The question is whether the current situation is a short burst of action, and once those most critical bugs get fixed the hype around AI vulnerability scanning will die down, or whether the current crop of system/infra software written in vulnerable languages like C are beyond redemption and they will provide an endless source of critical bugs for AI to find until we fix them by rewriting them in Rust/Go/whatever.
An eternal summer of CVEs is upon us
Seems like those “rewrite in Rust” folks had a point after all (the viability of it for any number of projects being another thing entirely).