Claude Helped a Hacker Find a Way to Issue Tickets to Almost Every US Music Festival

As a security researcher who specializes in finding web vulnerabilities, he decided to poke around Front Gate’s web domain for bugs. He quickly found what looked like a SQL injection vulnerability—a common flaw that allows a hacker to input commands into a text field on a website, causing them to run on the site’s backend … Read more

OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos

As fears about AI hacking capabilities grow, OpenAI on Monday made a slew of cybersecurity-focused announcementsincluding an improved version of its limited-access security-specialized model GPT-5.5-Cyber, expanded international work with governments and other institutions to give them “trusted access” to the company’s latest cybersecurity-focused models, and releasing its Codex Security scanner as an app plug-in. As … Read more

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

I recently witnessed how scary-good artificial intelligence is getting at the human side of computer hacking, when the following message popped up on my laptop screen: Hi Will, I’ve been following your AI Lab newsletter and really appreciate your insights on open-source AI and agent-based learning—especially your recent piece on emergent behaviors in multi-agent systems. … Read more

AI Tools Are Helping Mediocre North Korean Hackers Steal Millions

The advent of AI hacking tools has raised fears of a near future in which anyone can use automated tools to dig up exploitable vulnerabilities in any piece of software, like a kind of digital intrusion superpower. Here in the present, however, AI seems to be playing a more mundane, if still concerning, role in … Read more

Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything

Following leaked revelations at the end of March that Anthropic had developed a powerful new Claude model, the company formally declared Mythos Preview on Tuesday along with news of an industry consortium it has convened, known as Project Glasswing, to grapple with the cybersecurity implications of the new model and advancing capabilities more generally across … Read more