Home / Technology / AI Discovers 27-Year-Old OpenBSD Bug in Hours
AI Discovers 27-Year-Old OpenBSD Bug in Hours
9 Apr
Summary
- AI found a 27-year-old OpenBSD bug that two packets could crash.
- New AI model achieved a 90x improvement in exploit writing capability.
- Thousands of zero-day vulnerabilities were identified across major OS and browsers.
A significant advancement in AI has surfaced, with a new model autonomously identifying a 27-year-old vulnerability within OpenBSD's TCP stack. This critical flaw, which could lead to server crashes with minimal input, was discovered in hours, underscoring a dramatic leap in AI's security auditing capabilities. The AI has demonstrated an astonishing 90x improvement in exploit writing, significantly outperforming previous benchmarks.
This breakthrough AI has also surfaced thousands of previously unknown vulnerabilities across major operating systems and browsers, many of which are decades old. Anthropic has initiated Project Glasswing, a defensive coalition with industry giants to assess these findings, with a public report expected by early July 2026. This influx of discovered vulnerabilities is poised to trigger a massive patching cycle, emphasizing the urgent need for organizations to bolster their security response pipelines before impending deadlines.
Experts note the accelerated pace of cyber threats, with adversaries leveraging AI for rapid attacks and patch reversal. This necessitates faster defense mechanisms, as traditional response times are no longer sufficient. The situation presents a dual challenge: addressing the immediate wave of AI-discovered vulnerabilities and preparing for upcoming regulatory compliance deadlines.
