Record-Breaking Patch Tuesday, AI Discovery and the Rise of Shinobi

Microsoft just broke its own record. June 2026 Patch Tuesday shipped 206 patches (208 by some counts), covering everything from a wormable Windows kernel bug to BitLocker bypasses and a Visual Studio Code zero-day that steals GitHub tokens with a single click. It is the largest Patch Tuesday in history, and it is not close. The previous record was 177.

But the real story is not the number. It is what is driving the number: artificial intelligence.

Security researchers are using AI to find vulnerabilities at a pace that would have been unthinkable even 18 months ago. OpenAI’s Codex discovered one of the June zero-days (CVE-2026-49160, an IIS denial-of-service bug with public exploit code). Microsoft itself is using multi-model agentic security systems that claim 21 out of 21 planted vulnerabilities found with zero false positives. The company says additional automation in its validation workflows is helping assess severity and reproducibility more quickly.

Satnam Narang from Tenable put it bluntly: surveys put AI usage among security professionals at around 90 percent. Pandora’s box is open.

The Wormable One

The patch you need to care about most is CVE-2026-45657. It is a Windows Kernel RCE via TCP/IP with a CVSS score of 9.8. Remote, unauthenticated, no user interaction required. ZDI calls it wormable. Microsoft rates it as “Exploitation Less Likely,” but every researcher in the world will reverse the patch the moment it drops. It is only a matter of time before weaponised code appears.

There is also CVE-2026-47291, an HTTP.sys RCE also scoring 9.8. Systems with default MaxRequestBytes settings are safe, but if you have changed that registry key, you need this patch.

The Nightmare Eclipse Factor

A researcher going by Nightmare Eclipse has been releasing zero-days and threatening a “bone shattering” dump on July 14. Two of this month’s bugs (CVE-2026-45586 GreenPlasma and CVE-2026-50507 BitLocker) are from this source. The researcher claims to be a former Microsoft employee. Microsoft has threatened legal action. The advisories for these bugs do not credit any researcher.

Immediately after the June patches dropped, the same researcher published an exploit for a claimed Windows Defender zero-day. If you are running Microsoft Defender, expect more noise on this front.

AI on Both Sides of the Fence

This is where the story gets uncomfortable. AI is not just finding bugs for defenders. It is finding them for attackers too. Tools like OpenAI’s Codex and Anthropic’s Claude Mythos (which reportedly found thousands of zero-day exploits across every major operating system) have democratised vulnerability discovery. The difference between a security researcher and a threat actor is intent, not capability.

Which brings us to Shinobi.

Shinobi is an autonomous offensive security AI. It passed the CAPIE exam and a Burp Suite Certified Practitioner practice exam. It chains vulnerabilities together the way a human attacker would – entry point to privilege elevation to lateral movement to impact – and it does it in hours, not weeks. Zero false positives is the claim.

Whether you trust that number or not, the direction is clear. Autonomous pentesting tools are no longer a lab experiment. They are production systems that security teams can point at internal apps, APIs, and cloud infrastructure and get findings back in real time.

The problem? The same tools work for the other side.

The New Normal

The ZDI’s Dustin Childs asked the question that matters: “How many of these cases were found using AI tools? Is this the new normal?”

The answer is yes. If AI bug hunting is pushing the 2026 CVE count toward 66,000, and if Microsoft alone is shipping 200-plus patches a month, then patch management is no longer a monthly task. It is a continuous operations function. You need automation to triage, prioritise and deploy. You cannot do this manually.

You also need to assume that attackers have access to the same AI tools you do. The difference between a good defence and a great one is no longer about finding more bugs. It is about finding the right bugs first, and fixing them before someone else weaponises them.

“If the use of LLMs to help find vulnerabilities is greater than the vulnerabilities introduced by the use of LLMs to write code, we are looking at a short spike to fix the backlog of human-generated errors. That spike is happening right now.”

Security industry commenter, via Krebs on Security

Patch your systems. Automate your triage. And get comfortable with the fact that AI is not coming for your job. It is coming for your vulnerabilities.

Subscribe

Related articles

Anthropic Restarts Fable After U.S. Lifts Export Controls

Eighteen days after export controls pulled Fable 5 offline, Anthropic has reopened access under tighter filters and a U.S. pre-release commitment that may define how frontier models are rolled out going forward.

Anthropic’s Sonnet 5 Arrives as Fable 5 Returns to the US

Anthropic launched Sonnet 5, its newest mid-tier model, hours before the US lifted export controls on Fable 5 and Mythos 5. The timing raises questions about whether Sonnet 5 was designed as a stopgap for users locked out of more capable models.

Microsoft Just Patched 206 Vulnerabilities in One Day. Most Organisations Won’t Patch Fast Enough.

A record-breaking Patch Tuesday shows attackers are scaling with AI. If your patching process still relies on monthly reminders, you are already behind.

Meta’s Brain2Qwerty v2 Turns Brain Scans Into Full Sentences

Meta has upgraded its non-invasive brain-computer interface to decode full sentences from brain scans with accuracy now approaching surgical systems, and it has open-sourced the code.