By rssfeeds-admin 
The GPT-5.2 achieved a 100% success rate across six distinct exploitation scenarios targeting a zero-day vulnerability in the QuickJS JavaScript interpreter. At the same time, Opus 4.5 succeeded in all but two scenarios.
class="wp-block-heading" id="h-experiment-overview-and-results">Experiment Overview and Results
The experiment tasked AI agents with developing exploits for a previously undiscovered QuickJS vulnerability under realistic constraints, including address space layout randomization (ASLR), non-executable memory, fine-grained control flow integrity, and hardware-enforced shadow stacks.
Across 10 runs per model with a 30-million-token budget, the agents generated over 40 distinct working exploits with varying objectives: shell spawning, arbitrary file writes, and command-and-control callbacks.
GPT-5.2 demonstrated particular sophistication when tackling the most restrictive challenge, writing a file to disk under maximum protections, including seccomp sandboxing and stripped operating system functionality.
The model developed a novel seven-function exploit chain through glibc’s exit handler mechanism, bypassing hardware shadow-stack protections and defeating ROP-based approaches.
This solution required 50 million tokens and consumed approximately three hours of computation, costing roughly $50 per agent run.Most challenges are resolved within one hour at relatively modest expense.
A 30-million-token run for Opus 4.5 cost approximately $30 USD, demonstrating that reliable exploit generation remains economically feasible at scale.
The research identifies its most significant implication: offensive cyber capabilities may soon be limited by token throughput rather than by skilled personnel.
Actual industrialization requires two critical components: agents capable of systematic solution-space search within appropriate environments, and automated verification mechanisms without human intervention.
Both conditions appear satisfied for exploit development, where controlled environments and deterministic verification are achievable.However, essential caveats warrant attention.
QuickJS represents an order of magnitude smaller and less complex target than production JavaScript interpreters in Chrome or Firefox. While the results strongly suggest current models can solve these problems, definitive conclusions about larger targets remain speculation.
Additionally, the exploits generated leverage known gaps in existing protections rather than introducing novel defeats of security mechanisms, though the overall exploit chains themselves demonstrate originality.
The researchers hypothesize that post-access hacking tasks, such as lateral movement, persistence, and data exfiltration, present different challenges.
These operations cannot rely entirely on offline solution-space search; agents must operate within adversarial environments where specific actions terminate the entire operation.
The absence of fully automated Site Reliability Engineering platforms may indicate that these adaptive tasks remain beyond current capabilities. However, the evidence remains limited and partially speculative.
Public confirmation of industrialized hacking remains absent, though documented cases exist of threat actors leveraging frontier AI models for attack orchestration.
The research recommends that AI evaluation teams prioritize real-world zero-day assessments against targets such as the Linux kernel and Firefox, moving beyond CTF-based and synthetic vulnerability evaluations to provide meaningful capability assessments.
According to sean.heelan, the study argues that cybersecurity researchers should aggressively test current models against their most challenging exploitation problems, allocating the maximum number of tokens and publishing results regardless of success or failure.
Understanding the actual model’s capabilities against real targets is a critical gap in current security evaluations, with implications that extend across vulnerability research, threat assessment, and defense prioritization.
For defense communities, the timeline for industrialized exploit automation may be considerably shorter than previously assumed, warranting immediate strategic consideration.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.
The post New Study Claims GPT-5.2 Can Reliably Develop Zero-Day Exploits at Scale appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.