AI Models Now Find and Exploit Vulnerabilities Faster Than Ever
General-purpose AI models have demonstrated remarkable ability to discover vulnerabilities without being purpose-built, according to new research. This capability is compressing the traditional attack timeline from months to days, creating a critical window of risk for enterprises worldwide.
"Advances in AI model-powered exploitation are not a future threat—they are observable today," said a security researcher from Wiz. "Defenders must harden existing software rapidly while preparing for attacks on systems that remain unhardened."
Background: The Shifting Economics of Zero-Day Exploitation
Historically, discovering novel vulnerabilities and developing zero-day exploits required significant time, specialized human expertise, and substantial resources. This barrier limited widespread use of zero-days to advanced, well-funded threat actors.
Today, highly capable AI models are lowering the barrier to entry. The Google Threat Intelligence Group (GTIG) has already observed threat actors leveraging large language models (LLMs) for exploit generation, with AI tools and services being actively marketed on underground forums.
"We are seeing a democratization of exploit development," explained a GTIG analyst. "Continued advancements make these capabilities achievable for threat actors of all skill levels, significantly compressing the attack timeline."
What This Means for Enterprise Security
This shift in the economics of zero-day exploitation will enable mass exploitation campaigns, accelerated ransomware and extortion operations, and increased activity from actors who previously guarded such capabilities. The historical gap between private and public exploit availability is shrinking rapidly.
In its 2025 Zero-Days in Review report, GTIC noted that PRC-nexus espionage operators have become increasingly adept at rapidly developing and distributing exploits among separate threat groups. This trend is expected to expand globally as AI tools become more accessible.
Defender’s Imperative: Two Critical Tasks
Facing this scenario, defenders have two critical tasks: hardening software as rapidly as possible and preparing to defend systems that have not yet been hardened. The time to act is now.
"Now is the time to strengthen playbooks, reduce exposure, and incorporate AI into security programs," urged the Wiz researcher. Enterprises should integrate AI-driven vulnerability discovery into their own development cycles to stay ahead of adversaries.
Actionable Roadmap for Enterprises
To navigate this evolving threat landscape, organizations should consider the following steps:
- Accelerate patch management: Prioritize critical vulnerabilities with automated AI-assisted scanning.
- Adopt AI-powered defense tools: Deploy AI models to detect and respond to novel exploits in real time.
- Enhance threat intelligence sharing: Collaborate with industry groups and agencies to stay informed about emerging AI-driven threats.
- Red team with AI: Simulate AI-augmented attacks to test and improve defenses.
This is a developing story. For an in-depth exploration, register for the upcoming webinar: Defending Your Enterprise When AI Models Can Find Vulnerabilities Faster Than Ever.