3 items
Google's criminal AI zero-day confirms the new attack topology: AI compressed bug discovery to near-zero cost, but the attacker still needed credentials and the patch cycle still ran in days. The asymmetric trade sits in IAM hardening and patch-velocity infrastructure. The AI-security pure-plays are already priced for the headline; the credential layer is what actually moved.
AI compressed vulnerability discovery to near-zero cost; credentialed access remained the second gate. Google's disclosure of the first criminal AI-enabled zero-day is the empirical confirmation that the offense-side binding constraint has shifted from bug-finding to credential acquisition, which re-rates the IAM stack more cleanly than the AI-security pure-plays. Rob Joyce's "fingerprint at the crime scene" line points to a parallel category in forensic AI-authorship detection that remains structurally unfilled.
Coordinated disclosure was an information-containment regime, and containment fails when discovery diffuses. Eleven independent researchers landed the same critical bug in six weeks; Copy Fail took roughly an hour of AI-assisted scanning to find; Dirty Frag's embargo collapsed within hours via unrelated rediscovery, with Microsoft Defender confirming in-the-wild exploitation a day later. The offense side has integrated LLMs into exploit pipelines. The defense and policy layer largely has not, and that asymmetry is the actual risk — CVE feeds are now lagging artifacts, and patch-diff intelligence is the signal that matters.
