Blog

A computer screen showing code editor with an AI actions menu, highlighting the "Find Problems" option, against blurred programming code in the background.
Artificial Intelligence (AI) IT Security Managed IT Services

The Patch Window Closed: What AI-Accelerated Exploits Actually Mean for Your Business

There used to be a grace period.

A software vendor would disclose a flaw. Security researchers would pick it apart. Somewhere between two weeks and two months later, someone would publish working exploit code, and the attacks would start. That gap was not a formal protection. Nobody designed it. It was just an accident of how hard the work was. Turning a vulnerability advisory into a reliable, repeatable attack took a scarce skill set and a lot of patient hours.

That gap is what your monthly patch cycle was built around. It is what your annual penetration test was built around. It is what most small business IT has quietly depended on for twenty years, whether anyone said it out loud or not.

The gap is closing. In some cases it has already inverted. And the honest reason is not that attackers got smarter. It is that the expensive part of their work got cheap.

I want to walk through what actually changed, what the verified data says, and what I think a small business owner in Central Florida should reasonably do about it. I also want to be clear about what has not changed, because there is a lot of noise in this space right now and most of it is being sold to you.

What exploit development actually involves

To understand why AI matters here, it helps to know what the work looks like.

Finding a usable exploit is really three jobs. First, you find the flaw: a place where the software does something its authors did not intend. Second, you prove the flaw is reachable, meaning you can actually get to it from outside, through whatever layers sit in front of it. Third, you build something reliable, because an exploit that works one time in twenty is a research curiosity, not a weapon.

Each of those steps used to be slow. Step one meant reading a lot of code or throwing malformed data at software for weeks and watching what crashed. Step two meant deep familiarity with the specific product. Step three meant iteration, and iteration meant time.

Large language models are unevenly good at this work, and the unevenness is the interesting part. They are not magic. They are not reliably better than a skilled human researcher. But they are very good at exactly the parts that used to be the bottleneck: reading enormous amounts of unfamiliar code quickly, understanding what a developer intended versus what the developer actually wrote, and generating and testing variations at a pace no human can match.

Google’s Threat Intelligence Group made this point concretely in a report published in May 2026. They analyzed a zero-day exploit they believe was developed with AI assistance, targeting a two-factor authentication bypass in an open-source system administration tool. The flaw was not a memory corruption bug of the sort that automated fuzzing tools are built to find. It was a logic flaw. A developer had hardcoded a trust assumption, and the authentication check had a quiet exception baked into it. Google’s assessment was that traditional scanners are optimized to find crashes and are not good at this category of problem, while current models are increasingly capable of reading developer intent and spotting the contradiction.

That is the shift, stated plainly. AI is not replacing the researcher. It is removing the wait.

 

What the data actually shows

I do not use statistics I cannot trace to a primary source, so here is what is verifiable as of mid-2026.

Verizon published the 19th edition of its Data Breach Investigations Report in May 2026, covering incidents from 2025. The headline finding: nearly a third of all breaches, 31 percent, now start with vulnerability exploitation. That is the first time in the report’s nineteen-year history that exploiting a flaw has surpassed stolen credentials as the top initial entry point. Credential abuse as a single vector dropped to 13 percent. The report was compiled from more than 31,000 analyzed incidents.

Google’s Threat Intelligence Group tracked 90 zero-day vulnerabilities exploited in the wild during 2025. Of those, 43, or 48 percent, targeted enterprise technology rather than consumer products. That is an all-time high for enterprise share. About half of those enterprise zero-days were in security and networking appliances: the firewalls, VPN concentrators, and edge devices sitting at the perimeter of ordinary business networks.

In the same May 2026 report, Google described state-linked groups running AI-assisted vulnerability research at a scale that would not be manageable by hand. One group was observed sending thousands of repetitive prompts that recursively analyzed different CVEs and validated proof-of-concept exploits. Another set of actors was experimenting with a knowledge base of more than 85,000 real-world vulnerability cases, wired into a model so it would approach code review the way a seasoned bug hunter does rather than the way a generic assistant does.

Verizon’s 2026 report also included analysis done with Anthropic’s safeguards team, looking at 793 threat actors flagged for misusing AI tools between March 2025 and February 2026. The finding that matters most is the least dramatic one: the median threat actor used AI assistance across roughly 15 distinct known attack techniques. They were not inventing new categories of attack. They were doing the same things faster and at greater volume. Of the AI-assisted initial access activity specifically, 44 percent mapped to phishing and 32 percent mapped to exploiting vulnerabilities.

I want to sit on that finding for a second, because it cuts against the marketing. AI is a force multiplier on known craft. It is not a new species of threat. The attacks landing on small businesses in 2026 are the same attacks that were landing in 2022. There are simply more of them, they arrive sooner, and more people are capable of launching them.

Why this hits small businesses harder than it hits large ones

Large organizations have a patch team. You have a Tuesday.

That sounds glib, but it is the actual asymmetry. When the window between disclosure and exploitation was six weeks, a twenty-person dental practice with a good IT provider and a monthly maintenance window was fine. Not perfect, but fine. The math worked. When the window is measured in days or hours, the same practice with the same monthly window is exposed for the entire interval, every single time, without anyone doing anything wrong.

Three things make this worse for small operations specifically.

You are not targeted. You are scanned. Mass exploitation campaigns do not care who you are. When a flaw in a widely deployed firewall becomes exploitable, the entire internet gets swept within hours. A five-person law office in Lake Mary and a hospital system in Orlando are the same to an automated scanner. Nobody picked you. You just answered the door.

The vulnerable gear is your perimeter gear. Your firewall, your VPN appliance, your network-attached storage, your remote access setup. Google’s report notes something defenders often miss: most edge devices cannot run endpoint detection software. There is nowhere to install the agent. That creates a blind spot precisely where the most exploitation is happening. Attackers know this, which is exactly why they go there.

Patching is getting worse, not better, while exploitation gets faster. According to the 2026 DBIR data, only 26 percent of vulnerabilities on CISA’s Known Exploited Vulnerabilities list were fully remediated during 2025. That is down from 38 percent the year before. The list of flaws confirmed to be under active attack is the shortest, highest-priority list in the industry, and organizations are getting through fewer of them than they were a year ago. Meanwhile the median number of critical flaws requiring a patch went up by half.

I spent years in environments where a security mistake simply was not an option, and the discipline in those places was never about having better tools than everyone else. It was about honestly knowing what you had, what was exposed, and how fast you could react when something went wrong. That is the part that scales down to a twenty-person business. The tooling does not have to be exotic. The honesty does.

The same capability is on our side

Here is the part that does not get written about enough, because fear gets more clicks.

Everything that makes AI good at finding flaws for attackers makes it good at finding flaws for defenders. And unlike the attackers, defenders can act on the flaw before anyone gets hurt.

Google runs an AI agent called Big Sleep, built jointly by DeepMind and Project Zero, that hunts for unknown vulnerabilities in software. In 2025 it found a critical flaw in SQLite, a database engine embedded in an enormous amount of software you use without knowing it. Google’s account is that the flaw was known only to threat actors at the time and was about to be used. They fixed it first. Google described it as the first time an AI agent directly foiled an attempt to exploit a vulnerability in the wild.

Google also has an agent called CodeMender that does the other half of the job: it writes the fix, validates that the fix does not break anything, and hands it to a human for review. As of late 2025, it had contributed 72 security fixes to open-source projects, some spanning millions of lines of code.

Then there is DARPA’s AI Cyber Challenge, which concluded at DEF CON in August 2025 after two years. Seven finalist teams built fully autonomous systems that had to find and patch vulnerabilities in real infrastructure software with no human in the loop. Across 54 million lines of code, the systems found 54 unique planted vulnerabilities and successfully patched 43 of them. They also turned up 18 real, previously unknown vulnerabilities that were responsibly disclosed to the projects. DARPA’s number that stuck with me was the cost: roughly $152 per task, in a market where a single bug bounty can run into six figures. The winning systems were released as open source.

You will never touch any of this directly. That is the point. It runs upstream of you, inside the vendors whose software you depend on, quietly removing flaws before they ever reach an advisory. It is the closest thing to good news in this story, and it is real.

Closer to the ground, the same class of capability is what makes modern detection and response workable at small-business scale. The reason a twenty-person practice can now have monitoring that catches an intrusion at 2:00 AM on a Saturday is that the triage work no longer requires a room full of analysts. That is not a sales pitch. It is just the economics changing in a direction that happens to favor small operations for once.

What I would actually do about it

Nothing on this list is new. That is deliberate. The fundamentals did not change; the timelines did.

Know what you own. You cannot patch what you do not know is there. Every business I have assessed has something on the network nobody remembers installing. Start with the internet-facing gear, because that is where the exploitation is.

Shrink what is exposed. Ask one question about every service reachable from the outside: does this need to be? Old remote access setups, forgotten firewall rules, admin interfaces published to the internet, and end-of-life hardware that stopped getting patches years ago. Turning things off is free and it is the highest-leverage move available to a small business.

Change the cadence, not the strategy. Patching is not obsolete. Monthly patching is. Critical flaws on internet-facing systems need to be handled in days, not at the next convenient window.

Assume the window is zero. If you accept that something may get exploited before a patch exists, the question becomes what happens next. Multifactor authentication everywhere. Network segmentation so one compromised machine is not the whole practice. Least privilege so a foothold is not a takeover. These controls do not care whether the attacker used AI.

Get detection that can actually act. When breakout time is measured in minutes, alerting a human who reads email on Monday is not a control. Monitoring has to be continuous and it has to be able to isolate a machine on its own.

Test your backups by restoring them. Not by looking at a green checkmark. Ransomware was involved in 48 percent of confirmed breaches in the 2026 DBIR dataset, up from 44 percent the year before. A backup you have never restored is a theory.

Look at your vendors. Third-party involvement showed up in a large and growing share of breaches. You can do everything right and get compromised through someone with access to your systems.

The honest summary

Attackers got faster because the expensive part of their work got cheap. Defenders got a version of the same gift, and it is already paying off upstream in the software everyone runs. Neither side has been handed a magic weapon. What has been handed to both sides is speed.

The businesses that get hurt in this environment are not the ones that failed to buy an AI security product. They are the ones that were already running on a grace period that quietly expired. If your security posture assumed you had six weeks and you actually have six hours, that gap does not announce itself. It just sits there until something finds it.

If you are not sure which side of that line you are on, that is a reasonable thing to want an answer to, and it is not a hard answer to get. An honest look at what you have, what is exposed, and how fast you would know if something went wrong takes a conversation, not a project.

If you want to have that conversation, we are local and we are happy to talk it through. Call us at (407) 720-6540.