Sansec's Forensics Team identified 353 zero-day vulnerabilities in popular ecommerce extensions on Packagist using an AI-driven security pipeline. They focused on the top 5,000 Magento 2 extensions, analyzing them for critical security issues like remote code execution, SQL injection, and authentication bypass. The AI agents executed a thorough audit, which initially flagged 447 potential vulnerabilities. After validation, 79% were confirmed as reproducible, indicating a significant security risk for developers and users of these packages. The audit revealed the types of vulnerabilities primarily affecting these extensions: 265 instances of authentication bypass, 50 SQL injection cases, and 15 instances of remote code execution. These vulnerabilities could lead to serious consequences, such as payment manipulation and unauthorized data access. The research highlighted a trend: while popular packages generally had fewer issues, the correlation between the number of downloads and vulnerability presence was weaker than expected. Limitations of the audit included a narrow focus on the latest versions of packages and a lack of consideration for multi-pass attack methods. Many ecommerce platforms frequently run outdated software, which might harbor additional vulnerabilities. The overall cost for executing this comprehensive audit was about $10,000, emphasizing the shift in security research from requiring large teams to relying on computational resources. As AI tools become more accessible, both vendors and potential attackers could use similar methods to exploit or secure applications, raising the stakes in the cybersecurity landscape.