Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

News > Attacks & Threats > AI-Assisted Exploit Development Outpaces Scanner Detection

AI-Assisted Exploit Development Outpaces Scanner Detection

Attackers are using AI to dramatically reduce the time they need to develop a working exploit for a CVE, according to new research.
3 Jun 2026
Written by Gabi Gerber
Attacks & Threats

Featured

Security Operation Center, Hacking Topics, Artificial Intelligence

Attackers have reduced the time to develop an exploit for a known vulnerability from 125 days to a mere half a day, thanks to the use of AI-assisted development, leaving vulnerability scanners struggling to keep pace, new research has found.

Cogent Research analyzed 69,159 common vulnerabilities and exposures (CVEs) and found that in January 2025, attackers needed 125.3 days to develop a method for exploiting them, according to a report published today. By April 2026, threat actors reduced that time to just 0.5 days by using AI, thus creating significant visibility gaps for security teams during the highest-risk periods following vulnerability disclosure, according to Cogent. More here

Similar Stories

Attacks & Threats

Novo Nordisk Breach Highlights Software Development Pipeline Risk

A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem rather than an identity problem. More...
Fileless Phantom Stealer Targets Browser Credentials

In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques d… More...
Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet

The disgruntled researcher released yet another PoC for a Windows Defender bug that allows for system takeover, showing … More...
Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address

“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's bei… More...
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat

AI worms, or "viruses with wings and brains," adapt to new environments, seek out vulnerabilities, and will likely strik… More...

Have your say

 

News Categories

Attacks & Threats

Novo Nordisk Breach Highlights Software Development Pipeline Risk

A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem rather than an identity problem. More...
Fileless Phantom Stealer Targets Browser Credentials

In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques d… More...
Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet

The disgruntled researcher released yet another PoC for a Windows Defender bug that allows for system takeover, showing … More...
Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address

“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's bei… More...
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat

AI worms, or "viruses with wings and brains," adapt to new environments, seek out vulnerabilities, and will likely strik… More...

Show more
image

Contact Us

Security Interest Group Switzerland
c/o Bridge Head AG
Sulzbergstrasse 34
5430 Wettingen
Switzerland

Quick Links

Terms
Contact Us
Privacy Policy
Newsletter

Follow Us

This website is powered by
ToucanTech