LLM's and vulnerabilities
So the latest LLMs are better at exploiting one-day vulnerabilities according to a study. Much better at exploiting than finding. 87% success rate if the CVE has a description. That drops to 7% if there is no description.
GPT-4 nutzte 87 Prozent bereitgestellter One-Day-Vulnerabilities aus
Eine neue Studie zeigt auf, dass große Sprachmodelle (LLMs) wie GPT-4 One-Day-Vulnerabilities autonom ausnutzen können.
Antonia Frank
Excellent, just brill…
There’s going to be a better and quicker ROI for the nefarious folk before anyone else at this rate.
Just throw the link into a translator if you don’t have German. The study is in English
LLM Agents can Autonomously Exploit One-day Vulnerabilities