Hexstrike-AI: LLM Orchestration Driving Real-World Zero-Day Exploits - Check Point Blog

Hexstrike-AI is an AI-powered orchestration framework designed to automate and accelerate zero-day exploitation, leveraging large language models to significantly reduce the time and skill required for complex attacks. Threat actors are actively discussing using Hexstrike-AI to target recently disclosed unauthenticated remote code execution and other critical vulnerabilities (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in Citrix NetScaler ADC and Gateway appliances, with observed webshell deployments.