[jononor]

Fuzzing is a tool that can be used to find vulnerabilities. This can happen by good-intended actors (which is what there is the most data about, as referenced in the post). But it can (and certainly is) also used bad actors. And there is always a bunch of code out there that goes unpatched for extended amounts of time. So even with code that is actively fuzzed and fixed, there are usually vulnerability windows for deployed software. And with memory unsafe languages, we tend to continue to produce such vulnerabilities.