Adversaries from cybercrime gangs to nation-state cyberattack squads are fine-tuning weaponized AI with the goal of defeating new patches in 3 days or less. The quicker the attack, the more time to explore a victim’s network, exfiltrate data, install ransomware or set up reconnaissance that will last for months or years. Traditional, manual patching is now a liability, rendering enter organizations defenseless against weaponized AI attacks Threat actors are reverse engineering patches, and the speed at which they re doing it has been enhanced greatly by AI, Mike Riemer, SVP of Network Security Group and Field CISO at Ivanti told VentureBeat in a recent interview. They re able to reverse engineer a patch within 72 hours. So if I release a patch and a customer doesn t patch within 72 hours of that release, they re open to exploit. This isn t theoretical speculation. It s the hard reality forcing vendors to rearchitect their security infrastructure from the kernel up completely. Last week, Ivanti released Connect Secure (ICS) version 25.X, marking what Riemer calls tangible evidence of the company s commitment to meeting this threat head-on.At DEF CON 33 researchers from AmberWolf proved this threat real, demonstrating complete authentication bypasses in Zscaler, Netskope, and Check Point by exploiting vulnerabilities that existed for months, including Zscaler s failure to validate SAML assertions (CVE-2025-54982), Netskope’s credential-free OrgKey access, and Check Point’s hard-coded SFTP keys exposing tenant logs were all flaws left open and exploitable more than 16 months after initial disclosure.Why Kernel Security matters The kernel is the central orchestrator of everything that happens in a computing device, controlling memory, processes, and hardware. If an attacker compromises the kernel, they ve seized total control of a device that can scale to compromising an entire network. Any other security layer or application, platform or safeguard is immediately bypass

원문: Weaponized AI can dismantle patches in 72 hours — but Ivanti's kernel defense can help

출처: venturebeat.com