A critical vulnerability disclosed in Zcash this week has once again brought the relationship between AI and cybersecurity to the forefront. The developers stated that the vulnerability exists in its privacy pool, Orchard, and could theoretically allow attackers to infinitely mint forged ZEC. Due to the privacy-preserving nature of this mechanism, it is currently impossible for outsiders to confirm, using only cryptographic methods, whether the vulnerability has been exploited in practice.
This incident has drawn even greater attention not only because of the severity of the vulnerability itself, but also because independent security researcher Taylor Hornby used Claude Opus 4.8 during his research. As more powerful AI models enter the fields of code auditing, vulnerability discovery, and security testing, the speed at which vulnerabilities are found may continue to increase.
The Zcash vulnerability has existed for years.
According to Shielded Labs' disclosure, this issue has existed since Orchard was activated in May 2022 and was only patched with an emergency fix on June 1, 2026. If exploited, the vulnerability would allow attackers to forge an unlimited number of ZEC, and it is currently unknown whether such forged assets have appeared on-chain.
This uncertainty quickly spread to the market. The report noted that ZEC's price declined significantly in the latter part of the week, reflecting investor concerns about the difficulty of auditing privacy chains and exposure to historical risks.
AI is shifting from writing code to finding vulnerabilities.
Early AI models were primarily used as programming assistants to complete code, explain logic, and debug errors. As model capabilities improved, researchers began applying them to code reviews, software audits, and vulnerability research. Industry experts believe that AI is now significantly more efficient than most manual processes at reading complex code, identifying anomalous paths, and combining potential attack surfaces.
Danny Jenkins, co-founder and CEO of ThreatLocker, said that current AI systems are already accelerating vulnerability discovery, and even stronger new models could further amplify this trend. He believes that AI is also lowering the barrier to vulnerability research, enabling more people to analyze code, identify weaknesses, and craft exploits.
Tech companies have applied AI to security research.
This trend is not limited to the crypto industry. This week, Anthropic expanded access to Project Glasswing, making Claude Mythos available to 150 companies and institutions to identify and fix software vulnerabilities ahead of the model’s broader release.
Previously, Mozilla disclosed that Anthropic’s models helped Firefox fix hundreds of vulnerabilities. Microsoft also launched a proxy-based vulnerability discovery system called MDASH in May, stating that it helped identify previously unknown Windows vulnerabilities. Researchers have also used Mythos Preview to assist in generating publicly available exploit samples targeting Apple’s M5 chip.
Cryptographic protocols are facing increased direct pressure.
For crypto and DeFi projects, risks are more direct. The associated code is typically open source, and real funds are stored on-chain, making these projects long-standing targets for attackers and security researchers. As AI improves code analysis efficiency, the difficulty of rapidly scanning open-source protocols, identifying vulnerabilities, and constructing attack paths is decreasing.
According to the report, DeFi projects have suffered over $840 million in thefts in the first five months of 2026, with more than $600 million lost in April alone, involving projects such as KelpDAO and Drift Protocol. Meanwhile, so-called "vibe hacking" is drawing attention, wherein attackers use AI-powered coding agents to automate tasks such as reconnaissance, credential theft, and malware development.
However, security professionals also note that AI does not only assist attackers. Raz Niv, Chief Technology Officer at Blockaid, stated that the more realistic shift is not AI replacing hackers, but rather amplifying their capabilities—allowing attackers to focus their efforts on more complex tasks while delegating repetitive tasks to models. For defenders, AI-assisted monitoring and simulation are becoming essential tools for security teams to keep pace with the speed of attacks.