Claude finds zero‑days live

A recent demonstration of Anthropic’s Claude, a large language model, has showcased its potential to revolutionize cybersecurity by identifying critical vulnerabilities in real-time. During the demo, Claude detected a blind SQL injection vulnerability in Ghost, a popular open-source content management system with over 50,000 stars on GitHub. Additionally, the model surfaced previously undisclosed issues in the Linux kernel, highlighting its ability to navigate complex codebases and pinpoint security flaws that could be exploited by malicious actors. (x.com) This display of AI-driven penetration testing, often referred to as pentesting, marks a significant advancement in how vulnerabilities—commonly known as zero-days when undisclosed—can be discovered. Blind SQL injection, the type of flaw found in Ghost, is a subtle attack vector that allows hackers to extract data from a database by manipulating queries without direct feedback, making it notoriously hard to detect manually. Claude’s ability to identify such issues autonomously suggests that AI could drastically reduce the time and expertise required for vulnerability hunting, a process that typically demands highly skilled professionals and extensive manual analysis. (owasp.org) The implications of this capability extend beyond individual projects to the broader software ecosystem. Ghost, used by thousands of websites for blogging and publishing, represents just one example of widely adopted open-source software that could harbor hidden flaws. Meanwhile, the Linux kernel, which underpins countless servers, devices, and operating systems globally, is a critical piece of infrastructure where undiscovered vulnerabilities could have catastrophic consequences. Claude’s findings in these contexts underscore the potential for AI to act as a force multiplier in securing foundational technologies. (ghost.org, kernel.org) Institutional responses to this development are still emerging, but cybersecurity experts and organizations are taking note. Anthropic, the developer behind Claude, has not yet detailed whether these capabilities will be integrated into public tools or reserved for controlled environments, though the demo has sparked discussions about ethical boundaries. There are concerns that such powerful AI-driven exploit discovery could be misused if accessed by malicious actors, prompting calls for strict access controls and oversight. The cybersecurity community is also debating whether AI models like Claude should be required to report discovered vulnerabilities directly to project maintainers or through coordinated disclosure programs. (anthropic.com) Looking ahead, the role of AI in security research is poised to grow, with potential applications in automated bug bounties, real-time threat detection, and even preemptive patching. However, the Ghost and Linux kernel findings are likely just the beginning, as researchers and companies explore how to balance the benefits of AI-driven pentesting with the risks of misuse. In the near term, Anthropic and other AI developers may face pressure to collaborate with open-source communities and security organizations to ensure vulnerabilities are addressed responsibly. Updates on Claude’s specific findings and whether they have been patched in Ghost or the Linux kernel are expected in the coming weeks. (bugcrowd.com) The broader question of regulation also looms large. Governments and industry bodies may soon weigh in on how AI tools capable of live exploit discovery should be governed, especially as nation-state actors and cybercriminals could leverage similar technologies for espionage or attacks. For now, Claude’s demo serves as a wake-up call, illustrating both the promise and peril of AI in the rapidly evolving landscape of cybersecurity. (cisa.gov)