A novel AI-powered system, dubbed a "vulnerability vending machine," has been developed to automatically uncover complex software vulnerabilities. This system leverages code slicing and large language models (LLMs) to identify previously unknown flaws. Notably, it successfully discovered and exploited a zero-day vulnerability in a WordPress plugin, demonstrating its capabilities. The system's findings are already being disclosed responsibly, with additional discoveries under review. The use of AI tokens to generate zero-days poses significant concerns, as it enables rapid exploitation before patches can be developed1. This highlights the challenges faced by defenders, who must respond to emerging threats without the benefit of existing patches. The existence of such a system underscores the need for proactive vulnerability management and swift patching protocols, as the window for response is increasingly compressed. So what matters most to practitioners is that zero-day exploitation can occur at unprecedented speed, leaving defenders to play catch-up.