Vlad Ionescu i Ariel Herbert-Voss, co-founders of a cybersecurity startup RunSybilwere momentarily confused when their AI tool, Sybil, alerted them to weaknesses in the client’s systems last November.
Sybil uses a mix of different artificial intelligence models – as well as some proprietary technical tricks – to scan computer systems for problems that hackers can exploit, such as an unpatched server or a misconfigured database.
In this case, Sybil flagged problem with the federated customer’s adoption of GraphQL, a language used to define how data is accessed on the Internet via application programming interfaces (APIs). The problem meant that the client had inadvertently revealed confidential information.
What surprised Ionescu and Herbert-Vos was that spotting the problem required an extremely deep understanding of several different systems and how those systems interact. RunSybil says it has since found the same issue in other GraphQL implementations before anyone made the news public. “We searched the Internet and found out it didn’t exist,” says Herbert-Voss. “Discovering this was a step in reasoning in terms of model capabilities – a step change.”
The situation indicates increasing risk. As AI models become smarter, their ability to find zero-day bugs and other vulnerabilities also increases. The same intelligence that can be used to detect vulnerabilities can also be used to exploit them.
Song in the morningA computer scientist at the University of California, Berkeley, who specializes in both artificial intelligence and security, says recent advances in artificial intelligence have created models that are better at detecting flaws. Simulated reasoning, which involves breaking problems down into component parts, and agent-based AI, such as searching the web or installing and running software tools, have enhanced the cyber capabilities of models.
“Over the last few months, the cybersecurity capabilities of border models have increased dramatically,” he says. “This is a turning point.”
Last year, Song co-created a benchmark called CyberGym to determine how well huge language models find vulnerabilities in huge open source software projects. CyberGym contains 1,507 known vulnerabilities found in 188 projects.
In July 2025, Anthropic’s Claude Sonnet 4 found approximately 20 percent of the vulnerabilities in its benchmark. By October 2025, the novel model, Claude Sonnet 4.5, was able to identify 30%. “AI agents can find zero days and do so at very low cost,” says Song.
Song says this trend shows the need for novel countermeasures, including the apply of artificial intelligence to assist cybersecurity experts. “We need to think about how AI will be more helpful on the defense side, and consider different approaches,” he says.
One idea is to make models available to pioneering AI companies to security researchers before they go to market, so they can apply them to find bugs and secure systems before general release.
Another remedy, says Song, is to rethink how software is developed in the first place. Her lab showed that it is possible to apply artificial intelligence to generate code that is more secure than what most programmers currently apply. “We think that in the long run, this safe design approach will really help defenders,” says Song.
The RunSybil team says that AI model coding skills could mean an advantage for hackers in the near future. “Artificial intelligence can generate actions on a computer and generate code, which are two things that hackers do,” says Herbert-Voss. “If these capabilities accelerate, that means offensive security activities will accelerate as well.”
This is the release Will Knight AI Lab Newsletter. Read previous newsletters Here.