Tune In: The Future of AI-Powered Vulnerability Discovery

BLOG Featured Recent Video Category Start Free Trial Tune In: The Future of AI-Powered Vulnerability Discovery The latest episode of the Adversary Universe podcast explores how AI is accelerating vulnerability research and the implications for defenders. May 01, 2026 | CrowdStrike | Threat Hunting & Intel AI is reshaping the future of vulnerability research. Advanced AI models are capable of discovering vulnerabilities at machine speed, far faster than organizations can patch them. The consequences for defenders are enormous — and the opportunities for adversaries are vast. In the latest episode of the Adversary Universe podcast, CrowdStrike’s Adam Meyers, SVP of Counter Adversary Operations, and Cristian Rodriguez, Field CTO of the Americas, unpack some of the most pressing questions facing security teams today: What does AI-powered vulnerability research mean for the future of security operations? How will adversaries use it to their advantage? Threat actors are already using AI in their operations: The CrowdStrike 2026 Global Threat Report revealed an 89% year-over-year increase in attacks by adversaries using AI. FANCY BEAR, FAMOUS CHOLLIMA, and PUNK SPIDER are among the prolific threat actors weaponizing AI in their operations, using it to craft more convincing phishing lures, automate social engineering, and improve the speed of malicious content. While core tradecraft remains human-driven, AI acts as a force multiplier, helping adversaries increase efficiency. A tool in the eCrime space uses AI to conduct voice phishing attacks, which can now be executed agentically.  As AI continues to rapidly mature and adversaries explore its use, the hosts explain, the pressure is on organizations to defend against their evolving tradecraft. Vulnerability discovery, exploitation, and patching are at the front and center of their concerns. And CrowdStrike is at the forefront of defense, as a founding member of Project Glasswing and participant in OpenAI’s Trusted Access for Cyber program. The Looming Vuln-pocalypse The most urgent topic discussed is the “vuln-pocalypse,” a term used to describe the projected massive influx of newly discovered vulnerabilities driven by AI-accelerated research.  “I’ve been saying since November, we’re looking at three to nine months until a massive influx of zero-day vulnerabilities,” Adam says in this episode. To explain why, he describes how vulnerabilities are traditionally found. One uses deep reverse engineering of the target to create an exploit. The other, more frequently used method of fuzzing involves putting random data into a program’s inputs until it crashes, then analyzing the results to see what is broken and potentially exploitable. AI can dramatically accelerate fuzzing by quickly triaging those results in far less time than a human could to find something useful. More than 48,000 new CVEs were published in 2025.1 If AI accelerates discovery by even 10x, Adam points out, defenders could be looking at nearly half a million vulnerabilities requiring attention in the coming years. “That’s going to mean significant trouble,” he notes. Why? Adversaries are eyeing zero-days and weaponizing vulnerabilities at greater speed. In 2025, CrowdStrike Counter Adversary Operations observed a 42% year-over-year increase in the number of zero-days exploited prior to public disclosure, the 2026 Global Threat Report found. Chinese adversaries demonstrated they can consistently operationalize publicly disclosed exploits within days of the vulnerability’s release — in some cases, within two days.  Not an “End of the World” Situation While organizations are rightfully concerned about the rise in vulnerabilities, Adam and Cristian shared some key defensive takeaways to help them approach it.  Patching Prioritization There are two ways organizations typically prioritize patching. The first is prevalence, or how much of that vulnerability is in their environment. The second is severity, typically determined by CVSS score. This system breaks down when adversaries chain multiple vulnerabilities together. While they may appear low-priority in isolation, together they can open a door.  Organizations must be more thoughtful in what they’re patching, how they’re patching, and when. Adam’s guidance is to patch based on what is actively being exploited in the wild; he references CISA’s Known Exploited Vulnerabilities catalog, which shares the vulnerabilities CISA is aware of being exploited on a weekly basis. Security teams don’t have to patch every vulnerability — they have to patch the vulnerabilities that present the greatest threat.  Zero Days Are Just the Beginning Zero-days are alarming, but they’re not the catastrophe many assume they are. Even if an adversary uses a zero-day to gain access, Adam explains, they still need to do something with their access — move laterally, escalate privileges, identify targets, exfiltrate data. All of this post-exploitation activity is observable. If the adversary can be caught, they can be stopped. These observations contribute to CrowdStrike’s “community immunity,” Cristian says. “Every time an adversary burns through some new type of tradecraft, we’re crowdsourcing that telemetry.” All of this high-fidelity telemetry can then be used to identify that behavior in the future. AI in the Defender’s Toolbox Below are some of the ways defenders can incorporate AI into their security posture: Agentic red teaming: Continuous red-team exercises can surface vulnerabilities in the environment before adversaries find them. AI vulnerability scanning: Use AI to proactively identify vulnerabilities in the development pipeline. Organizations are also advised to stay current on agentic AI news to understand this constantly evolving space and prepare their environments. Check out the full Adversary Universe podcast episode below or tune in on Spotify and Apple Podcasts. Additional Resources Dive deeper into topics like this at Fal.Con 2026 with expert-led sessions, hands-on training, and real-world insights. Learn more about how CrowdStrike is securing AI in this blog: Frontier AI Is Collapsing the Exploit Window. Here’s How Defenders Must Respond. 1 2026 VulnCheck Exploit Intelligence Report Tweet Share CrowdStrike 2026 Global Threat Report AI threats have reached a critical turning point. Access the definitive look at the cyber threat landscape. Download Related Content Defending Against CORDIAL SPIDER and SNARKY SPIDER with Falcon Shield STARDUST CHOLLIMA Likely Compromises Axios npm Package Tycoon2FA Phishing-as-a-Service Platform Persists Following Takedown CATEGORIES Agentic SOC 50 Cloud & Application Security 143 Data Protection 22 Endpoint Security & XDR 353 Engineering & Tech 86 Executive Viewpoint 180 Exposure Management 118 From The Front Lines 203 Next-Gen Identity Security 68 Next-Gen SIEM & Log Management 113 Public Sector 42 Securing AI 29 Threat Hunting & Intel 214 CONNECT WITH US FEATURED ARTICLES April 30, 2026 April 22, 2026 April 22, 2026 April 21, 2026 SUBSCRIBE Sign up now to receive the latest notifications and updates from CrowdStrike. Sign Up Defending Against CORDIAL SPIDER and SNARKY SPIDER with Falcon Shield Copyright © 2026 CrowdStrike Privacy Request Info Blog Contact Us 1.888.512.8906 Accessibility ABOUT COOKIES ON THIS SITE In order to provide you with the most relevant content and best browser experience, we use cookies to remember and store information about how you use our website. See how we use this information in our Privacy Notice and more information about cookies in our Cookie Notice. Privacy Preference Center Privacy Preference Center Your Privacy Strictly Necessary Cookies Performance Cookies Functional Cookies Targeting Cookies Your Privacy When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences, or your device, and is mostly used to make the site work as you expect. The information does not usually identify you directly, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to learn more and change our default settings. Blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information Strictly Necessary Cookies Always Active These cookies are necessary for the website to function and cannot be switched off in our systems. They may be set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies may process limited personal information, such as technical or device identifiers, where necessary to ensure the security, functionality, and integrity of the website or web portal. Such processing is strictly limited to what is required for these purposes and is not used for advertising or marketing. Cookies Details Performance Cookies Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore does not identify you. If you do not allow these cookies, your visit to our website will not be included in our analytics, and our ability to monitor website performance and make improvements will be reduced. Cookies Details Functional Cookies Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. Cookies Details Targeting Cookies Targeting Cookies These cookies may be set on our site by our advertising partners. They assign a unique identifier to your browser or device and may track your activity across sites to build a profile of your interests and show you relevant adverts on other sites. If you do not allow these cookies, you will still see ads, but they may be less relevant to you. Cookies Details Cookie List Consent Leg.Interest checkbox label label checkbox label label checkbox label label Clear checkbox label label Apply Cancel Confirm My Choices Allow All