We must significantly overhaul our compliance requirements and how they’re enforced and implemented.
The artificial intelligence arms race everyone talks about is models. Who has the best foundation model. Who exports chips. Who restricts application programming interface (API) access. Who distills whose weights. Washington and Beijing are both spending enormous political capital on this race, and it’s real.
The AI arms race nobody talks about is vulnerability discovery. Who finds the bugs first? Who patches them? Who exploits them? That race is already underway, and only one side has a strategy.
On May 11, Google’s Threat Intelligence Group confirmed it thwarted an AI-driven attempt to plan a mass vulnerability exploitation operation. GTIG reported with high confidence that hackers used an AI model to discover and exploit a zero-day to bypass two-factor authentication. Groups linked to China and North Korea, Google said, are actively pursuing AI for vulnerability discovery.
In May, the South China Morning Post reported that IDC projects China’s AI cybersecurity market will reach $8.7 billion by 2030; a 37-fold increase from 2025. An IDC senior research manager in China said it plainly: “China’s own Mythos will definitely emerge.”
Earn CPE credit: The latest webinar from the Billington CyberSecurity Cyber and AI Outlook Series will focus on the real-world risks facing AI deployments across the federal landscape. Register now!
That’s the arms race. Not who builds the chatbot. It’s who finds the zero-day.
On the capability side, the U.S. is ahead. Anthropic’s Mythos discovered thousands of zero-day vulnerabilities in critical infrastructure. A 17-year-old flaw that allows an attacker to run arbitrary code in an open-source operating system (FreeBSD). A 16-year-old memory corruption bug in an open-source multimedia framework (called FFmpeg). Our team at Xint reproduced those findings and discovered 12 additional zero-days in the same codebases. Two weeks ago, we disclosed a critical nine-year-old vulnerability in the Linux kernel that could give attackers complete control over the system. Found in an hour.
On the defensive side, the United States has no strategy at all.
There is no requirement for pre-deployment security testing of software running critical infrastructure. The Cybersecurity and Infrastructure Agency, which is tasked with defending critical infrastructure, has lost a third of its workforce and faces a proposed $500 million budget cut. The current compliance regime (SOC2, FedRAMP) audits whether you have security controls. It does not audit whether your code can be exploited.
Fewer than 1% of Mythos-discovered vulnerabilities have been fully patched. The bugs are known. The fixes aren’t funded. The software is still running.
China’s amended cybersecurity law took effect Jan. 1, with AI governance provisions, extraterritorial enforcement authority and fines up to $1.4 million per violation. House lawmakers are investigating Chinese AI models deployed in American infrastructure. The White House accused China of industrial-scale distillation of U.S. frontier models.
All of that is about the model race. China is also investing in the vulnerability race. The 37x market projection isn’t theoretical; it reflects a national strategy to build AI-driven offensive and defensive cyber capabilities in parallel. When Google says China-linked groups are pursuing AI vulnerability discovery, that’s the strategy in practice.
Sign up for our daily newsletter so you never miss a beat on all things federal
The U.S. has a model strategy. Export controls. Chip restrictions. Investment screening. On the vulnerability side, it has voluntary frameworks, an underfunded coordination agency and a disclosure system designed for a world where humans found one bug at a time.
The U.S. built the most advanced AI vulnerability discovery capabilities on earth and then didn’t build any policy infrastructure around the results. The capability is real. But there’s no requirement for anyone to use it defensively. No framework for what happens when discovery outpaces remediation. No funded mechanism to patch the open-source software that critical infrastructure depends on.
Google’s John Hultquist put it directly: “There’s a misconception that the AI vulnerability race is imminent. The reality is that it’s already begun.” GTIG’s report detailed North Korean military group APT45 using AI to churn through thousands of exploit checks, and Chinese state-linked operators experimenting with AI for vulnerability hunting and automated target probing. These aren’t projections. They’re incident reports.
The model race gets the headlines, the export controls and the White House executive orders. The vulnerability race gets nothing. No policy. No funding. No strategy.
One of those races ends with better benchmarks. The other ends with someone inside your infrastructure.
Which one should we be worried about?
How do we catch up in the vulnerability race? We must significantly overhaul our compliance requirements and how they’re enforced and implemented.
The model should resemble how the Food and Drug Administration regulates medical devices, where vendors must demonstrate safety and compliance to the government in exacting detail before products can be sold. Pre-deployment security testing of software running critical infrastructure should be required, and this testing should verify the software cannot be exploited. If there are patches, we need proof they’ve been applied, not just acknowledgement that security controls exist.
CISA is the best agency to do this work. It’s the civilian defensive coordinator by statute. The problem is that CISA as currently constituted cannot do the job. A third of the workforce is gone, it lacks a confirmed director and potentially faces serious budget cuts. All at the exact moment its job got harder. So, the first step must be to rebuild CISA. Instead of cutting budget and headcount, reconstitute it. Fund it. Give it authority to require what the FDA requires of medical devices: demonstrated safety before deployment, not paperwork after the fact.
Read more: Commentary
We’re behind in the vulnerability race, but it’s not over yet. If we invest in it now, we can still win this arms race.
Jeffrey Martin is the vice president of product at Xint.io.
Copyright © 2026 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
