Spy turned startup CEO: 'The WannaCry of AI will happen'
(2025/12/22)
- Reference: 1766432398
- News link: https://www.theregister.co.uk/2025/12/22/zafran_security_ceo/
- Source link:
Interview "In my past life, it would take us 360 days to develop an amazing zero day," Zafran Security CEO Sanaz Yashar said.
She's talking about the 15 years she spent working as a spy - she prefers "hacking architect" - inside the Israel Defense Forces' elite cyber group, Unit 8200.
"Now, the volume and speed is changing so much that for the first time ever, we have a negative time-to-exploit, meaning it takes less than a day to see vulnerabilities being exploited, being weaponized before they were patched," Yashar told The Register . "That is not something you used to see."
[1]
The reason: AI. This technology isn't helping criminals develop novel or more sophisticated attack chains entirely without humans in the loop, she said. "But AI is helping the threat actors do more, and faster," according to Yashar - and the more and faster is what worries her.
[2]
[3]
As a teen, Yashar's family moved from Tehran to Israel, and the Israeli military intelligence corps recruited her while she was working as a research assistant at Tel Aviv University.
In 2022, Yashar co-founded Zafran, which uses AI to help companies map and manage their cyber-threat exposure. But before heading up her own security startup, she led threat intelligence at Cybereason and worked as a manager at Google's incident response and threat intel biz, Mandiant.
AI is helping the threat actors do more, and faster
She's citing [4]Mandiant's recent analysis that found the average time-to-exploit (TTE) in 2024 hit -1. This is how Google and Mandiant define the average number of days it takes attackers to exploit a bug before or after the vendor issues a patch, and this is the first time ever the security analysts have seen a negative TTE. Crims are getting to exploit bugs a day before they're patched now.
"And we saw 78 percent of the vulnerabilities being weaponized by LLMs and AI," Yashar said.
[5]
In addition to attackers using AI to improve the speed and efficiency of breaches, organizations' increasing use of this same technology - in some cases, just stuffing AI into every product and process - expands the attack surface.
This includes attackers misusing corporate AI systems through things like [6]prompt injection and tricking AI agents into [7]bypassing safety guardrails to [8]develop exploit chains , or [9]access data they're not supposed to.
Plus, there's also software vulnerabilities within the AI systems and frameworks themselves, and Yashar worries about the "collateral damage" caused from exploiting these bugs, especially if they fall into the hands of "junior" hackers: the [10]Scattered Spider , [11]ShinyHunters-type [12]cybercrime collectives or governments just beginning to develop or buy a cyber-weapons arsenal or experimenting with agentic AI.
[13]
"Sometimes the ones that don't understand what they are doing are more dangerous than Russia, Iran, Israel, US, China - they understand what can happen if something goes wrong," she explained. "Even if they do bad things, there is a decision they understand."
"The new threat actors are going to utilize these vulnerabilities, not understanding that they can shut down half of the world," Yashar said. "And the collateral damage is going to be something that we cannot expect and we cannot deal with. I do think the [14]WannaCry of AI has not yet happened. It's going to happen. I don't know where it's going to come from, but it's going to happen. The question is, how are you going to mitigate - because you cannot remediate it - so how you're going to mitigate your own risk?"
WannaCry, which took place in May 2017, was one of the largest worldwide ransomware attacks, hitting hundreds of thousands of computers and causing untold damage that's estimated to be in the hundreds of millions or billions.
[15]Chinese spies told Claude to break into about 30 critical orgs. Some attacks succeeded
[16]Google says Chrome's new AI creates risks only more AI can fix
[17]Block all AI browsers for the foreseeable future: Gartner
[18]Researchers find hole in AI guardrails by using strings like =coffee
The answer, according to Yashar, is also AI. Not coincidentally, Zafran has developed a threat-exposure management platform that uses AI to find and remediate exploitable vulnerabilities and perform proactive threat hunting.
"The way we do security is going to completely change," she said. "Companies that just show you insight wouldn't be enough. They have to get the job done. And to get the job done, you need to use agents, even with human intel."
AI agents will investigate and triage threats, and develop an action plan for an organization to mitigate them. "The AI is going to build those packages according to your risk appetite, and there's going to be a human to make sure that you want to do this action according to your risk appetite," Yashar said.
Humans, she adds, will remain in the loop for the foreseeable future because "human behaviour changes slower than technology," and when it comes to completely turning over the reins to AI agents, we're not there yet. ®
Get our [19]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aUnNlkIGol_dSY776yel0wAAARU&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aUnNlkIGol_dSY776yel0wAAARU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aUnNlkIGol_dSY776yel0wAAARU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[4] https://www.linkedin.com/feed/update/urn:li:activity:7376823949587906561/
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aUnNlkIGol_dSY776yel0wAAARU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://www.theregister.com/2025/10/28/ai_browsers_prompt_injection/
[7] https://www.theregister.com/2025/11/14/ai_guardrails_prompt_injections_echogram_tokens/
[8] https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/
[9] https://www.theregister.com/2025/09/26/salesforce_agentforce_forceleak_attack/
[10] https://www.theregister.com/2025/10/13/scattered_lapsus_hunters_hiatus/
[11] https://www.theregister.com/2025/11/21/shinyhunters_salesforce_gainsight_breach/
[12] https://www.theregister.com/2025/08/12/scattered_spidershinyhunterslapsus_cybercrime_collab/
[13] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aUnNlkIGol_dSY776yel0wAAARU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[14] https://www.theregister.com/2017/05/13/wannacrypt_ransomware_worm/
[15] https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/
[16] https://www.theregister.com/2025/12/09/google_fortifies_chrome_ai_with/
[17] https://www.theregister.com/2025/12/08/gartner_recommends_ai_browser_ban/
[18] https://www.theregister.com/2025/11/14/ai_guardrails_prompt_injections_echogram_tokens/
[19] https://whitepapers.theregister.com/
She's talking about the 15 years she spent working as a spy - she prefers "hacking architect" - inside the Israel Defense Forces' elite cyber group, Unit 8200.
"Now, the volume and speed is changing so much that for the first time ever, we have a negative time-to-exploit, meaning it takes less than a day to see vulnerabilities being exploited, being weaponized before they were patched," Yashar told The Register . "That is not something you used to see."
[1]
The reason: AI. This technology isn't helping criminals develop novel or more sophisticated attack chains entirely without humans in the loop, she said. "But AI is helping the threat actors do more, and faster," according to Yashar - and the more and faster is what worries her.
[2]
[3]
As a teen, Yashar's family moved from Tehran to Israel, and the Israeli military intelligence corps recruited her while she was working as a research assistant at Tel Aviv University.
In 2022, Yashar co-founded Zafran, which uses AI to help companies map and manage their cyber-threat exposure. But before heading up her own security startup, she led threat intelligence at Cybereason and worked as a manager at Google's incident response and threat intel biz, Mandiant.
AI is helping the threat actors do more, and faster
She's citing [4]Mandiant's recent analysis that found the average time-to-exploit (TTE) in 2024 hit -1. This is how Google and Mandiant define the average number of days it takes attackers to exploit a bug before or after the vendor issues a patch, and this is the first time ever the security analysts have seen a negative TTE. Crims are getting to exploit bugs a day before they're patched now.
"And we saw 78 percent of the vulnerabilities being weaponized by LLMs and AI," Yashar said.
[5]
In addition to attackers using AI to improve the speed and efficiency of breaches, organizations' increasing use of this same technology - in some cases, just stuffing AI into every product and process - expands the attack surface.
This includes attackers misusing corporate AI systems through things like [6]prompt injection and tricking AI agents into [7]bypassing safety guardrails to [8]develop exploit chains , or [9]access data they're not supposed to.
Plus, there's also software vulnerabilities within the AI systems and frameworks themselves, and Yashar worries about the "collateral damage" caused from exploiting these bugs, especially if they fall into the hands of "junior" hackers: the [10]Scattered Spider , [11]ShinyHunters-type [12]cybercrime collectives or governments just beginning to develop or buy a cyber-weapons arsenal or experimenting with agentic AI.
[13]
"Sometimes the ones that don't understand what they are doing are more dangerous than Russia, Iran, Israel, US, China - they understand what can happen if something goes wrong," she explained. "Even if they do bad things, there is a decision they understand."
"The new threat actors are going to utilize these vulnerabilities, not understanding that they can shut down half of the world," Yashar said. "And the collateral damage is going to be something that we cannot expect and we cannot deal with. I do think the [14]WannaCry of AI has not yet happened. It's going to happen. I don't know where it's going to come from, but it's going to happen. The question is, how are you going to mitigate - because you cannot remediate it - so how you're going to mitigate your own risk?"
WannaCry, which took place in May 2017, was one of the largest worldwide ransomware attacks, hitting hundreds of thousands of computers and causing untold damage that's estimated to be in the hundreds of millions or billions.
[15]Chinese spies told Claude to break into about 30 critical orgs. Some attacks succeeded
[16]Google says Chrome's new AI creates risks only more AI can fix
[17]Block all AI browsers for the foreseeable future: Gartner
[18]Researchers find hole in AI guardrails by using strings like =coffee
The answer, according to Yashar, is also AI. Not coincidentally, Zafran has developed a threat-exposure management platform that uses AI to find and remediate exploitable vulnerabilities and perform proactive threat hunting.
"The way we do security is going to completely change," she said. "Companies that just show you insight wouldn't be enough. They have to get the job done. And to get the job done, you need to use agents, even with human intel."
AI agents will investigate and triage threats, and develop an action plan for an organization to mitigate them. "The AI is going to build those packages according to your risk appetite, and there's going to be a human to make sure that you want to do this action according to your risk appetite," Yashar said.
Humans, she adds, will remain in the loop for the foreseeable future because "human behaviour changes slower than technology," and when it comes to completely turning over the reins to AI agents, we're not there yet. ®
Get our [19]Tech Resources
[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aUnNlkIGol_dSY776yel0wAAARU&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aUnNlkIGol_dSY776yel0wAAARU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aUnNlkIGol_dSY776yel0wAAARU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[4] https://www.linkedin.com/feed/update/urn:li:activity:7376823949587906561/
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aUnNlkIGol_dSY776yel0wAAARU&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[6] https://www.theregister.com/2025/10/28/ai_browsers_prompt_injection/
[7] https://www.theregister.com/2025/11/14/ai_guardrails_prompt_injections_echogram_tokens/
[8] https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/
[9] https://www.theregister.com/2025/09/26/salesforce_agentforce_forceleak_attack/
[10] https://www.theregister.com/2025/10/13/scattered_lapsus_hunters_hiatus/
[11] https://www.theregister.com/2025/11/21/shinyhunters_salesforce_gainsight_breach/
[12] https://www.theregister.com/2025/08/12/scattered_spidershinyhunterslapsus_cybercrime_collab/
[13] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_software/aiml&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33aUnNlkIGol_dSY776yel0wAAARU&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[14] https://www.theregister.com/2017/05/13/wannacrypt_ransomware_worm/
[15] https://www.theregister.com/2025/11/13/chinese_spies_claude_attacks/
[16] https://www.theregister.com/2025/12/09/google_fortifies_chrome_ai_with/
[17] https://www.theregister.com/2025/12/08/gartner_recommends_ai_browser_ban/
[18] https://www.theregister.com/2025/11/14/ai_guardrails_prompt_injections_echogram_tokens/
[19] https://whitepapers.theregister.com/
An experimental work in progress requiring more experimental work to progress over hurdles
amanfromMars 1
The answer, according to Yashar, is also AI. Not coincidentally, Zafran has developed a threat-exposure management platform that uses AI to find and remediate exploitable vulnerabilities and perform proactive threat hunting.
The almighty chink in Zafran’s threat-exposure management platform armour is always going to be the subjective selection of exploitable vulnerabilities to try to remediate. Ignoring those which are vital to the continued health and welfare of Zafran party interests is the catastrophic weakness which will be relentlessly hunted and targeted with attacks ideally proving to be impossible to deflect and/or stop.
Fruit and Nutcase
...that uses AI to find and remediate exploitable vulnerabilities and perform proactive threat hunting.
The magic bullet. In the mean time, the thread actors gain entry through the door that the AI has not been trained to recognise as being an entry point. The meatsacks have been drunk the kool-aid and are putting all their faith in the "AI"
Understatement of all time
"...human behaviour changes slower than technology,..."
Edward O. Wilson knew this:
"We have Paleolithic emotions, medieval institutions and godlike technology. And it is terrifically dangerous, and it is now approaching a point of crisis overall."