AI-driven vulnerability discovery finds and exploits a WordPress plugin zero-day
Source headline: We built a vulnerability vending machine: AI tokens in, zero-days out
Intelligence Summary
An AI system described by Intruder combines code slicing with LLMs to automate vulnerability hunting. The company claims the workflow located and exploited a previously unknown WordPress plugin flaw. Additional findings are reportedly in progress under responsible disclosure. If real, the approach can reduce the time from bug discovery to weaponizable proof-of-concept. WordPress site operators should ensure their plugin inventory is current and monitor vendor advisories closely.
Recommended Action
Review affected assets, schedule urgent remediation, and monitor related indicators.