Agents
Claude Code Autonomously Writes FreeBSD Remote Kernel Exploit in Four Hours (CVE-2026-4747)
Security researcher Nicholas Carlini's Claude Code session autonomously developed two working remote root exploits for a FreeBSD kernel stack buffer overflow in kgssapi.ko (RPCSEC_GSS authentication), both succeeding on first attempt in ~4 hours wall clock time. This is the first remote kernel exploit both discovered and weaponized by an AI — part of Anthropic's MAD Bugs initiative which has now validated 500+ high-severity zero-days in production open-source software including Vim, Emacs, and Firefox.
↳ Follow the thread