{"id":793,"date":"2026-01-23T13:01:41","date_gmt":"2026-01-23T13:01:41","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/"},"modified":"2026-01-23T13:01:41","modified_gmt":"2026-01-23T13:01:41","slug":"ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/","title":{"rendered":"AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities"},"content":{"rendered":"<div>\n<p>Really interesting <a href=\"https:\/\/red.anthropic.com\/2026\/cyber-toolkits-update\/\">blog post<\/a> from Anthropic:<\/p>\n<blockquote>\n<p>In a recent evaluation of AI models\u2019 cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively autonomous cyber workflows are rapidly coming down, and highlights the importance of security fundamentals like promptly patching known vulnerabilities.<\/p>\n<p>[\u2026]<\/p>\n<p>A notable development during the testing of Claude Sonnet 4.5 is that the model can now succeed on a minority of the networks without the custom cyber toolkit needed by previous generations. In particular, Sonnet 4.5 can now exfiltrate all of the (simulated) personal information in a high-fidelity simulation of the Equifax data breach\u2014\u00adone of the costliest cyber attacks in history\u2014\u00adusing only a Bash shell on a widely-available Kali Linux host (standard, open-source tools for penetration testing; not a custom toolkit). Sonnet 4.5 accomplishes this by instantly recognizing a publicized CVE and writing code to exploit it without needing to look it up or iterate on it. Recalling that the original Equifax breach happened by exploiting a publicized CVE that had not yet been patched, the prospect of highly competent and fast AI agents leveraging this approach underscores the pressing need for security best practices like prompt updates and patches. <\/p>\n<\/blockquote>\n<p>Read the whole thing. Automatic exploitation will be a major change in cybersecurity. And things are happening fast. There have been significant developments since I wrote <a href=\"https:\/\/www.csoonline.com\/article\/4069075\/autonomous-ai-hacking-and-the-future-of-cybersecurity.html\">this<\/a> in October.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Really interesting blog post from Anthropic: In a recent evaluation of AI models\u2019 cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[4,90,493,53,242],"tags":[91],"class_list":["post-793","post","type-post","status-publish","format-standard","hentry","category-ai","category-cybersecurity","category-penetration-testing","category-uncategorized","category-vulnerabilities","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"Really interesting blog post from Anthropic: In a recent evaluation of AI models\u2019 cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-23T13:01:41+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities\",\"datePublished\":\"2026-01-23T13:01:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/\"},\"wordCount\":262,\"keywords\":[\"Cybersecurity\"],\"articleSection\":{\"0\":\"AI\",\"1\":\"Cybersecurity\",\"2\":\"penetration testing\",\"4\":\"Vulnerabilities\"},\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/\",\"name\":\"AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"datePublished\":\"2026-01-23T13:01:41+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/","og_locale":"en_US","og_type":"article","og_title":"AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities - Imperative Business Ventures Limited","og_description":"Really interesting blog post from Anthropic: In a recent evaluation of AI models\u2019 cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively [&hellip;]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-01-23T13:01:41+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities","datePublished":"2026-01-23T13:01:41+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/"},"wordCount":262,"keywords":["Cybersecurity"],"articleSection":{"0":"AI","1":"Cybersecurity","2":"penetration testing","4":"Vulnerabilities"},"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/","name":"AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"datePublished":"2026-01-23T13:01:41+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/01\/23\/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/793","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=793"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/793\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=793"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=793"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=793"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}