The CVE Chase Must Stop 

The report warns that AI is shifting the balance of power toward attackers by dramatically reducing the time between vulnerability disclosure and real-world exploitation (from months in 2020 to roughly 1.5 days in 2024), increasing pre-CVE zero-days to an estimated 67%, and enabling rapid, large-scale vulnerability discovery; it recommends moving from patch-chasing to an assume-breach strategy focusing on segmentation, least privilege, strong MFA (including four-eyes for high-risk actions), and continuous penetration testing.