Skip to content
Suril Desai
|
July 15, 2026

AI-assisted vulnerability exploits and deception-based defense

Frontier AI models, such as Anthropic Claude Mythos, are finding and exploiting vulnerabilities at scale. Exploits that involve the use of AI for identification and exploitation of vulnerabilities are known as AI-assisted vulnerability exploits.

Risks associated with AI-assisted vulnerability exploits

AI-assisted vulnerability exploits differ from human-driven exploits in two fundamental ways:

  • Volume of vulnerabilities: Frontier AI models are able to find and exploit vulnerabilities at a rate that significantly exceeds human-driven exploits and also exceeds previous generation AI models.
  • Zero days: a key advance in Frontier AI models is the ability to find and exploit zero days, in both open and closed source software. The AI models are demonstrating advanced reasoning capabilities that analyze source code in open source to find zero day exploits. A recent example is the zero day in the OpenBSD kernel found by Anthropic Claude Mythos.

Why patching is not a sufficient defense

Application of patches has been the traditional defensive countermeasure for vulnerability exploits. While patch application continues to be a necessary step, the shift to AI-assisted vulnerability exploits increases the risk exposure and defensive teams need measures beyond patching.

The process of patch application is often time-consuming. Once a patch is available, defense teams need to assess the systems to which the patch is to be applied and typically undergo a period of verification to ensure the patch application process does not introduce stability issues or result in compatibility challenges. This time window now greatly exceeds the time between vulnerability identification and exploitation.

Frontier AI models autonomously probe a target system to find an associated vulnerability, execute the exploit sequence. Defenders are faced with the impossible task of ensuring all target systems are kept patched all the time, essentially an undertaking that cannot be achieved in a comprehensive manner. The process of patch application has traditionally lagged vulnerability identification and exploits, with AI-assisted vulnerability exploits, this gap has grown exponentially, shifting the balance in favor of the attacker.

Zero days introduce a problem dimension that has associated complexity of a higher order of magnitude. By definition, zero days represent previously unknown vulnerabilities. As a result, when a new zero day is identified and exploited, the very nature of a zero day implies that there is no patch available for the defender to deploy.

The convoy effect: why CSA and SANS are recommending deception as a necessary security control

Security is based on principles of layered defense. Defense teams need to pick layers that are non-overlapping, ensuring gaps in one layer would be compensated through the additional layers.

As the exploitable attack surface exposure widens with AI-assisted vulnerability exploits, defense teams need to deploy controls beyond patch application.
The Cloud Security Alliance (CSA) and SANS have published a comprehensive advisory for security teams to organize their defensive strategy to combat AI-assisted vulnerability exploits, including from Mythos-class AI models. They recommend deception as a necessary security control, advising security teams to deploy deception within a 90-day time window.

The advisory highlights the role of deception as being independent of vulnerability exploit techniques and attack TTPs. As Frontier AI models evolve novel vulnerabilities and exploit zero days, it is essential to deploy controls that are effective against these evolving exploit techniques.

Defense teams can deploy a strategy that involves identification of high-value assets and placing decoys that serve as a defensive shield around the assets. The decoys create alternate pathways for exploitation, misleading the exploits away from real assets and minimizing the attack disruption from AI-assisted vulnerability exploits. This strategy has an added advantage of continuing to be effective as new exploit techniques emerge, as the approach is not dependent on a priori knowledge of the exploit technique. The strategy has parallels to the “convoy effect” in military parlance, where a primary target is surrounded by specialized vehicles driven in close proximity to the actual target.

Example: shielding a database server using deception

Consider an attack scenario that involves an AI-assisted vulnerability exploit. The objective of the exploit is to gain access to sensitive data that is stored in a database server.

The exploit sequence begins with an enumeration step to find the high-value assets, the database servers. The exploit involves probing the database version and metadata to generate a vulnerability exploit.

The defender has anticipated this exploit and deployed decoys in the environment. The decoy is set with characteristics that make it realistic and is also made attractive for attackers.

The decoy database server surfaced early in the enumeration sequence. The AI-assisted vulnerability exploit is performed against the decoy, resulting in an immediate detection and triggering automated response actions. The decoy serves misleading information to the attacker, providing pathways to additional targets that are also deceptive and leading to wastage of the resources for the exploit.

Acalvio, the Ultimate Preemptive Cybersecurity Solution.