How AI is getting better at finding security holes - BERITAJA

AI laboratory Anthropic announced this week that it had developed a powerful caller exemplary the institution believes could "reshape cybersecurity." It said that its latest model, Mythos Preview, was capable to find "high-severity vulnerabilities, including immoderate successful each awesome operating strategy and web browser." Patrick Sison/AP

Patrick Sison/AP

In the past fewer months, AI models person gone from producing hallucinations to becoming effective astatine uncovering information flaws successful software, according to developers who support wide utilized cyber infrastructure. Those pieces of software, among different things, powerfulness operating systems and transportation information for things connected to the internet.

While these caller capabilities could thief developers make package much secure, they could besides beryllium weaponized by hackers and federation states to bargain accusation and money aliases disrupt captious services.

The latest improvement of AI's cyber capacity came connected Tuesday, erstwhile AI laboratory Anthropic announced it had developed a powerful caller exemplary the institution believes could "reshape cybersecurity." It said that its latest model, Mythos Preview, was capable to find "high-severity vulnerabilities, including immoderate successful each awesome operating strategy and web browser." Not only that, the exemplary was amended astatine coming up pinch ways to utilization the vulnerabilities it found, which intends malicious actors could much efficaciously execute their goals.

For now, the institution is limiting the entree to the exemplary to about 50 prime companies and organizations "in an effort to unafraid the world's about captious software." They're calling the collaboration Project Glasswing, naming it aft a butterfly type pinch transparent wings.

Anthropic says the consequence for misuse is truthful precocious that it has nary plans to merchandise this peculiar exemplary to the wide public, according to the announcement, but it will merchandise different related models. "Our eventual extremity is to alteration our users to safely deploy Mythos-class models astatine scale," the institution wrote.

Still information experts opportunity the imaginable risks are for cybersecurity professionals and not mundane people. "I don't needfully deliberation that the mean machine personification needs to beryllium fundamentally worried about this," said Daniel Blackford, VP of Threat Research astatine Proofpoint, a cybersecurity firm. "They request to beryllium measurement much worried about not giving their password distant because that conscionable happens for illustration each day, each day."

Mythos Preview whitethorn besides person amended capabilities to thief developers hole vulnerabilities than erstwhile models, said Jim Zemlin, CEO of the Linux Foundation, which hosts the unfastened root Linux kernel. A kernel is an interface that lets hardware talk to software, and the Linux kernel powers immoderate of the about wide utilized operating systems including Android, arsenic good arsenic each of the world's 500 about powerful supercomputers. The instauration is simply a portion of Project Glasswing, and Zemlin said a halfway group of group who activity connected the Linux kernel, known arsenic maintainers, person started experimenting pinch the caller exemplary to fig retired the about effective measurement to usage it.

"These maintainers are already overworked earlier AI," Zemlin said. "This conscionable makes their lives a batch better."

Even earlier Mythos Preview's constricted release, the cybersecurity organization has already been grappling pinch really could the about precocious commercially disposable AI models person become. Developers are racing to spot information vulnerabilities that hackers emblem pinch AI. Security experts are worried about what mightiness dishonesty up if specified capacities proliferate without guardrails.

Hackers are utilizing AI to thief them find bugs. It wasn't working, until now

Improvement successful AI models' capabilities became noticeable early 2026, said Daniel Stenberg. He is the lead package developer down cURL, a 30-year-old open-source information transportation instrumentality that's wide utilized for things that link to the internet, including cars and aesculapian devices. That alteration followed the releases of caller cutting-edge models precocious 2025.

Like galore successful the package community, Stenberg gets thief from information researchers to support his package functional and secure. So-called "white hat" hackers emblem information flaws to developers successful backstage and successful return, they sometimes get reward money, known arsenic "bug bounties," aliases bragging authorities by getting the information flaw named aft themselves. While each bugs impact the functionality of the software, only immoderate bugs coming information vulnerabilities.

But that process started to break down past year. Stenberg's squad was inundated by bogus reports he was convinced were generated by AI. "We sewage 185 reports passim the twelvemonth and little than 5% of them were really information related problems successful the end," Stenberg said.

Even arsenic the study measurement doubled from 2024 to 2025, Stenberg ended up uncovering and fixing less information vulnerabilities. The slop reports sewage truthful bad that Stenberg stopped paying retired bug bounty rewards for his cURL tool.

The hackers that record reports to him are usually anonymous, said Stenberg, and they don't talk whether the reports were made pinch AI. But Stenberg said AI has a chopped penning style. "They thin to beryllium very elaborate and descriptive … You get a 400 statement study [when] it's thing that a quality would return 50 lines to present."

HackerOne, a level that Stenberg uses to negociate information reporting, surveyed hackers successful the summertime of 2025 and recovered that about 60% of respondents were either utilizing AI, learning it, aliases learning to audit AI aliases instrumentality learning systems.

"LLMs person now bypassed quality capacity for bug finding"

Things person changed dramatically this year. The measurement of reports has been moreover higher than successful 2025, but truthful acold Stenberg said, about of them person uncovered morganatic issues. "Almost each the bad [reports] are now gone."

He estimates that about 1 successful 10 of the reports are information vulnerabilities, the remainder are mostly existent bugs. Just 3 months into 2026, the cURL squad Stenberg leads has recovered and fixed much vulnerabilities than each of the erstwhile 2 years.

Aside from reports by outer information researchers, Stenberg besides uses AI to find vulnerabilities himself. With 1 click, AI has flagged complete 100 bugs successful his codification that has gone done rounds of reappraisal by humans and accepted codification analyzers "in almost magical ways."

Stenberg's acquisition is not unique. Maintainers of the Linux kernel person seen a akin alteration successful the value of bug reports. Nicholas Carlini, an Anthropic investigation scientist, was capable to find vulnerabilities successful the Linux kernel utilizing an older Anthropic exemplary and a comparatively elemental prompt. Carlini besides utilized AI to find the first captious vulnerability successful different 20-year-old unfastened root project.

"LLMs person now bypassed quality capacity for bug finding," said Alex Stamos, main information serviceman astatine Corridor, an AI package information company. The summation successful value of the information investigation reports followed the merchandise of Anthropic's exemplary Opus 4.5 successful November, said Stamos, who was antecedently the caput of information astatine Yahoo and Facebook. Since truthful overmuch commercialized package has open-source components, what happens to open-source projects has wider implications for the internet, Stamos said.

Can AI spot the bugs and information vulnerabilities it finds?

Stenberg appreciates that AI models presently disposable to everyone person go much adjuvant successful uncovering bugs, but he's besides wary of what future, much powerful models mightiness bring for developers who support open-source software. "It's an overload of each the maintainers who are already often overloaded and understaffed and underpaid and underfunded successful galore ways."

Stenberg isn't portion of Project Glasswing and says that a batch of captious projects, "things that are really cornerstones of the Internet," person been near out.

Anthropic did not respond to BERITAJA's petition for comment.

But based connected his acquisition truthful far, Stenberg says AI is not arsenic bully astatine fixing bugs and information flaws arsenic it is astatine uncovering them.

Part of the logic is that neither the bugs nor their fixes are cut-and-dry. Like galore different aspects of package development, making the judgement calls takes much clip than really penning the code. "Once we person identified the problem and work together that this is simply a problem, past really fixing it is not very difficult and not very clip consuming. It's much the full process up to that measurement that takes clip and energy," Stenberg said.

Others deliberation differently. A institution called HackerOne is now processing an agentic AI merchandise to much autonomously find— and mend— vulnerabilities.

How does AI facet into the tug of warfare betwixt discourtesy and defense successful cybersecurity?

"Finding bugs is not making the bugs exploitable," Stamos said. "The first portion of what we telephone the termination concatenation is discovering the flaws. The adjacent measurement is… [actually] building the weapon. And the instauration models will not do that for you."

Foundation models are models made by the about precocious AI labs for illustration Anthropic, OpenAI and Google Deepmind. Those labs person put guardrails successful spot to forestall their models from creating package that could beryllium utilized maliciously. These models are highly proprietary and their soul workings aren't public.

But each bets are disconnected erstwhile alleged open-weight models that are much accessible to the nationalist drawback up to those from the about precocious AI labs. Bad actors could make a transcript of them and region the guardrails against malware.

"Then we're successful existent problem because you would beryllium capable to inquire those models to not conscionable find the bugs, but past to create utilization code" that could hack into systems, Stamos said. The about precocious open-weight models are little than a twelvemonth down the about precocious closed-weight models.

"It besides shows really incredibly stupid it is for the Pentagon to opportunity that Anthropic is simply a consequence to the full United States," Stamos added. The Pentagon has labelled Anthropic a "supply concatenation risk" because the institution asked the authorities to not usage its technology for autonomous weapons and wide surveillance. The explanation would barroom authorities agencies and contractors from moving pinch Anthropic. Anthropic is presently disputing the label successful court.

Most of the open-weight models are made by companies based successful China, which the U.S. considers its main rival successful the title towards AI dominance. By not releasing Mythos Preview publicly, Stamos said, Anthropic is giving package developers arsenic good arsenic the U.S. clip to statement up their defenses.