01Oliveira, P., Lousã, M., & Morais, J. (2026).0874-8799http://hdl.handle.net/10400.26/61315The expansion of generative AI (GenAI) is forcing us to rethink cybersecurity, expanding both de-fensive automation and scalable offensive techniques. This bibliometric review maps the change driven by GenAI in cybersecurity through a PRISMA-guided selection of 154 documents from The Lens (20 December 2025). The current state is summarized by scientific mapping results (co-author-ship, co-word, and co-citation networks, and thematic evolution) to identify dominant architectures, thematic clusters, and collaboration patterns, and implications for governance and auditing. We note the exponential growth of publications in 2022. We notice the trend. The authors group publications into several architectures: large language models (LLMs), generative networks (GANs), and diffu-sion models. These focus on common topics, (i) large-scale phishing and social engineering, (ii) mutability, obfuscation, and adversarial evasion of malware, and (iii) intrusion detection and cyber threat intelligence using synthetic data. Co-citation networks and keywords show that adversarial robustness, red teaming, and benchmarking are interconnected. We find that explainability and hu-man-in-the-loop defense exist as minor but growing topics. One risk is the BlackMamba case, which transmits an LLM-assisted pipeline capable of generating more than 10,000 semantically identical but structurally distinct mutations per hour and achieving a 98.2% evasion rate against commercial EDR solutions. Risk mitigation should prioritize benchmarking and standardized reporting, continu-ous red teaming, and telemetry monitoring, incorporated into dynamic audit frameworks, supported by explicit international governance for high-risk GenAI cybersecurity applications.engAdversarial AIAI-driven cyber threatsPolymorphic and metamorphic mal-wareSynthetic dataIntrusion detection systems.texthttps://doi.org/10.58086/w1yd-0829