The world's #1 hacker isn't a person anymore

In partnership with

For as long as software has existed, finding the hidden flaws in it has been a deeply human craft. A great vulnerability researcher is part detective, part lock-picker, part obsessive — someone who stares at a million lines of code until the one cracked brick reveals itself. It’s a rare skill. The best of them are famous in security circles for a reason.

So here’s a sentence that should stop you for a second: for a stretch of 2025, the #1 ranked hacker on HackerOne — the world’s largest bug-bounty platform, where tens of thousands of human researchers compete — wasn’t a person. It was an AI agent. And a few months later, a different AI did something arguably more impressive: it spotted a flaw that real attackers were secretly preparing to exploit, and slammed the door before they could walk through it.

This week: the genuinely astonishing rise of AI that hunts for security holes on its own — the jaw-dropping things it can already do, the very sharp double edge, and how the people who do this for a living are learning to handle it.

🤖 What actually changed

Until recently, “AI security” mostly meant spam filters and anomaly detection — pattern-matching, not reasoning. What’s new is AI that can reason about code the way a hacker does: read an unfamiliar codebase, form a theory about where it might break, build an exploit to test the theory, and confirm the bug is real.

The poster child is XBOW, an autonomous “AI hacker” founded in January 2024 by Oege de Moor — the same person who created GitHub Copilot. In 2025, XBOW pointed its system at HackerOne and let it run. It climbed to #1 on HackerOne’s US leaderboard in about 90 days, filing more than 1,000 validated vulnerability reports against real companies — not theoretical bugs, but flaws confirmed and triaged by the affected organizations. In one head-to-head benchmark across 104 real-world scenarios, a seasoned human pentester needed 40 hours; XBOW finished in 28 minutes — roughly an 85× speed-up.

The market noticed. In March 2026, XBOW raised a $120 million Series C at a valuation north of $1 billion. The pitch is blunt: attackers used to be limited by talent — there are only so many elite hackers in the world. AI removes that limit. So defenders need a machine that hunts at machine speed too.

🛡️ The cool part: an AI that stopped a hack before it started

Speed and leaderboards are flashy. This next part is the one that genuinely made security people sit up.

Google runs an AI vulnerability-hunting agent called Big Sleep, built jointly by DeepMind and Project Zero, its elite bug-hunting team. In 2024 Big Sleep found a real, previously-unknown memory bug in SQLite — the tiny database that quietly runs inside billions of phones, browsers, and apps — the first time an AI agent caught an exploitable flaw in widely-used software that human researchers and automated fuzzers had both missed.

Then it went further. Google’s threat-intelligence team picked up faint signals that attackers were preparing to exploit some unknown SQLite flaw — they could tell something was coming, but not exactly what. They handed those breadcrumbs to Big Sleep. The AI combed the codebase and pinpointed the exact vulnerability the attackers were circling: CVE-2025-6965, a critical memory-corruption bug “known only to threat actors,” in Google’s words. It got patched before the attack landed.

In Google’s framing: this was the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild. Sit with that. Not “an AI found a bug.” An AI predicted which door the burglars were about to pick, and changed the lock first. Big Sleep has now logged 20-plus real-world bugs in open-source software the rest of us depend on every day.

Build the AI skills senior engineers need to get ahead

AI is already handling large parts of execution. That shift is not coming later. It is happening now.

What is left, and becoming more valuable, is the ability to design systems, apply AI thoughtfully, and own outcomes in production. That is the work strong teams expect from senior engineers in 2026.

Gauntlet is built for engineers who want to operate at that level. In a single week, 15 hiring partners conducted 246 interviews with challengers onsite in Austin. Apply now.

Apply to Cohort 6

_{Must be a US citizen to qualify.}

⚠️ …and the very sharp double edge

Here’s the catch, and it’s a serious one. A tool that finds vulnerabilities faster than humans is a gift to whoever’s holding it — and defenders aren’t the only ones holding it.

The exact same capability that lets XBOW file 1,000 valid bugs, or lets Big Sleep pre-empt an attack, lets a criminal crew scan every version of every exposed system, continuously, looking for a way in. And the data shows that’s already happening. According to Google’s M-Trends 2026 report, the average time between a vulnerability becoming known and being exploited has collapsed — exploitation now sometimes happens before a patch even exists. Roughly 28% of exploited vulnerabilities are now hit within 24 hours of disclosure. For comparison: in 2020, attackers took an average of over 700 days to weaponize a known bug. By 2025 that was down to about 44 days — and falling.

That’s why security firms are calling 2026 ”the year of AI-assisted attacks.” It’s not that AI invented a new kind of hack. It’s that AI removed the bottleneck — skilled human time — that used to slow attackers down. The window between “a flaw exists” and “a flaw is being exploited against you” is shrinking toward zero. Researchers have even documented the first AI-generated exploit code turning up in real-world attacks. The genie is thoroughly out of the bottle.

🔐 How the pros are actually handling it

The takeaway isn’t “AI hacking is terrifying, panic.” It’s also not “let the robots run security.” It’s a more grown-up middle path — and it doubles as a template for using powerful AI safely anywhere.1. Fight fire with fire — point the AI at your own systems first. 

1. Fight fire with fire — point the AI at your own systems first. The best defense is finding your bugs before the attackers do. Continuous, AI-driven testing of your own software is fast becoming table stakes, replacing the old once-a-year manual pentest.

2. Keep a human in the loop. Even XBOW, the machine that topped the leaderboard, can’t file a report without a human reviewing it first. The AI does the tireless searching; people make the judgment calls — machine for scale, human for sense.

3. Win the race you can actually win: patch faster. When exploits arrive in 24 hours, the survivors aren’t the ones who find the most bugs — they’re the ones who fix them fastest. Automated patching and ruthless prioritization matter more than ever.

4. Shrink what’s exposed. Every unnecessary service, open port, and forgotten server is now being scanned by tireless machines around the clock. Basic hygiene — reduce the attack surface, assume breach, zero-trust — buys back time you no longer have.

5. Assume the inputs are a target too. As AI moves deeper into security pipelines, the AI itself becomes something to attack. Treating these systems as things that can be fooled — not just things that can be wrong — is the next frontier.

The takeaway

A year ago, “an AI that finds zero-days” sounded like a conference fantasy. Today one tops a global hacker leaderboard and another has already stopped a real attack in progress. That’s not hype — it’s one of the most concrete, useful things AI has done outside a chat window.

But it carries a lesson bigger than security. This is a genuinely dual-use technology: the same machine that protects you protects nobody by default — it does whatever its owner points it at. The capability is neutral; the intent isn’t. So the winners won’t be whoever has the cleverest AI. They’ll be whoever pairs it with good judgment, keeps a human hand on the wheel, and acts on what it finds faster than the other side can.

The robots learned to pick locks. The smart move isn’t to fear them or worship them — it’s to hire the good ones, watch them closely, and fix your doors before someone else’s robot gets there first.

Reply and tell us: would you trust an autonomous AI to pentest your company’s systems — and where exactly would you insist a human stays in the loop? Best answers get featured next week.

— itscybernews · written by a human, edited by a slightly nervous agent ·