Show thread⠠⠵ avukoMay 18

@LukaszOlejnik

Welcome to the #vulnslopalypse!*

*) yes, I insist on calling it that, out of spite about #vulnpocalypse”.

https://infosec.exchange/@avuko/116420235772507395

cjeMay 4

"AI has also given people who have absolutely no idea what they're doing the ability to ascend the "Mount Stupid" section of the Dunning-Kruger curve in record time, and substantially lowered the barrier to entry for this particular behavior, which nets out to more people submitting more things. This isn't a linear problem, it's actually a compound one."

https://cje.io/2026/05/04/thoughts-on-the-slopdemic/

#vulnpocalypse #slopdemic #flameswelcome

Thoughts on the #slopdemic

Move over #vulnpocalypse — there's a new term we need to talk about: the #slopdemic. AI didn't invent low-quality vuln reports, but it just turbocharged them, and F/OSS is drowning.

caseyjohnellis
GuyApr 20

The #Vulnpocalypse is gonna get real with vibe coding. Be proud, if you can (still) code without it. Your craft will be essential. Now, and in the future!

> So let’s take a look at the themes unfolding in tandem. We have exponential growth in code volume, driven by AI agents and democratized development. We have elevated vulnerability density in that code, because much of it is AI-generated by developers who are less security-conscious than the experienced practitioners who came before them. We have an absolute explosion in the number of CVEs, with FIRST forecasting approximately 59,000 new CVEs in 2026 alone, and we have AI making it trivially cheap to discover and exploit those vulnerabilities.

https://www.resilientcyber.io/p/the-attack-surface-exponential

> The Vulnpocalypse I wrote about is not a future state. It is the present, and the growth curves are steepening. There is no question the attack surface is growing exponentially, the data makes that indisputable.
>
> And, as much as I hate to say it, I think things will get worse before they get better, as the industry and society adapt to this new AI-driven operating model and its implications for cybersecurity.

#VibeCoding #GenAI #LLM

The Attack Surface Exponential

Code Surge: GitHub's Exponential Growth and the Attack Surface Nobody Is Ready For

Resilient Cyber
⠠⠵ avukoApr 17

Before the #vulnpocalypse, there will be the #vulnslopalypse.

As someone who has dealt with vulnerability reports in all shapes, forms and levels of veracity for at least a decade, I posit that's where we will hurt the most, for the longest time, and without reaching symmetry.

For the old farts: remember the burpsuite #bugbounty submissions? That, but at unprecedented scale, and these you can't easily filter out.

#vulnpocalypse #Mythos #infosec #vulnerability #vulnslopocalypse