Researchers Newton Cheng, Keane Lucas, Winnie Xiao, Nicholas Carlini, and Milad Nasr have assessed the exploit development capabilities of their model, Mythos Preview, through new benchmarks: ExploitBench and ExploitGym. These benchmarks enable a detailed evaluation of LLMs in creating end-to-end exploits rather than merely proof-of-concept demonstrations. Mythos Preview has shown superior performance across all three benchmarks, suggesting that the expertise needed to develop exploits may significantly diminish as these advanced capabilities become more accessible. ExploitBench focuses on the full exploit development process, decomposing it into 16 capabilities for granular analysis, which could reshape the understanding of vulnerabilities in software.
LLMNLPExploit Development+1
LLMNLPExploit DevelopmentBenchmark
New Academic Benchmarks Highlight LLMs' Exploit Development Capabilities
Hacker News· allen leee· Monday, May 25, 2026
More Articles From This Day
LLMGenerative AI+2
LLMGenerative AINLPOpenAI
Concerns Raised Over Remote System Prompt Injection in Anthropic's Claude Code v2.1.150
A user has reported alarming findings regarding the latest upgrade of Claude Code to version 2.1.150, which now allows Anthropic to perform remote system prompt injections via network calls. The user identified two data sources involved in this process: an API call to the startup endpoint and a feature flag that refreshes every 60 seconds. The changelog misleadingly states 'Internal infrastructure improvements (no user-facing changes)', while the user confirmed that previous versions had non-functional injection points. They noted that blocking specific traffic settings can mitigate this issue.