惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Apple Machine Learning Research
Apple Machine Learning Research
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
Security @ Cisco Blogs
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Cisco Talos Blog
Cisco Talos Blog
Cyberwarzone
Cyberwarzone
SecWiki News
SecWiki News
Webroot Blog
Webroot Blog
L
LINUX DO - 最新话题
V
Vulnerabilities – Threatpost
T
Troy Hunt's Blog
Cloudbric
Cloudbric
L
LINUX DO - 热门话题
Google DeepMind News
Google DeepMind News
H
Heimdal Security Blog
S
Schneier on Security
NISL@THU
NISL@THU
The Hacker News
The Hacker News
Attack and Defense Labs
Attack and Defense Labs
A
Arctic Wolf
V2EX - 技术
V2EX - 技术
Security Latest
Security Latest
AWS News Blog
AWS News Blog
Scott Helme
Scott Helme
W
WeLiveSecurity
S
Secure Thoughts
Y
Y Combinator Blog
GbyAI
GbyAI
H
Hackread – Cybersecurity News, Data Breaches, AI and More
博客园 - Franky
量子位
人人都是产品经理
人人都是产品经理
雷峰网
雷峰网
K
Kaspersky official blog
P
Privacy & Cybersecurity Law Blog
T
Tenable Blog
The GitHub Blog
The GitHub Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
J
Java Code Geeks
Vercel News
Vercel News
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Schneier on Security
Schneier on Security
云风的 BLOG
云风的 BLOG
小众软件
小众软件
Engineering at Meta
Engineering at Meta
宝玉的分享
宝玉的分享
C
CERT Recently Published Vulnerability Notes
Security Archives - TechRepublic
Security Archives - TechRepublic
C
CXSECURITY Database RSS Feed - CXSecurity.com
P
Palo Alto Networks Blog

Risky Business Features

Fortibleed: The bleeding edge of AI cybercrime What to do 'til the bugpocalypse gets here Mythos on your desk? Using local LLMs for code reviews Pitching security startups to VCs in the AI era How using open weight models can blow up in your face The state of the art in AI model jailbreaks Why NPM v12 won’t stop supply chain attacks Everything is getting much worse, much faster Solo podcast: A deep dive on TeamPCP How to survive supply chain attacks How the CopyFail disclosure went sideways NCSC’s Ollie Whitehouse on surviving the "bugpocalypse" What a great agentic AI deployment plan looks like Solving the AI agent identity problem A deep dive on AI model distillation attacks Feature Interview: Nicholas Carlini, Anthropic A builder's perspective on Mythos and frontier models Mythos and 0day: Fixing exploits is not safety Mythos and 0day: A hacker’s perspective What happens after North Korea infiltrates? Why CISOs need to be more flexible in the AI era A Risky Biz Experiment: Hunting for iOS 0day with AI Interview: Former NSA and CIA cyber leaders on offensive AI When disaster strykes - Risky Business Media MCP is Dead - Risky Business Media They don't break in, they log in. What's an enterprise to do? A ridiculously deep dive into the Coruna Exploits Being a wartime CISO - Risky Business Media What to do about North Korean remote workers Former Adobe, Cisco and Salesforce CISO talks AI pentesting History Repeats: Security in the AI Agent Era
Mythos smythos! How to find 0day with lesser models
James Wilson · 2026-05-08 · via Risky Business Features

Risky Business Features Podcast

May 08, 2026

Presented by

James Wilson

James Wilson

Technology Editor

In this podcast James Wilson chats with Niels Provos about his research into using older AI models to successfully hunt for 0day vulnerabilities. Niels has had a long and prolific career in cybersecurity, having worked as a Distinguished Engineer at Google and then heading up security at Stripe.

His interest in AI bug hunting was piqued recently when one of the Mythos 0day vulnerabilities that received lots of attention happened to be in code he wrote for the OpenBSD project 27 years ago.

It got him thinking: Are these frontier models really that magical? Or could we replicate their findings with some clever orchestration instead of relying on the model’s smarts to find bugs with a single prompt?

As it turns out, this was worth looking into. Niels’ orchestration framework, Iron Curtain, works extremely well.

This episode is also available on YouTube

Your browser does not support the audio element.

Mythos smythos! How to find 0day with lesser models

0:00 / 87:53

Logo