AI Models Advance Rapidly in Vulnerability Research
▼ Summary
– Non-public frontier AI models like Claude Mythos and commercial models are both advancing in discovering software vulnerabilities.
– Forescout’s testing shows significant improvement, with all tested models now completing vulnerability research and half autonomously generating working exploits.
– The most capable models, such as Claude Opus 4.6, can find and exploit vulnerabilities with simple prompts, lowering the barrier for inexperienced attackers.
– During testing, researchers used AI frameworks like RAPTOR to discover new zero-day vulnerabilities in widely deployed software like OpenNDS.
– While top commercial models are expensive, open-source alternatives offer a low-cost option, leading to a strategy of using different models based on task and cost.
The landscape of vulnerability research is being reshaped by artificial intelligence, with both proprietary and commercial models demonstrating a rapidly growing ability to find and exploit software flaws. A recent study by Forescout’s Verde Labs highlights this dramatic shift. Just last year, a majority of AI models struggled with basic vulnerability research, and nearly all failed at creating functional exploits. Today, the picture is starkly different. The firm’s 2026 testing of 50 models, spanning commercial, open-source, and underground variants, found that all can now complete vulnerability research tasks, with half capable of autonomously generating working exploits.
This evolution significantly lowers the barrier to entry for cyber threats. The most capable models tested, Claude Opus 4.6 and Kimi K2.5, can now identify and weaponize vulnerabilities using simple prompts, a capability that was once the domain of highly skilled security researchers. This makes sophisticated attack techniques accessible to a much wider, and potentially less experienced, pool of malicious actors. Rik Ferguson, VP of Security Intelligence at Forescout, noted that these widely available models are now exceeding human capability in this specific domain, though he acknowledged they may not yet operate at the unprecedented scale and speed of non-public frontier models like Anthropic’s Claude Mythos.
The practical impact of these tools was demonstrated during Forescout’s own research. Using a combination of single prompts, the open-source RAPTOR agentic framework, and custom extensions, the team discovered four previously unknown zero-day vulnerabilities in the widely deployed OpenNDS software. Notably, one of these flaws was in code that researchers had already manually reviewed and missed, underscoring AI’s potential to uncover what humans overlook. The RAPTOR framework itself is designed as a versatile tool for both offensive and defensive cybersecurity research.
While top-tier commercial models like Claude Opus 4.6 deliver the best performance, their high cost, up to $25 per million output tokens, remains a factor. This has given rise to a pragmatic, tiered approach to using AI for vulnerability discovery. Open-source alternatives like DeepSeek 3.2 can handle fundamental tasks for a fraction of the price, with test runs costing less than seventy cents. For organizations and threat actors alike, the strategy is becoming clear, use different models based on the complexity of the task and the associated cost.
The implications for cybersecurity are profound. If research teams using publicly available models can uncover new zero-days, and larger initiatives like Project Glasswing can surface thousands of flaws in critical systems, then organizations must operate under a new assumption. They should presume that their environments contain unknown vulnerabilities that AI-powered tools will eventually find. The question is no longer if these flaws will be discovered, but by whom, and for what purpose. This reality demands a proactive and adaptive security posture focused on resilience and rapid response, as the tools for both attack and defense become more powerful and democratized.
(Source: Infosecurity Magazine)
