Report Finds AI Systems Expose More High-Risk Security Flaws Than Traditional Applications

A new penetration testing report from Cobalt found that AI and large language model (LLM) systems contain significantly more high-risk vulnerabilities than traditional enterprise applications, with 32% of findings rated severe compared to 13% in legacy systems. Researchers and security experts attributed the elevated risk to emerging attack surfaces such as prompt injection, insecure integrations, excessive permissions, and the broad access AI systems often have to sensitive business workflows and data. The report also highlighted weak remediation performance, with only 38% of high-risk AI vulnerabilities resolved, reflecting the lack of established security playbooks and fragmented ownership across development, security, and business teams. Experts recommend treating AI systems as production-critical infrastructure by implementing threat modeling, least-privilege access, continuous monitoring, and adversarial testing throughout the AI lifecycle.

Reference: csoonline.com