From Zero-Day to Zero-Hour: How AI Compresses the Vulnerability Lifecycle
Traditional vulnerability cycles take months from discovery to patch. AI compresses that to hours. CrowdStrike reports 29-minute breakout times and 89% more AI-augmented attacks year-over-year.

In 2024, a skilled security researcher might spend three to six months discovering a single critical zero-day vulnerability. They audit code, build test harnesses, develop a proof-of-concept exploit, write up the findings, and report through responsible disclosure channels.
In April 2026, Anthropic's Claude Mythos Preview found thousands of zero-day vulnerabilities across every major operating system and web browser. Not over months. Over weeks. With a single prompt that essentially said "please find security vulnerabilities in this program."
The vulnerability lifecycle just collapsed. The implications for enterprise security are severe.
The Old Timeline vs the New Timeline
Understanding the magnitude of this shift requires comparing what vulnerability management looked like 18 months ago against what it looks like today.
The Traditional Vulnerability Lifecycle (Pre-AI)
Discovery phase: 2 to 6 months. A security researcher selects a target, audits the source code, identifies a potential vulnerability class, and manually searches for instances. This requires deep domain expertise, familiarity with the codebase, and significant time.
Exploitation development: 1 to 4 weeks. Once a bug is found, the researcher develops a proof-of-concept exploit that demonstrates the vulnerability can be triggered and has security impact. For complex bugs like kernel vulnerabilities, this phase can take months.
Responsible disclosure: 1 to 7 days. The researcher reports the finding to the software vendor through established disclosure channels.
Patch development: 30 to 90 days. The vendor reproduces the bug, develops a fix, tests it across supported configurations, and prepares a security advisory. For operating system vendors, this involves coordination across multiple product teams.
Patch deployment: 7 to 30 days. Organizations evaluate the patch, test it in staging environments, schedule maintenance windows, and deploy to production.
Total timeline from discovery to broad protection: 4 to 12 months.
The AI-Compressed Vulnerability Lifecycle (2026)
Discovery phase: hours to days. An AI model scans the codebase, hypothesizes vulnerabilities, and verifies them through automated testing. Anthropic's researcher Nicholas Carlini reported finding more bugs in a few weeks than he had in his entire career. A $20,000 compute budget running for hours can produce results that previously required months of specialized human effort.
Exploitation development: minutes to hours. The same AI model that discovers the vulnerability can develop the exploit. Mythos produced 181 working exploits for Firefox 147. The model reasons about exploitation constraints, constructs payloads, and tests them iteratively until they work reliably.
Weaponization: near-instant. Once an exploit works, packaging it for use in an attack campaign is straightforward automation.
Total timeline from discovery to weaponization: hours to days.
The mismatch is clear. Attackers can now move from "no known vulnerability" to "working exploit" in hours. Defenders still need weeks to months to patch. The patch window has not just shrunk. For practical purposes, it has collapsed.
The Numbers That Prove This Is Real
This is not speculation. Multiple data sources confirm the acceleration.
CrowdStrike's 2026 Global Threat Report provides the most concrete attacker-side metrics:
- Average eCrime breakout time fell to 29 minutes, down sharply from 48 minutes a year earlier. CrowdStrike frames that as a 65% jump in how fast attackers move from initial access to lateral movement.
- AI-enabled adversary operations rose 89% year-over-year. This is not a gradual increase. It is an inflection.
- The fastest observed breakout was 27 seconds, and in one intrusion data exfiltration began within four minutes of initial access.
The Mythos disclosure provides capability metrics:
- Thousands of zero-day vulnerabilities discovered across major software.
- 181 working exploits in a single browser version (Firefox 147), compared to 2 from the previous model generation.
- Bugs discovered that survived 27 years of human review and automated testing.
- Every single Firefox bug tested was confirmed as a true positive by AddressSanitizer.
AISLE's independent research shows democratization metrics:
- 8 out of 8 small models detected Mythos's flagship exploit.
- Models as small as 3.6 billion parameters (costing $0.11 per million tokens) found the same bugs.
- The vulnerability discovery capability is not locked to a single frontier model.
When I was building identity infrastructure serving over a billion users at LoginRadius, we operated on the assumption that serious attacks required serious resources and significant lead time. That assumption was already weakening. Now it is broken.
The Economics of AI-Powered Attacks
The cost structure of vulnerability research has fundamentally shifted, and this matters enormously for threat modeling.
Traditional vulnerability research costs:
- Experienced security researcher salary: $200,000 to $400,000 per year.
- Typical output: 5 to 15 critical vulnerabilities per year.
- Cost per critical vulnerability: $20,000 to $80,000.
- Required expertise level: 5 to 10+ years of specialized experience.
AI-powered vulnerability research costs:
- Compute for a comprehensive scanning campaign: $5,000 to $20,000.
- Typical output: hundreds to thousands of vulnerabilities per campaign.
- Cost per vulnerability: $5 to $50.
- Required expertise level: the ability to set up a container and write a prompt.
This is a 1,000x cost reduction per vulnerability found. Unlike human researchers, AI models do not need vacations, do not get bored reviewing their fifteenth buffer overflow, and can run 24/7 across multiple codebases at once.
For organized cybercrime groups that already generate billions in annual revenue, $20,000 for a vulnerability discovery campaign that produces hundreds of exploitable bugs is not an investment. It is a rounding error. The return on AI-powered attack research is so favorable that every financially motivated threat actor will adopt it.
For context on what AI model costs look like at various scales, my AI tokens and pricing guide breaks down the economics in detail.
The CVE Flood Is Coming
The immediate consequence of AI-powered vulnerability discovery is a massive increase in CVE volume.
Project Glasswing's roughly dozen partners, including AWS, Apple, Cisco, CrowdStrike, Google, Microsoft, NVIDIA, Palo Alto Networks, and the Linux Foundation, are now scanning critical software with Mythos. Every vulnerability they find will eventually become a public CVE with a patch. This is the responsible, positive outcome of AI-powered discovery.
The volume will be unprecedented. Mythos found bugs in every major operating system and every major web browser. Even if 90% of the initial findings turn out to be duplicates or false positives (unlikely, given the Firefox true positive rate), the remaining 10% still represents a surge of high-severity CVEs that will overwhelm existing patch management processes.
Here is what security teams should expect:
Q2 to Q3 2026: the initial wave. Glasswing partners patch their own software first. Expect accelerated security update cycles from Microsoft, Apple, Google, and major Linux distributions. Update your patching process to handle 2 to 3x the normal volume of critical updates.
Q3 to Q4 2026: the open source wave. Vulnerabilities in open source dependencies take longer to patch because maintainer capacity is limited. Expect a lag between discovery and fix for non-critical-infrastructure open source projects. SCA tools will flag many more known vulnerabilities in your dependency tree.
2027 and beyond: the new normal. AI-powered scanning becomes part of the standard development and security workflow. CVE volume remains elevated permanently because AI finds bugs that humans never would have.
Why Your Patching Process Cannot Keep Up
Most enterprise patching processes were designed for a world where critical CVEs arrived a few at a time, with weeks of lead time between disclosure and active exploitation.
Here is where most organizations break:
Testing bottlenecks. Every patch needs testing before deployment to ensure it does not break existing functionality. When one critical patch arrives per week, the testing pipeline handles it. When ten arrive in the same week, the pipeline backs up.
Change management friction. Production deployments require change requests, approval chains, and maintenance windows. These processes were designed for predictability, not speed. When the threat requires 72-hour patching, a process that takes a week to approve a change is the bottleneck.
Dependency conflicts. Patches to shared libraries can break dependent applications. When multiple libraries need simultaneous updates, the testing matrix explodes combinatorially. AI-discovered vulnerabilities in foundational libraries (OpenSSL, glibc, zlib) trigger cascade updates that are difficult to sequence.
Staff capacity. Security teams are already stretched. The 2025 ISC2 Cybersecurity Workforce Gap estimate put the global shortage at over 4 million professionals. A 3x increase in critical CVE volume hits teams that are already understaffed.
Building a Speed-First Security Architecture
The solution is not incremental improvement to existing processes. It requires rearchitecting security operations around speed as the primary design constraint.
Tier 1: Automated Patching for Low-Risk Systems (Target: Same-Day)
For systems where the cost of a bad patch is lower than the cost of delayed patching, automate the entire cycle.
- Development and staging environments patch automatically upon CVE publication.
- Non-customer-facing internal tools patch with automated testing gates.
- Container images rebuild automatically when base images are updated.
- Serverless function runtimes update automatically.
This removes the lowest-risk, highest-volume patching from human workflows entirely.
Tier 2: Accelerated Patching for Standard Systems (Target: 72 Hours)
For production systems that need testing but are not the most critical:
- Pre-approved emergency change windows that security can invoke without full change management.
- Automated regression testing that runs immediately upon patch availability.
- Canary deployments that validate patches on a subset of production before full rollout.
- Rollback automation that reverts patches immediately if monitoring detects issues.
The key insight: testing gates should be automated, not manual. If a patch passes automated regression, it deploys. Human review happens after deployment, not before.
Tier 3: Coordinated Patching for Critical Systems (Target: 7 Days Max)
For crown jewel systems where a bad patch could cause greater damage than the vulnerability it fixes:
- Pre-built response playbooks with pre-authorized decisions.
- Compensating controls that mitigate risk while patches are tested.
- Dedicated testing environments that mirror production exactly.
- Executive escalation paths that bypass standard change management.
Even for the most critical systems, 7 days is the new ceiling. Anything longer leaves your most important assets exposed to attacks that can be developed in hours.
Compensating Controls for the Gap
No matter how fast your patching process, there will always be a gap between vulnerability disclosure and deployed patch. Compensating controls fill that gap:
Runtime Application Self-Protection (RASP). Monitors application behavior at runtime and blocks exploitation attempts, even for unknown vulnerabilities.
Web Application Firewalls (WAF) with virtual patching. Deploys rules that block specific exploit patterns before the underlying code is patched.
Network segmentation. Limits blast radius by preventing lateral movement even if a vulnerability is exploited. When I built security for billion-user infrastructure, network segmentation was the control that saved us during incidents more than any other.
Behavioral detection. Monitors for post-exploitation behavior (unusual process execution, unexpected network connections, privilege escalation) rather than trying to detect the exploit itself.
For building authentication systems that resist exploitation even when individual components have vulnerabilities, see my FIDO2 authentication implementation guide.
The Small Model Problem: Democratization of Attack Capability
The most concerning aspect of this timeline compression is not Mythos itself, which Anthropic is restricting to defensive use. It is the demonstrated capability of small, open, freely available models.
AISLE's independent research tested Mythos's showcase vulnerabilities on publicly available models. The results:
- A 3.6 billion parameter model costing $0.11 per million tokens detected the flagship FreeBSD exploit.
- A 5.1 billion parameter open model recovered the core analysis chain of the 27-year-old OpenBSD bug.
- On basic security reasoning tasks, small open models outperformed most frontier models from major labs.
This means vulnerability discovery capability is already available to anyone willing to put together a basic agentic pipeline. The infrastructure required is a container, a code checkout, and an API call to a small model. Total cost: under $100 for a scanning session.
The window between "responsible actors have this" and "everyone has this" is not years. It is months. Plan accordingly.
For a broader view of how AI model capabilities are evolving across the industry, including the rapid advancement of open models, see my analysis of AI's trajectory and future.
What This Means for Security Strategy
The collapse of the vulnerability lifecycle requires strategic, not just tactical, adaptation.
1. Accept that zero-day exposure is now persistent. The volume of undisclosed vulnerabilities in your infrastructure is much larger than you estimated. AI-powered discovery will surface them continuously. Plan for ongoing discovery, not periodic scanning.
2. Shift security investment from prevention to detection and response. You cannot patch faster than AI can find bugs. Invest in runtime protection, behavioral detection, and automated response that mitigates exploitation regardless of whether you have patched the specific vulnerability.
3. Reduce your attack surface aggressively. Every service you run, every library you include, every API you expose is now more likely to contain exploitable bugs than you previously assumed. Minimize surface area through service consolidation, dependency reduction, and aggressive decommissioning of unused systems.
4. Build relationships with your software vendors' security teams. When a critical CVE drops, the speed of your response depends partly on how quickly you get actionable information. Direct relationships with vendor security teams give you earlier warning and better guidance than waiting for public advisories.
5. Practice speed. Run tabletop exercises that simulate the new timeline. When a critical CVE drops at 2 AM and working exploits are circulating within 4 hours, what does your organization actually do? If you have not practiced, you will not be fast enough.
The vulnerability lifecycle has compressed from months to hours. Your security operations need to compress accordingly. The organizations that adapt their speed will survive the transition. Those that keep legacy processes built for a slower threat landscape will not.
To understand how the AI architecture patterns behind these agentic security tools work under the hood, that technical context will help your team evaluate which defensive tools are worth deploying.
Frequently Asked Questions
How fast can AI discover and exploit vulnerabilities now?
AI models like Claude Mythos can discover vulnerabilities and develop working exploits in hours to days, compared to the traditional 4 to 12 month timeline for human researchers. A $20,000 compute budget running for hours can replace months of specialized research.
What is eCrime breakout time?
eCrime breakout time measures how quickly attackers move from initial access to lateral movement within a network. CrowdStrike's 2026 Global Threat Report shows an average of 29 minutes, down from 48 minutes a year earlier, with the fastest observed at 27 seconds.
Can small AI models find the same vulnerabilities as Mythos?
Yes. Independent testing showed 8 out of 8 small models detected Mythos's flagship exploits, including models with just 3.6 billion parameters costing $0.11 per million tokens. Vulnerability discovery capability is becoming broadly available.
What is the CVE flood?
The CVE flood is the expected surge in publicly disclosed vulnerabilities as AI-powered scanning tools are used by more organizations. When AI finds bugs in every major OS and browser, the volume of CVEs that need patching will overwhelm traditional patch management processes.
How fast should enterprises patch critical vulnerabilities now?
The target should be under 72 hours for critical vulnerabilities on standard systems, same-day for automated patching of low-risk systems, and no more than 7 days for the most critical infrastructure. Anything longer exposes systems to AI-discovered exploits that can be weaponized in hours.
What compensating controls help during the patch gap?
Runtime Application Self-Protection (RASP), WAF with virtual patching, network segmentation, and behavioral detection all mitigate risk while patches are developed and deployed. Behavioral detection is particularly valuable because it catches exploitation regardless of the specific vulnerability used.
Get the newsletter
New writing on identity, AI security, and building software, delivered when it ships. No tracking pixels, no funnels, unsubscribe with one click.