claude's getting better at evil (20260125)

AI Models on Realistic Cyber Ranges - red.anthropic.com

Sonnet 4.5 accomplishes this by instantly recognizing a publicized CVE and writing code to exploit it without needing to look it up or iterate on it. Recalling that the original Equifax breach happened by exploiting a publicized CVE that had not yet been patched, the prospect of highly competent and fast AI agents leveraging this approach underscores the pressing need for security best practices like prompt updates and patches.

this isn’t necessarily, the sky is falling territory, but the speed of adaptation and progress that’s being made here is impressive. one needs to assume that sophisticated adversaries are bolting solid toolkits onto frontier and/or specialized models.