{"data":{"id":"2770013e-19d1-47c7-b5e2-2afddf603d5b","title":"CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats","summary":"The US Cybersecurity and Infrastructure Security Agency (CISA) released a new directive requiring federal agencies to patch critical software vulnerabilities (bugs) in as little as three days, driven by concerns that AI models can now discover and exploit security flaws faster than humans can fix them. The directive uses a prioritization system based on four factors, including whether a vulnerability is publicly exposed and can be automatically exploited, to determine how urgently each bug must be addressed.","solution":"CISA's directive requires agencies to use a prioritization rubric based on four assessments: whether a vulnerability is in a publicly exposed system, whether it appears in CISA's Known Exploited Vulnerabilities Catalog, whether an attacker could automate exploitation, and how much access an attacker would gain. When all four criteria apply, the vulnerability must be fixed within three days, and agencies must also execute a 'forensic triage' process to determine if systems have already been compromised.","labels":["policy","security"],"sourceUrl":"https://www.wired.com/story/cisa-ai-vulnerability-directive/","publishedAt":"2026-06-10T20:55:40.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":[],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-10T20:55:40.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}