AI researchers at UC Berkeley tested how well the latest AI models and agents could find vulnerabilities in 188 large open source codebases. Using a new benchmark called CyberGym, the AI models identified 17 new bugs including 15 previously unknown, or 'zero-day,' ones. 'Many of these vulnerabilities are critical,' says Dawn Song, a professor at UC Berkeley who led the work. Many experts expect AI models to become formidable cybersecurity weapons. An AI tool from startup Xbow currently has crept up the ranks of HackerOne's leaderboard for bug hunting and currently sits in top place. The company recently announced $75 million in new funding. Song says that the coding skills of the latest AI models combined with improving reasoning abilities are starting to change the cybersecurity landscape. 'This is a pivotal moment,' she says. 'It actually exceeded our general expectations.' As the models continue to improve they will automate the process of both discovering and exploiting security...
learn more
