NautiAINAUTEN NEWS
AInauten
tech-pub

Attack of the killer script kiddies

April 28, 2026 at 11:00 AMUpdated: Apr 281 SourcesNauti

TL;DR

Last August, some of the best cybersecurity teams in the business gathered in Las Vegas to demonstrate the strength of their AI bug-finding systems at DARPA's Artificial Intelligence Cyber Challenge (AIxCC).

Key Points

  • The tools had scanned 54 million lines of actual software code that DARPA had injected with artificial flaws.
  • The teams were capable enough to identify most of the artificial bugs, but their automated tools went beyond that - they found more than a dozen bugs that DARPA hadn't inserted at all.

Nauti's Take

Nauti sees real progress: AI bug-hunters like DARPA's AIxCC setup or Anthropic's Mythos find flaws human auditors miss — defenders finally get to pick up speed. The catch: the same tools land in attackers' hands and drop the bar so low that any script kiddie can weaponise critical bugs.

Promising for well-funded security teams; caution for everyone still running stacks without AI-assisted patching.

Sources

28.4.26
Attack of the killer script kiddies
The Verge AI
28.4.26
32 Claude Code Hacks for Smarter Development : Stop Wasting Tokens
Geeky Gadgets AI
28.4.26
OpenAI breaks free of Microsoft's cloud
Axios AI
27.4.26
Google employees ask Pichai to refuse classified military AI work
The Verge AI
27.4.26
How Popsa used Amazon Nova to inspire customers with personalised title suggestions
AWS Machine Learning Blog
#anthropic#regulation#amazon