AI Exploits Zero-Days Faster Than Humans

The cybersecurity landscape is rapidly evolving as artificial intelligence models demonstrate an unprecedented ability to discover and exploit vulnerabilities. Initially, AI could only exploit known vulnerabilities with detailed descriptions. However, recent advancements, exemplified by Claude Mythos Preview, show AI autonomously identifying thousands of zero-day vulnerabilities. This capability has drastically shortened exploitation timelines, with critical vulnerabilities being exploited within hours of disclosure, often before patches are available.

Traditional security infrastructure, reliant on lengthy patching cycles, is ill-equipped for this new reality. Prioritizing vulnerabilities solely by CVSS scores is no longer sufficient. A more effective approach involves a three-layer filter combining CISA KEV status, Exploit Prediction Scoring System (EPSS) scores, and CVSS. This method has shown an 18x efficiency gain and covers 85.6% of exploited vulnerabilities.

Furthermore, the rise of AI agents introduces new risks to authorization and credential management. AI builders can inadvertently or intentionally bypass security controls, leading to a significant credential blast radius. Organizations must proactively test authorization boundaries for AI agents and map credential dependencies to mitigate these risks. Implementing event-driven patching for critical services and immediate testing of agent authorization policies are crucial steps.

As AI continues to advance, the speed of vulnerability exploitation will likely increase. Standards bodies are working on agent authentication and authorization, but these solutions are years away. Proactive measures, such as adopting advanced prioritization filters and rapid patching strategies, are essential for organizations to maintain a defensible security posture against AI-driven threats.