Artificial Intelligence (AI) has consistently pushed the boundaries of what technology can achieve, transforming industries and revolutionising the way we live and work. From enhancing medical diagnostics to advancing autonomous vehicles, AI’s potential seems limitless. However, as researchers continue to explore the capabilities of AI, new and sometimes unsettling applications are emerging. In a groundbreaking development, a team of researchers has now created AI agents that can autonomously hack websites and perform other complex tasks.
Also read: Understanding your dog’s bark might soon be possible with AI: Check details
A team from the University of Illinois has developed AI agents capable of autonomously hacking websites and exploiting real-world zero-day vulnerabilities—security flaws unknown even to the developers, reports MarkTechPost.
Also read: Digital Experience Assurance: AI that can predict & fix internet outages
Current AI hacking agents, like those using the ReAct method, struggle with complex, multi-stage attacks. Here’s why:
Researchers have confirmed these issues. If an AI agent begins down one path, it has a hard time changing course to try other vulnerabilities.
Using an advanced system called HPTSA (Hierarchical Planning and Task-Specific Agents), these AI agents work together like a well-oiled machine to probe websites, identify vulnerabilities, and execute hacks, the report said.
What’s impressive is that these agents don’t need to be told about the specific vulnerability beforehand. They can identify and exploit new, unknown vulnerabilities. Researchers tested HPTSA on 15 recent real-world vulnerabilities from major platforms like WordPress. The AI agents, unfamiliar with these vulnerabilities, managed to exploit 53% of them within just five attempts. In contrast, open-source security scanners failed to exploit any.
The researchers aim to use this to improve defence against AI-powered attacks.
