this post was submitted on 20 Jun 2026
346 points (98.1% liked)

Technology

85600 readers
4517 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 3 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
346
Low-skilled attacker used Claude, Codex to breach 14 companies (www.helpnetsecurity.com)
submitted 23 hours ago by sanitation@lemmy.today to c/technology@lemmy.world
78 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[โ€“] eldebryn@lemmy.world 9 points 15 hours ago (2 children)

It is significant because a random teenager can't google "download exploits" and have them available 5mins later.

Powerful AI models and agents though are on your fingertips without you even asking.

Sure, people can buy guns. But what if every person could materialize a chainsaw instead regardless of their skill, maturity, age, or criminal record? ๐Ÿค”

[โ€“] 0x0@infosec.pub 4 points 8 hours ago (1 children)

Teenagers are definitely able to find exploits via google in 5 if they're motivated.

Buying a disassembled ak-47 on post order and having it shipped to your address anywhere in the world is also possible.

Rules only apply to people that care about them.

[โ€“] MalMen@masto.pt 4 points 8 hours ago

@0x0 @eldebryn its not enough to find exploits, you have to know how yo use them... I can see how you can trick AI into guiding you to do a "pen test"

[โ€“] nomy@lemmy.zip 19 points 14 hours ago

Random teenagers can absolutely google "download exploits" and have them available, that's pretty much always been the case..

https://www.exploit-db.com/

Full disclosure was a thing once upon a time, where exploits and proofs of concept were dumped publicly, forcing companies to fix the issue or be compromised. That's mostly been moved away from in favor of responsible disclosure, giving companies time to patch the issue before it's known publicly.

Maybe we should be moving back to full disclosure to force these companies to take data security seriously. Or at least then we could point to a known vulnerability as proof the company is shitty and is neglecting their infrastructure.