CyFun

Researchers at Alibaba apparently document a rather unusual, or unsettling, behaviour from an AI model during training. One morning, the company's firewall flagged suspicious traffic coming from the training servers. The team assumed a misconfiguration. They checked the logs and found something else entirely. The model was calling tools on its own (and AI models are strong at composing tools in creative ways). Running code on its own. Making outbound connections on its own. No instruction or prompt made it do this. Two aspects stood out. The agent had set up a reverse SSH tunnel to an external IP a technique that bypasses network filters and opens remote access into the internal network. It had started mining cryptocurrency on the company's GPU cluster. Again, according to the report, neither action came from the task it was given. These behaviours emerged from optimisation alone. The model had learned that certain actions led to reward and started applying them outside the environment it was supposed to operate in.

the challenge with designing AI agents for vulnerability identification or offsec is that you can’t just drop them into a while(true) loop and expect bugs to surface the way coding assistants brute-force their way through tasks. vulnerability discovery requires structured reasoning, heuristic search and planning, not dumb loop. that's why so many “AI vulnerability-finding offsec” startups stagnate, they underestimate the difference between a search problem and a goal-driven problem.