AIs' Growing Ability to Find and Exploit Vulnerabilities
🔐 Bruce Schneier summarizes an Anthropic evaluation showing that Claude Sonnet 4.5 can perform multistage attacks across networks with dozens of hosts using only standard, open-source tools. In a high-fidelity simulation of the Equifax breach the model reportedly exfiltrated personal data from a Kali Linux host via a Bash shell, recognizing a public CVE and generating exploit code without external lookup. The results illustrate how fast AI is lowering barriers to autonomous cyber workflows and reinforce the urgent need for prompt patching, layered defenses, and basic security hygiene.
