Security News > 2024 > June > Using LLMs to Exploit Vulnerabilities

If it's actually a "Zero day" then by the definition it's unknown thus not in the LLM "Weights".

"Researchers have shown that LLM agents can exploit real-world vulnerabilities when given a description of the vulnerability and toy capture-the-flag problems."

"However, these agents still perform poorly on real-world vulnerabilities that are unknown to the agent ahead of time."

1, "Instances of vulnerability"2, "Classes of vulnerability".

"Can an LLM trained up with physical world attacks cross them over to information world attacks?".

Because although it might look like the LLM has invented a new vulnerability attack, in reality it has not, just found commonality and added a little randomisation.

News URL

https://www.schneier.com/blog/archives/2024/06/using-llms-to-exploit-vulnerabilities.html