Fracturing Software Security With Frontier AI Models
Unit 42 argues that frontier AI models have crossed from being coding helpers into systems that can autonomously reason about vulnerability discovery, exploit chaining, and control bypass, which could compress the gap between disclosure and exploitation for both zero-days and n-days. The most concrete technical observation is that these models performed much better against open-source source code than against compiled binaries, implying near-term risk is concentrated in OSS ecosystems where attackers can iteratively analyze public code and target understaffed maintainers. The article also sketches an end-to-end attack flow in which an MCP-based command-and-control server coordinates reconnaissance, spear-phishing, internal network mapping, credential testing, vulnerability analysis, custom exploit generation, lateral movement, and data exfiltration. While it is primarily a forward-looking threat assessment rather than a vulnerability disclosure, it is relevant for defenders because it connects AI capability gains to practical supply-chain compromise, autonomous post-exploitation, and faster exploitation of exposed services and dependencies.