"The AI upstart didn't use the attack it found, which would have been an illegal act that would also undermine the company's we-try-harder image. Anthropic can probably also do without $4.6 million, a sum that would vanish as a rounding error amid the billions it's spending. But it could have done so, as described by the company's security scholars. And that's intended to be a warning to anyone who remains blasé about the security implications of increasingly capable AI models."
"Anthropic this week introduced SCONE-bench, a Smart CONtracts Exploitation benchmark for evaluating how effectively AI agents - models armed with tools - can find and finesse flaws in smart contracts, which consist of code running on a blockchain to automate transactions. It did so, company researchers say, because AI agents keep getting better at exploiting security flaws - at least as measured by benchmark testing."
"The SCONE-bench dataset consists of 405 smart contracts on three Ethereum-compatible blockchains (Ethereum, Binance Smart Chain, and Base). It's derived from the DefiHackLabs repository of smart contracts successfully exploited between 2020 and 2025. Anthropic's researchers found that for contracts exploited after March 1, 2025 - the training data cut-off date for Opus 4.5 - Claude Opus 4.5, Claude Sonnet 4.5, and OpenAI's GPT-5 emitted exploit code worth $4.6 million."
Anthropic introduced SCONE-bench, a Smart CONtracts Exploitation benchmark to evaluate how effectively AI agents can find and exploit flaws in blockchain smart contracts. The SCONE-bench dataset includes 405 smart contracts from Ethereum, Binance Smart Chain, and Base drawn from the DefiHackLabs repository of exploits between 2020 and 2025. Researchers reported that Claude Opus 4.5, Claude Sonnet 4.5, and OpenAI's GPT-5 emitted exploit code worth $4.6 million for contracts exploited after March 1, 2025. Researchers observed simulated exploit revenue roughly doubling every 1.3 months and argue existing cybersecurity tests fail to capture AI-driven financial risks. Researchers also tested Sonnet 4.5 and GPT-5 in simulations against 2,849 recently deployed contracts.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]