AI‑Driven Vulnerability Research Accelerates Exploit Timelines, Raising TPRM Concerns
What Happened — Recorded Future’s 2025 analysis shows that AI tools are speeding up vulnerability research and exploit‑path analysis, shrinking the window between vulnerability disclosure and active exploitation. While the total disclosed CVEs have more than doubled since 2021, only ~0.9 % (446 of ≈ 50 k) are known to be exploited in the wild, but the median time‑to‑exploit is now measured in hours for many high‑impact flaws.
Why It Matters for TPRM —
- Faster exploit development compresses remediation cycles, increasing third‑party exposure risk.
- Legacy or slow‑patching vendors become attractive targets, amplifying supply‑chain risk.
- AI‑assisted scanning can surface previously unknown weaknesses in vendor products, demanding more rigorous validation.
Who Is Affected — All sectors that rely on third‑party software, especially technology/SaaS, financial services, healthcare/EHR, and critical infrastructure providers.
Recommended Actions —
- Re‑evaluate vendor patch‑management SLAs and enforce accelerated timelines for critical CVEs.
- Incorporate AI‑enhanced vulnerability scoring (e.g., CVSS + exploitability metrics) into vendor risk assessments.
- Prioritize continuous monitoring of KEV (Known Exploited Vulnerabilities) feeds for any vendor‑supplied components.
Technical Notes — The trend is driven by AI‑assisted vulnerability discovery, exploit‑path generation, and malware code synthesis. No specific CVE is cited, but the overall “Vulnerability‑to‑Exploit Ratio” has dropped, with ~29 % of KEVs exploited on or before public disclosure in 2025. Source: Recorded Future – AI Hype vs. Reality