We built a vulnerability vending machine: AI tokens in, zero-days out

We built a vulnerability vending machine: AI tokens in, zero-days out
Intruder shows how current AI models can be combined with code-scanning frameworks like Joern to find real, exploitable vulnerabilities in production software, rather than just theoretical weaknesses. The team fully automated discovery and exploitation of a remote, multi-stage SQL injection zero-day in the Creative Mail WordPress plugin, affecting sites that also run WooCommerce. #Intruder #Joern #CreativeMail #WooCommerce #CVE-2026-3985

Keypoints

  • AI is being used today to find real vulnerabilities, not just hypothetical ones.
  • Large codebases create too much noise for direct LLM analysis.
  • Joern is used to generate focused code slices for triage.
  • The pipeline automatically moved from finding a bug to producing an exploit.
  • The first discovered issue was CVE-2026-3985 in Creative Mail.

Read More: https://www.bleepingcomputer.com/news/security/we-built-a-vulnerability-vending-machine-ai-tokens-in-zero-days-out/