Google’s Threat Intelligence Group said it had for the first time caught hackers using AI to discover and exploit a so-called zero-day vulnerability, or a security flaw the software’s developer does not yet know exists and for which no fix is available.
By the way, I feel we still need more info on the entire AI vulnerability scanning. Mozilla and Anthropic have this cooperation and they tell some big numbers.
On the other hand, for example Daniel Stenberg from CURL isn’t impressed: Mythos finds a CURL vulnerability, The Pressure
But I guess we’ll find out anyway. Usually, the truth is somewhere between the extremes and way more complicated than people’d think. But yeah, guess it is a tool for script kiddies and nebulous North Korean hackers.