“We estimate only three to five months remain before AI-driven exploitation becomes the new normal.”
Palo Alto Networks is reporting a sharp rise in AI-driven cybersecurity activity after testing new frontier models, including Anthropic’s Claude Mythos and OpenAI’s GPT-5.5 Cyber tools, in real-world security environments.
The cybersecurity company says its internal testing showed a dramatic jump in vulnerability detection after deploying advanced AI systems. In one instance, AI tools identified about 75 vulnerabilities across Palo Alto products in a single month, a figure described as several times higher than its usual monthly discovery rate.
The shift is being linked to next-generation AI models designed for security research and cyber defense. These include Anthropic’s Mythos and OpenAI’s GPT-5.5 Cyber, which are being used by select enterprise partners under controlled environments.
Palo Alto Networks executives describe the results as a major turning point in how software vulnerabilities are found and handled. The company says these AI systems are not only detecting individual flaws but also mapping how multiple weaknesses can connect into larger attack paths. That ability is what is raising concern in the cybersecurity industry.
The report notes that AI tools are becoming capable of accelerating vulnerability discovery at a pace that traditional security teams struggle to match. This includes identifying hidden flaws in large software systems and flagging issues that may have gone unnoticed for years.
However, the company also emphasizes that human expertise remains essential. Security researchers are still needed to validate findings, filter false positives, and guide how AI-generated insights are applied in real environments.
Palo Alto’s leadership highlights that AI in cybersecurity is not operating independently. Instead, it is functioning as an advanced assistant that works alongside human engineers rather than replacing them. The company is also warning that attackers may soon gain access to similar tools.
Internal projections referenced in the report suggest that within a few months, AI-powered vulnerability exploitation could become widely accessible to cybercriminal groups. This is based on the rapid progress seen in controlled testing environments.
The concern is not just about faster hacking attempts. It is about scale. AI systems can run thousands of simulations, scan large codebases, and test exploit combinations far faster than manual human teams.
That speed difference is what cybersecurity experts are focusing on. Companies like Palo Alto are using AI defensively at the same time. These tools are being integrated into security platforms to detect threats earlier in the software development process, before vulnerabilities reach production systems. In some internal tests, AI systems have been used to scan multiple products at once, significantly increasing the number of detected flaws compared to traditional methods.
Industry analysts say this marks a shift in cybersecurity strategy. Instead of reacting to threats after they appear, companies are now trying to prevent them at the coding stage using AI-driven scanning systems. The introduction of models like Mythos and GPT-5.5 Cyber is also changing expectations around vulnerability discovery. These systems are trained to understand complex code structures and simulate how attackers might chain weaknesses together.
That capability is becoming a double-edged development. On one side, it strengthens defensive security systems by exposing weaknesses earlier. On the other side, it raises concerns that the same capabilities could be used by malicious actors if the tools become widely available. Access to these frontier models is currently limited to selected technology partners, including major cybersecurity and cloud companies. This controlled access is part of efforts to reduce misuse risk while still enabling research and defense improvements.
Palo Alto Networks says the industry is entering a phase where AI is no longer optional in cybersecurity. Security systems are now being redesigned to include AI at every stage, from code development to network monitoring and threat response. The company also notes that traditional security workflows may no longer be sufficient on their own, given the speed at which AI can uncover vulnerabilities. Even with these concerns, Palo Alto maintains that AI is a necessary evolution in cybersecurity defense.
The bigger shift is becoming clearer across the industry. Cybersecurity is moving from manual detection and reactive patching into an AI-driven environment where machines continuously scan, simulate, and predict attacks in real time.
The report closes on a cautionary tone from industry leaders who believe the next few months will be critical in determining how both defenders and attackers adapt to AI-powered cyber capabilities. The race between AI-driven defense systems and AI-assisted attacks is now accelerating, and companies are preparing for a security landscape that may change faster than traditional systems can respond.
