Breaking
Trump's War Promise Evaporates as He Claims No Guarantee Was Ever Made Trump's High-Wire Act: One Day Away From Middle East Blowup Meta Reveals NSO Spyware Ring Striking WhatsApp Again Trump Team Targets Legal Immigrants for Citizenship Revocation AI Can Now Build Working Exploits From Public Patches in Minutes Trump's War Promise Evaporates as He Claims No Guarantee Was Ever Made Trump's High-Wire Act: One Day Away From Middle East Blowup Meta Reveals NSO Spyware Ring Striking WhatsApp Again Trump Team Targets Legal Immigrants for Citizenship Revocation AI Can Now Build Working Exploits From Public Patches in Minutes
General News

AI Can Now Build Working Exploits From Public Patches in Minutes

James Rodriguez 0 comments 6 min read
AI Can Now Build Working Exploits From Public Patches in Minutes

Anthropic's latest research reveals a startling acceleration in how quickly artificial intelligence can weaponize known software vulnerabilities. The company's Mythos model transformed newly disclosed security flaws into functional exploits in a fraction of the time it would take human attackers, raising fresh alarm about a shrinking window for defenders to patch their systems.

In testing against real-world vulnerabilities, Mythos generated a working proof-of-concept exploit for a Windows kernel flaw in just 31 minutes. The model succeeded in crafting exploits for 18 out of 21 kernel bugs tested, inducing the infamous blue screen of death in each case. On Firefox, the results were similarly troubling: Mythos built eight distinct code-execution exploits from 18 public security patches.

The speed matters enormously. Today's cyber landscape is dominated by attackers who target vulnerabilities that organizations have not yet patched, sometimes months after a fix becomes available. Installing updates sounds simple but often requires extensive testing to prevent system crashes and typically demands downtime that businesses resist scheduling. That lag between disclosure and deployment has always been dangerous. It just got more dangerous.

The longest exploit Mythos produced took roughly 5.7 hours to complete. The shortest materialized in under an hour. Anthropic estimates the cost of generating these Windows privilege-escalation exploits at roughly $15,700 in API credits, or about $2,000 per exploit. That price point is low enough to be accessible to a broad range of adversaries.

This capability is not unique to Mythos. Anthropic's research notes that some open-source models are already operating at similar levels, as is OpenAI's GPT-5.5-Cyber. The race to build more capable AI is inadvertently accelerating the timeline for weaponizing known flaws.

The concern has caught attention in Washington. The Trump administration is currently implementing a new AI security executive order designed to assess national security risks from increasingly powerful models. The government's focus on AI capability has long centered on what models might discover independently. This research suggests the real-world threat may be just as acute from what models can do with information the world already knows.

Author James Rodriguez: "If an AI can turn a public patch into a working exploit in 31 minutes, the patch gap just became a patch death trap."

Comments