90-DAY VULNERABILITY WINDOW OBSOLETE AS LLMS SPEED EXPLOITS
Large language models are collapsing the timeline between bug discovery and working exploits, making traditional 90-day disclosure policies ineffective. Security researcher Himanshu Anand argues critical vulnerabilities now require immediate patching.
Article URL: https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-vulnerability/ Comments URL: https://news.ycombi…
Himanshu Anand: The 90-day vulnerability disclosure policy is dead, as LLMs compress bug finding and exploit development…
Language models find security flaws faster and turn patches into working exploits in minutes. A veteran researcher says…
Criminal groups and state-linked actors appear to be using commercial models to refine and scale up attacks Business li…
For the first time, Google says it has spotted and stopped a zero-day exploit developed with AI. According to a report f…
Daniel Stenberg / daniel.haxx.se: curl founder Daniel Stenberg says Mythos identified five vulnerabilities in curl, but…
The Google Threat Intelligence Group said its proactive measures stopped a "mass exploitation event."