It’s an exciting, yet challenging, time in the world of cybersecurity. With the advent of more powerful AI models like Anthropic’s Mythos and OpenAI’s Daybreak, we’re seeing a dramatic shift in how vulnerabilities are discovered and reported. This technological leap, while promising, is also creating a bit of a chaotic scene, especially for bug bounty programs – those initiatives that reward people for finding flaws in software.
Imagine a floodgate opening. That’s essentially what’s happening. AI tools, even the older “frontier models” and readily available open-source ones, have turbocharged the volume of bug reports flowing into companies and onto bounty platforms. GitHub, a massive online hub for code, is a prime example. They’ve noticed such a significant surge in AI-assisted submissions over the past year that they’re actually having to redefine what a “complete” bug report even looks like.
While more eyes (or rather, more AI brains) on security is generally a good thing, this influx isn’t without its headaches. Many of these AI-generated reports arrive without solid proof, relying on far-fetched attack scenarios, or highlighting issues that have already been deemed irrelevant. Jarom Brown, a senior product security engineer at GitHub, sums it up perfectly: “This isn’t unique to GitHub.” He points out that bug bounty programs across the entire industry are grappling with this same problem, and some have even thrown in the towel entirely.
GitHub, however, isn’t looking to ban AI from the bug-hunting game. Brown sees AI as a “force multiplier” for security when used correctly. The core issue isn’t AI itself, but rather the quality of the reports it generates and how those are then presented. It’s incredibly easy now to use AI to conjure up theoretical bugs. What companies really need, though, is for researchers to take that crucial extra step: to confirm that the discoveries are genuine and that these potential flaws could actually be exploited in the real world. As Brown emphasizes, “What we need is the same standard we’ve always expected: validation.” An AI-assisted finding that’s been properly verified, reproduced, and submitted with a working proof-of-concept is a winner. But a raw, unvalidated AI output, without any real-world testing or demonstrated impact, is simply not helpful.
Grant Bourzikas, the chief security officer at Cloudflare, echoes these sentiments, noting that verifying bugs and demonstrating their exploitability has always been one of the toughest parts of vulnerability research. He states that AI vulnerability scanners and code have “made it worse.” He points to programming languages like C and C++, which are susceptible to a range of exploits like “buffer overflows” that don’t exist in “memory-safe” languages such as Rust. AI tools scanning software written in these less secure languages are much more prone to generating “false positives” – essentially, crying wolf when there’s no real threat.
A significant weakness of AI tools in this context is their inherent design to deliver what the user asks for, even if it’s not truly there. This often results in bug reports filled with speculation and qualifiers, making them a nightmare to sort through. Bourzikas candidly describes this as “a reasonable bias for an exploratory tool” but “a ruinous one for a triage queue.” Every speculative finding demands human attention and resources to dismiss, and with thousands of such findings, the cost quickly mounts.
Cloudflare recently put Mythos to the test, scanning 50 of their own code repositories for exploits. Bourzikas describes Mythos as a “different kind of tool doing a different kind of work” compared to other advanced AI models. He observed notable progress in Mythos’s ability to reduce false positives, specifically highlighting two capabilities that set it apart: its capacity to chain exploits together and its ability to generate its own proof-of-concept code to confirm exploitability. While older models could often spot similar bugs, they frequently struggled to devise effective exploitation methods or demonstrate real-world impact. This suggests that newer AI models are indeed making strides in practical application, not just theoretical identification.
However, not everyone is entirely convinced that the gap in bug-hunting capabilities between the latest AI models and older ones, or even currently available open-source models, is as vast as some claim. Daniel Stenberg, the lead developer for curl, a globally used open-source file transfer tool, recently shared his experience with Mythos. Like many others, he’s seen a surge in AI-fueled bug reports over the past year. But he notes that the deluge of low-quality reports has significantly decreased since March as these AI models have improved.
Curl, being a mature and well-vetted piece of software (Stenberg estimates each line of code has been rewritten or altered at least four times), provided a unique testing ground for Mythos. This specific model was reportedly so powerful that Anthropic initially opted not to release it publicly. After gaining access, Stenberg received the results of a Mythos scan on 178,000 lines of curl code. The scan flagged five “confirmed” vulnerabilities. However, human researchers later determined that four of these were false positives or had no actual security impact. The sole remaining bug Mythos found was a low-severity flaw, which was already slated for a fix in a regular June update.
Despite acknowledging AI’s general positive impact on cybersecurity, Stenberg concluded that, for all the hype surrounding Mythos, it was only “a bit better” than previously released models. He frankly stated that his personal conclusion was that “the big hype around this model so far was primarily marketing.” He found no concrete evidence that Mythos discovered issues to a “particular higher or more advanced degree than the other tools have done before Mythos.” This grounded perspective serves as a crucial reminder that while AI is undeniably a powerful tool, it’s not a magic bullet, and human expertise remains indispensable in sifting through its output to identify truly impactful vulnerabilities.