Close Menu
    Facebook X (Twitter) Instagram Pinterest YouTube LinkedIn TikTok
    TopBuzzMagazine.com
    Facebook X (Twitter) Instagram Pinterest YouTube LinkedIn TikTok
    • Home
    • Movies
    • Television
    • Music
    • Fashion
    • Books
    • Science
    • Technology
    • Cover Story
    • Contact
      • About
      • Amazon Disclaimer
      • Terms and Conditions
      • Privacy Policy
      • DMCA / Copyrights Disclaimer
    TopBuzzMagazine.com
    Home»Technology»CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats
    Technology

    CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats

    By AdminJune 11, 2026
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats


    With new generations of AI models fueling both rapid software vulnerability discovery and the potential for faster exploitation by malicious hackers, the United States Cybersecurity and Infrastructure Security Agency released a new directive on Wednesday that requires more rapid and efficient software patching by federal civilian agencies. The “binding operational directive” (BOD) lays out a rubric for how quickly bugs must be fixed based on four assessments of urgency, with a turnaround time in critical cases of just three days.

    Chris Butera, CISA’s acting executive assistant director for cybersecurity, told reporters on Wednesday that the goal of the directive is to help agencies prioritize, so they can address the most problematic vulnerabilities first while taking more time to remediate bugs that pose a less-pressing risk. The directive comes as private companies and governments have been scrambling to assess the extent of the cybersecurity reckoning that AI vulnerability and exploit development capabilities could unleash.

    “Prioritizing IT and security operations attention on the most at-risk assets is particularly important now given advancements in artificial intelligence, which allow threat actors to find and exploit vulnerabilities in [federal] assets,” Butera said on Wednesday. “Defenders cannot afford to take weeks to patch systems that can be autonomously exploited en masse.”

    The CISA directive’s criteria for evaluating patch urgency includes looking at whether a vulnerability is in a system that is publicly exposed, whether the bug is listed in CISA’s Known Exploited Vulnerabilities Catalog, whether an attacker could automate all of the steps to exploit the vulnerability, and how much access an attacker would get to the target if the bug were exploited. A vulnerability where all four points apply must be fixed within three days, according to the new directive, and the agency must also execute a “forensic triage” process to determine whether systems have already been compromised.

    The directive supersedes two previous CISA orders related to patching timelines for urgent vulnerabilities—one from 2019 and one from 2021. Those established a framework in which the most critical bugs had to be patched within 15 days of detection and another class of high-urgency vulnerability had to be remediated within 30 days. And both encouraged faster patching for severe flaws when possible. Even before the AI era, in 2021, CISA wrote that “threat actors are extremely fast to exploit their vulnerabilities of choice: of those 4% of known exploited [vulnerabilities], 42% are being used on day 0 of disclosure; 50% within 2 days; and 75% within 28 days.”

    US federal cybersecurity has improved significantly over the past decade, but it still often lags, thanks to funding shortfalls and competing priorities. CISA’s Butera said that the agency developed the new assessment rubric and the directive more broadly with these limitations in mind. He noted, for example, that the three-day deadline for the most urgent vulnerabilities isn’t, say, 24 hours, because such a short timeframe would not be feasible for most agencies.

    New AI capabilities are already changing the landscape of vulnerability detection and bug hunting. And as this spurs new urgency in patching, many researchers have started to conclude, essentially, that no amount of patching will be enough—and that the software development community globally must work to adopt new, architectural or systemic approaches to invalidating whole classes of vulnerabilities at a time.

    “CISA’s directive has its heart in the right place, but it only tackles half the challenge,” says Emily Long, CEO of the cloud security firm Edera. “If your architecture doesn’t limit what an attacker can reach after a breach, you’re just running faster on the same treadmill. Patching will always be important, but we should be talking more about containment by design.”

    CISA’s Butera seemed to acknowledge this evolution on Wednesday. The new directive “is an initial step to counter the increased capabilities of emerging AI models,” he says. “Yet there is still more work to do.”

    View Original Source Here

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Abu Dhabi-based MGX raised a $49B AI-focused fund, exceeding its $45B target, and plans to spend as much as $10B annually over the next few years (Dinesh Nair/Bloomberg)

    July 1, 2026

    The Trump Administration Is Lifting Its Export Controls on Anthropic’s Mythos and Fable AI Models

    July 1, 2026

    An Indonesian court sentences Gojek co-founder and ex-education minister Nadiem Makarim to 10 years in prison for power abuses over a Chromebook contract (New York Times)

    June 30, 2026

    Meta Contractors Posed as Teens to Prompt Rival Chatbots About Suicide, Sex, and Drugs

    June 30, 2026

    Filing: Strategy paused its bitcoin acquisitions last week, instead topping up its USD reserve to $2.55B and announcing a $1B digital credit buyback program (James Hunt/The Block)

    June 29, 2026

    What to Do in Houston If You’re Here for Business (2026)

    June 29, 2026
    popular posts

    A Guide to Abortion Resources in a Post-Roe America

    Do You Need a Fancy Bread Knife?

    Book Riot’s Deals of the Day for May 12, 2022

    Start Your 2026 Spring Reset (Or Don’t) With These Fresh Book Recs

    Book Riot’s Deals of the Day for March 13, 2024

    Tool’s Maynard James Keenan challenges Florida’s anti-drag law at Welcome

    Every Reference to the Past ‘Mission: Impossible’s in ‘Dead Reckoning’

    Categories
    • Books (3,952)
    • Cover Story (15)
    • Events (24)
    • Fashion (2,817)
    • Interviews (60)
    • Movies (3,248)
    • Music (3,542)
    • News (178)
    • Politics (13)
    • Science (5,103)
    • Technology (3,245)
    • Television (3,973)
    • Uncategorized (932)
    Archives
    Facebook X (Twitter) Instagram Pinterest YouTube Reddit TikTok
    © 2026 Top Buzz Magazine. All rights reserved. All articles, images, product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Terms of Use and Privacy Policy.

    Type above and press Enter to search. Press Esc to cancel.

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
    Do not sell my personal information.
    Cookie SettingsAccept
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
    CookieDurationDescription
    cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
    cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
    cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
    cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
    cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
    viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
    Functional
    Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
    Performance
    Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
    Analytics
    Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
    Advertisement
    Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
    Others
    Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
    SAVE & ACCEPT