Artificial intelligence is reshaping cybersecurity—but unevenly. According to LessWrong security researcher Tristan Chauvin, AI systems like Mythôs Preview can now discover vulnerabilities at scale, something previous automation like fuzzing couldn't achieve broadly. The long-term outlook is reassuring: defenders will eventually catch nearly all vulnerabilities before release, especially once AI moves earlier into the software lifecycle. The short-term outlook is grim. AI vulnerability discovery exposes latent bugs in already-shipped systems. Patches trigger public disclosures; most users don't patch immediately. Legacy systems, IoT devices, abandoned projects, critical infrastructure—many won't be fixed for years, if at all. Expect acute vulnerability throughout 2026 and 2027. Simultaneously, AI is becoming dangerously skilled at exploit development. The window between discovering a vulnerability and weaponizing it has effectively closed. There's one bright spot: AI-generated proofs-of-concept will help maintainers validate bugs and organizations prioritize fixes. But offensively, the advantage is stark and immediate. Bottom line: a rough transition ahead, then defense prevails.

Listen to this story

Hear this and more stories in a personalized audio briefing.

Open The Chonkerton