Claude “Mythos” and GPT-5.5-Cyber are described as too dangerous for broad release, with access limited to privileged parties. Hadrian, an offensive security company, shows that commodity LLMs can still boost vulnerability discovery. OpenHack, released under the MIT license, provides agents that perform this kind of vulnerability-finding work. Hadrian’s LLM-assisted research reports hundreds of issues found within hours, attributed to a scenario-based workflow rather than exceptional model power. The approach avoids open-ended single-agent work by charting the attack surface, pairing code sections with AI “experts,” and requiring review and further analysis, including triage by a separate agent. OpenHack can run in existing model harnesses and is model-agnostic.
"Claude “Mythos” and GPT-5.5-Cyber can find vulnerabilities that may have laid undiscovered for years or decades. Only privileged parties can get access for now. Hadrian, an offensive security company based in Amsterdam, is showing that commodity LLMs can boost vulnerability discovery as well. OpenHack, now available under the MIT license, provides a set of agents to do just that."
"Hadrian has gone on to explain that it found hundreds of issues within mere hours, and it wasn't down to some enormously powerful LLM. Instead, the company focused on what it describes as a scenario-based workflow. Rather than simply asking an AI model if it can spot any vulnerabilities in a particular codebase as if one is checking for general writing advice for an article, Hadrian has constructed a scaffolding for finding and reviewing specific, actionable bugs."
"The company seeks to avoid the pitfall of letting a single agent handle open-ended work, while at the same time giving it freedom to explore possible threats. After charting the attack surface and pairing specific sections with an AI-based “expert”, any discovery is met with both review and further analysis, including one done by a separate triage agent."
"OpenHack works in existing model harnesses like Claude Code, Codex or Cursor. Hadrian has already shown what its methodology can do, leaving the tool to improve security postures for whomever wishes to use it. It is also completely model-agno"
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]