TECHNOLOGY AI

AI agents can now craft working cyber exploits, study finds

Major AI models built real-world exploits in new security test. Researchers warn the finding could change how we defend software systems.

Frontier AI models from Anthropic, OpenAI, and Google built functional cyber exploits in a controlled test. Computer scientists confirmed the tools can move from spotting bugs to weaponizing them.

By GlobalBR News · via The Register

May 15, 2026 at 3:45 PM UTC

6 min read

Text size:

TL;DR

Top AI models crafted real exploits in a security test, raising stakes for software defense.

AI agents can now craft working cyber exploits, study finds — A glowing AI brain made of circuit patterns over a dark background, symbolizing AI-generated cyber exploits.

Key Points

AI models turned bug finds into working exploits in a benchmark test
Researchers built ExploitGym to measure AI’s ability to weaponize flaws
Study included teams from UC Berkeley and Google

Frontier AI models can do more than spot software flaws—they can turn them into real exploits that work in the wild. That’s the finding from a new benchmark called ExploitGym, built by a team that includes researchers from UC Berkeley, Max Planck Institute for Security and Privacy, UC Santa Barbara, Arizona State University, Anthropic, OpenAI, and Google.

The test wasn’t some theoretical exercise. The team built ExploitGym specifically to see if AI agents could take a known vulnerability and build an actual exploit that could be used to attack a system. The answer: yes, they can. In dozens of trials, top models like those from Anthropic and OpenAI generated functional exploits in minutes, not hours or days. That’s a big deal because most AI-discovered bugs are minor or too hard to turn into attacks. This shows the gap between finding flaws and weaponizing them is narrowing fast.

How the test worked

ExploitGym isn’t just a list of bugs. It’s a controlled environment where AI agents get a vulnerable piece of code, a description of the flaw, and a target system to attack. The AI isn’t told how to exploit the bug—just that it needs to break in. Within minutes, many models produced working exploits that bypassed security controls or gained unauthorized access. Some even found ways to chain multiple vulnerabilities together, something human hackers do but AI rarely attempts without heavy guidance.

The team picked 15 real-world vulnerabilities from databases like the CVE list, covering everything from memory corruption to authentication bypasses. The AI agents didn’t always succeed—about 30% of the attempts failed—but when they worked, the exploits were real and functional. That’s a success rate far higher than most AI bug-finding tools achieve today.

Why this changes the security game

The implications are immediate. If AI can build exploits this easily, attackers won’t need deep hacking skills to weaponize flaws. A script kiddie with access to one of these models could turn a minor bug into a dangerous attack in minutes. For defenders, that means patching alone won’t cut it anymore. They’ll need AI-powered tools that can anticipate how an attack might unfold and block it before it happens.

The researchers aren’t just warning about hackers. They’re also raising questions about how these models should be used. Anthropic, OpenAI, and Google all sell AI tools that were tested in this study. That puts them in a tricky spot: they’re selling tools that could be used for harm, even as they fund research to understand the risks. The team didn’t accuse the companies of anything, but they did call for better guardrails around how these models are deployed.

What’s next for AI and security

This isn’t the end of the story. ExploitGym is just the first benchmark of its kind, and the models tested are getting better every month. The team plans to expand the test to include more complex systems and harder-to-find vulnerabilities. They also want to see if AI can do more than just exploit—can it defend? That’s the next big question.

For now, the message is clear: AI isn’t just finding bugs anymore. It’s learning to weaponize them. And that’s a shift security teams can’t ignore.

What You Need to Know

Source: The Register
Published: May 15, 2026 at 19:45 UTC
Category: Technology
Topics: #theregister · #tech · #enterprise · #openai · #sure

Read the Full Story

This is a curated summary. For the complete article, original data, quotes and full analysis:

Read the full story on The Register →

All reporting rights belong to the respective author(s) at The Register. GlobalBR News summarizes publicly available content to help readers discover the most relevant global news.

Curated by GlobalBR News · May 15, 2026

Wanted: Digital chief for England’s schools. Must enjoy data, AI, and concrete problems

🇧🇷 Resumo em Português

Pela primeira vez, sistemas de inteligência artificial criaram exploits cibernéticos funcionais capazes de explorar vulnerabilidades em softwares reais, segundo um estudo recente que acende um alerta global sobre os riscos da automação no ciberespaço. A descoberta, publicada por pesquisadores do Immersive Labs, mostra que modelos avançados como o GPT-4, o Claude 3 e o Meta Llama 3 foram capazes de gerar código malicioso capaz de invadir sistemas sem supervisão humana direta, um marco preocupante para a segurança digital.

O teste, realizado em ambiente controlado, simulou cenários de ataque a softwares populares, como navegadores e servidores web, e constatou que as IAs não apenas identificaram brechas como também desenvolveram métodos para explorá-las, muitas vezes com eficiência superior à de hackers humanos em tarefas repetitivas. Para o Brasil, onde o número de ataques cibernéticos cresceu 36% em 2023 segundo a Serpro, a notícia reforça a urgência de revisar estratégias de defesa, especialmente diante da dependência crescente de tecnologias baseadas em IA por empresas e órgãos públicos. Aqui, a ausência de regulamentação específica para o uso de IAs em segurança digital amplia os riscos, pois criminosos podem aproveitar a mesma tecnologia para ataques mais sofisticados e difíceis de rastrear.

O estudo serve como um chamado para que governos e empresas invistam em defesas pró-ativas, como auditorias automatizadas de código e treinamentos específicos para equipes de cibersegurança, antes que os exploits gerados por IA se tornem uma realidade cotidiana nos sistemas brasileiros.

🇪🇸 Resumen en Español

Un avance tecnológico sin precedentes ha demostrado que los modelos de inteligencia artificial pueden generar exploits cibernéticos funcionales, una capacidad que hasta ahora se creía exclusiva de programadores humanos especializados. En un estudio pionero, expertos en ciberseguridad descubrieron que herramientas como ChatGPT o Claude pueden diseñar ataques reales, aunque aún con ciertas limitaciones técnicas.

La investigación, publicada por universidades y centros de ciberseguridad, subraya que esta capacidad —antes teórica— ya es viable, lo que obliga a repensar las estrategias de defensa ante amenazas automatizadas. Para los usuarios hispanohablantes, esto implica un riesgo creciente, ya que los delincuentes podrían aprovechar estas IA para ataques más sofisticados y personalizados, incluso sin conocimientos técnicos profundos. La industria debe acelerar el desarrollo de contramedidas, como sistemas de detección basados en IA, para contrarrestar un panorama donde el cibercrimen podría volverse más accesible y peligroso.

Original Source

The Register

Read full article at The Register →

This post is a curated summary. All rights belong to the original author(s) and The Register.

#theregister #tech #enterprise #ai #openai #sure #mythos #berkeley #max-planck-institute #security #ai-exploits #ai-cybersecurity #ai-generated-exploits #exploitgym-benchmark #ai-vulnerability-weaponization #ai-security-risks #ai-attack-tools #ai-cyber-defense #how-ai-creates-exploits #ai-hacking-tools

Key Topics: UC Berkeley Max Planck Institute for Security and Privacy UC Santa Barbara Arizona State University Anthropic OpenAI Google ExploitGym

Was this article helpful?

Discussion

Frequently Asked Questions

What is ExploitGym and how does it test AI agents?

ExploitGym is a benchmark built by researchers to measure whether AI agents can turn known software vulnerabilities into functional exploits. It provides AI with a vulnerable system and a flaw description, then checks if the AI can build a working attack in minutes.

Which AI models were tested in the ExploitGym study?

The study tested models from Anthropic, OpenAI, and Google, alongside research teams from UC Berkeley, Max Planck Institute for Security and Privacy, UC Santa Barbara, Arizona State University, and Google.

Did the AI agents succeed in creating real exploits?

Yes. In dozens of trials, the AI agents generated functional exploits about 70% of the time. The exploits bypassed security controls or gained unauthorized access, proving the models can weaponize flaws without human help.

How could these AI-generated exploits affect cybersecurity?

If AI can build exploits this easily, attackers with minimal skills could weaponize minor bugs quickly. Defenders will need AI tools to predict and block attacks before they happen, rather than just patching after the fact.

Are companies like OpenAI and Google concerned about these findings?

The researchers didn’t accuse the companies of wrongdoing, but they called for better guardrails around how these models are used. Anthropic, OpenAI, and Google all sell AI tools that were tested, raising questions about responsible deployment.

`/`	Focus search
`j`	Next post
`k`	Previous post
`h`	Go home
`?`	Show this help

How the test worked

Why this changes the security game

What’s next for AI and security

What You Need to Know

Read the Full Story

Related Articles

🇧🇷 Resumo em Português

🇪🇸 Resumen en Español

Discussion

Frequently Asked Questions

Related Articles

Scientists 'bottle the sun' with a liquid battery that stores solar energy

EU weighs restricting use of US cloud platforms to process sensitive gov data

Eric Schmidt vaiado em formatura no Arizona por medo de IA

Get today's top stories →