China’s 360 Digital Security Group has reported identifying approximately 1,000 previously unknown software vulnerabilities, including flaws in Microsoft’s Office suite, through the use of an artificial intelligence-powered agent. The discovery was detailed in a recent report that highlights the growing role of AI in cybersecurity threat detection and vulnerability research.
The cybersecurity firm, based in Beijing, employed machine learning models to automate the scanning and analysis of widely used software applications. According to their findings, the AI agent was able to detect security flaws that had not been previously documented in public vulnerability databases or disclosed by software vendors.
Among the affected products, Microsoft Office applications were specifically cited as containing multiple vulnerabilities uncovered by the AI system. These flaws, if exploited, could potentially allow attackers to execute arbitrary code, access sensitive data, or compromise system integrity when users interact with malicious documents or files.
The use of AI in vulnerability discovery represents a significant shift in cybersecurity defense strategies. Traditional methods rely heavily on manual code review and signature-based detection, which can be time-consuming and limited in scope. By contrast, AI-driven tools can analyze vast amounts of code and behavior patterns at scale, increasing the likelihood of identifying subtle or complex security weaknesses.
360 Digital Security Group stated that they followed responsible disclosure practices upon identifying the vulnerabilities. The firm reported sharing their findings with the relevant software vendors, including Microsoft, to allow for the development and release of security patches before public disclosure.
Microsoft has not issued a public statement confirming receipt of the vulnerability reports from 360 Digital Security Group as of the latest available information. The company maintains its own internal security response teams and coordinates with external researchers through programs such as the Microsoft Security Response Center (MSRC).
The cybersecurity landscape continues to evolve with the integration of artificial intelligence across both offensive and defensive operations. While AI enhances the ability to detect vulnerabilities, it also raises concerns about the potential misuse of such technology to develop more sophisticated cyber threats.
Industry experts note that the increasing use of AI in security research underscores the need for greater collaboration between technology companies, security firms, and government agencies. Coordinated vulnerability disclosure and timely patch deployment remain critical to protecting users from emerging threats.
As of now, there is no public indication that the vulnerabilities identified by 360 Digital Security Group have been actively exploited in the wild. However, security researchers recommend that users and organizations ensure their software is kept up to date with the latest security patches as a standard precautionary measure.
The report from 360 Digital Security Group adds to a growing body of evidence demonstrating the effectiveness of AI in identifying security issues across complex software ecosystems. It also highlights the increasing capabilities of Chinese cybersecurity firms in contributing to global software security efforts.
Moving forward, the cybersecurity community will likely continue to monitor how AI tools are used in both vulnerability discovery and threat mitigation. The balance between innovation and security remains a central challenge in the digital age.
For ongoing updates on software security advisories and patch releases, users are encouraged to consult official channels such as the Microsoft Security Response Center and national computer emergency response teams (CERTs).
Stay informed about the latest developments in cybersecurity and technology by following trusted sources and enabling automatic updates on your devices.
We welcome your thoughts on this story. Share your perspective in the comments below or join the conversation on social media.