Back Issues This Week → Calendar → Current Issue → Popular →

All issuesVolume 340, Issue 2IT NewsSecurity

From Zero-Day to Zero-Hour: How AI Compresses the Vulnerability Lifecycle

Deepak Gupta (guptadeepak.com), Thursday, July 9th, 2026

AI compresses vulnerability discovery-to-exploit from months to hours, collapsing the patch window for defenders.

The article argues AI has collapsed vulnerability discovery and exploitation timelines, cutting what took human researchers 4-12 months down to hours or days.

It cites CrowdStrike's 29-minute average breakout time, Claude Mythos discovering thousands of zero-days, and AI research costing $5-$50 per vulnerability versus $20,000-$80,000 for humans.

With the patch window effectively collapsed, the author recommends automated same-day patching for low-risk systems, 72-hour targets for standard ones, and compensating controls like RASP, WAF virtual patching, and segmentation.

Behavioral detection of post-exploitation activity is emphasized as discovery capability democratizes across smaller models.

more →  ·  More from Security →