Cybersecurity is entering a new phase characterised by the widespread adoption of artificial intelligence in both offensive and defensive operations. For decades, the sector had operated under relatively stable rules: discovering vulnerabilities was a slow process, developing exploits required time and specialist knowledge, and companies had sufficient time to fix bugs before they were widely exploited. This model, however, is changing rapidly.

A recent report from Google shows the extent to which AI is transforming the cybersecurity landscape. According to the document, a criminal entity has been identified for the first time as using artificial intelligence to exploit a zero-day vulnerability capable of bypassing two-factor authentication systems in a popular web management tool. What is most significant is not just the specific attack, but the fact that AI is already being used in a practical and industrialised manner to accelerate offensive processes that previously required weeks or months of human labour.

The report also highlights the increased use of AI by groups linked to China and North Korea. These organisations are already using advanced models to identify vulnerabilities, generate exploits, and automate reconnaissance tasks on potential targets. At the same time, tools and semi-autonomous malware capable of executing entire processes with minimal human intervention are beginning to emerge. Platforms such as OpenClaw Github exemplify this new trend towards systems capable of orchestrating complex offensive operations in an automated manner.

This development implies a radical acceleration of the cybersecurity cycle. Previously, once a critical vulnerability was discovered, attackers needed time to understand it, create a functional exploit and adapt it to real-world environments. Now, AI can reduce this process to hours or even minutes. This eliminates much of the leeway that manufacturers and security teams traditionally had to deploy patches and protective measures.

The change particularly affects the classic model of “responsible disclosure” of vulnerabilities. This system was based on giving manufacturers a period of approximately 90 days before making public a vulnerability discovered by researchers. The model assumed that discovering vulnerabilities was difficult and that it would take attackers time to develop exploitation tools. Today, these assumptions are becoming obsolete.

Several security experts, including security researcher Himanshu Anand, warn that artificial intelligence has completely disrupted these timelines. According to this view, it can no longer be assumed that a researcher is the only one to have discovered a security flaw, because multiple automated systems can identify the same vulnerability simultaneously. Nor can we expect attackers to take weeks to develop exploits after a patch has been released. Current models are capable of generating proof-of-concepts and adapting malicious code almost in real time.

Therefore, the new reality demands a much faster response. Critical vulnerabilities are now treated as top priorities from the very outset. Companies can no longer wait for the next development cycle or the next sprint to apply fixes. Security teams need constant monitoring, immediate response capabilities, and automated tools capable of detecting and fixing threats in real time.

This scenario is also transforming the way software is developed. It will become increasingly difficult to imagine large applications or infrastructures being deployed without exhaustive reviews carried out by advanced artificial intelligence systems. What was seen as a limitation just a year ago – false positives and the “hallucinations” of large language models – is rapidly evolving into the opposite problem: tools that are efficient enough to uncover vulnerabilities that previously went unnoticed by human teams.

The result is a genuine digital arms race. Both attackers and defenders are using increasingly sophisticated AI to gain the upper hand. Organisations wishing to maintain high levels of protection will need to invest in advanced agents, automated analytics platforms, and AI-based detection systems. This will entail significant costs and further increase technological dependence on major AI platforms.

Ultimately, cybersecurity is entering a phase of rapid transformation. Artificial intelligence is no longer merely a supporting tool, but the centrepiece of a new model of digital defence and attack. The debate has shifted very rapidly from questioning whether AI was reliable enough to assuming that it is powerful enough to completely overhaul the traditional rules of IT security.

_____

Aquest apunt en català / Esta entrada en español / Post en français