Harvester

Mythos AI is being used by National Security Agency in offensive cyber operations / cyberattacks. Anthropic has even embedded engineers inside the NSA to help deploy the model. Are frontier AI labs becoming active contractors in state cyber conflict? The live-ops role is still unclear. https://t.co/wIUXLZQE64

We helped FFmpeg find and fix 21 security vulnerabilities. In a 1.5M-line codebase, we spent just $1K in API costs. Some of these bugs had been hiding for decades. We also developed a PoC demonstrating an RCE primitive when FFmpeg processes RTSP streams. Full write-up: https://t.co/mIrjirCgcB

【AIセキュリティ・脆弱性研究】月300ドルとAIエージェントで「自動N-day製造ライン」が完成、1人の研究者が実証した現実 「Claude Mythos Previewのような能力は、特別な機関だけの話ではない」——セキュリティ研究者Tyler Holmwoodが構築したパッチ差分解析パイプラインは、この命題を費用明細付きで証明した。毎月第2火曜日のMicrosoft Patch Tuesdayを自動処理し、AIエージェントがN-dayエクスプロイトのPoC（概念実証コード）を自律生成するこのシステム「PatchWatch + Pocsmith」の総コストは、APIトークン代約300ドルとTeamサブスクリプションのみだ。 システムの核心は2段構成だ。PatchWatchはMSRC APIからCVEリストを取得し、GhidriffでWindowsバイナリのパッチ前後の差分を解析して「どの関数に脆弱性が存在するか」をLLM用レポートに変換する。そのレポートを受け取ったPocsmithは、Claude Agent SDKで動作するエージェントがHyper-V仮想マシン上でカーネルデバッガを操作しながら仮説検証サイクルを回し、実際に動作するエクスプロイトを生成する。2026年4月のCVE（Microsoft Management ConsoleにおけるMOTWバイパスによる権限昇格）では「完全なコード実行」レベルのPoC生成に成功した。 Holmwoodが強調するのは「モデルではなくシステムがモートになる」という点だ。単一のフロンティアモデルの性能よりも、ツール・環境・自動化ループの組み合わせが実用性を左右する。PatchTuesdayからエクスプロイト生成までの時間軸が1人の研究者に手が届く水準にある今、防御側に残された現実的な回答はパッチ速度の最大化と攻撃到達面の最小化の徹底にある。 https://t.co/aSvQ6RK23i

‼️🚨 BREAKING: Another researcher skipped coordinated disclosure entirely and dropped a critical 1-click GitHub token theft in public because he doesn't want to deal with MSRC. In his own words: "I really don't want to deal with MSRC on VSCode bugs." The bug: just clicking a link can hand an attacker a GitHub token that reads AND writes to all your repos, including private ones. It lives in github[.]dev, GitHub's browser-based VSCode editor, which passes the browser an OAuth token that isn't scoped to a single repo. That token can touch everything you can. Researcher Ammar Askar found that VSCode's sandboxed "webviews" leak keyboard events to the main editor. A malicious repo opened via one link can simulate keystrokes, install a local extension that skips VSCode's publisher-trust check, and exfiltrate your token. He published a working proof-of-concept. He says when he reports github[.]dev bugs, GitHub tells him they're out of scope and to go report to MSRC, and a prior VSCode bug he reported was silently fixed with no credit. One commenter summed up the mood: "MSRC has turned into Feedback Hub."

Today a crazy quantum story just got wilder. On March 31, the Google Quantum AI team published a landmark result on Shor's algorithm for elliptic curve cryptography. Technically, the paper was a bombshell: a dramatic 10x improvement over the state-of-the-art. As a stunt and wakeup call to the blockchain space, those optimisations were illustrated on secp256k1, the elliptic curve underlying Bitcoin and Ethereum signatures. But perhaps the most striking part of the paper was sociological, not technical. Instead of following standard academic process, the optimisations were kept secret, hidden behind a zero-knowledge (ZK) proof. Google's accompanying blog post mentions they "engaged with the U.S. government". The ZK proof demonstrates the existence of algorithmic improvements without leaking details. Academic censorship with ZK, a historic first! As a co-author of the Google paper I witnessed some of the context surrounding this censorship. To be honest, multiple aspects of that context don't sit well with me. As much as I believe the general public ought to know more, I am limited in my ability to whistleblow. Though let me be clear about one thing: the Google team's professionalism has been absolutely exemplary, and they deserve nothing but praise. Censorship has a way of backfiring. The Streisand effect, where an attempt to bury something only draws more attention to it, is exactly what's unfolding today. First, Google's key optimisation has been rediscovered by the French. And in a thrilling turn of events, a collaborative Shor-at-home challenge just launched. The initiative, available at ecdsa[.]fail, breached a new Shor world record in a matter of hours. Let's start with the rediscovery. Just two months after Google's paper, French quantum expert André Schrottenloher cracks the main secret optimisation. His paper, titled "Optimized Point Addition Circuits for Elliptic Curve Discrete Logarithms", landed on the arXiv today. Big congrats to André, who beat several other nerdsnipped experts to it. In a blog post also published today, Craig Gidney, the world expert on Shor optimisations, revealed that he'd been sitting on this very optimisation for a whole year under censorship pressure. Interestingly, André missed a handful of minor optimisations, both from Google's original publication and from improvements found since. It's plausible there's still plenty of juice left to squeeze out of Shor, and this is exactly what the ecdsa[.]fail challenge is about. The verifier program developed for the ZK proof does double duty, automatically filtering for valid submissions. Dozens of compounding small and micro improvements are rolling in. As of the time of writing there's an 8.4% improvement to Google's circuit, as measured by the product of logical qubit count and Toffoli gate count. Nice! The nerdsnipping ran deeper than anyone expected. Over the last few weeks it became clear it extended well beyond André and other quantum experts. Behind the scenes, a small army of amateurs quietly got to work. Inspired by Karpathy-style autoresearch, they turned AI on Shor. Ironically, the verifier program for the ZK proof makes an ideal reward function for AIs. The barrier to entry for this modern style of research is refreshingly low, with several non-experts, even a teenager, finding nice optimisations. Get in touch if you'd like to join a Telegram group with fellow autoresearchers :) Part 2: neutral atoms and qday The story doesn't end with Google. On the same day Google went public, a stealthy startup called Oratomic published its own Shor paper in a coordinated release. It made a splash, ultimately becoming the most upvoted paper on scirate[.]com, a website ranking arXiv papers. Oratomic's claim was wild. By building on Google's logical optimisations and applying custom physical optimisations for neutral atoms, they claimed just 10K physical qubits were sufficient to run Shor's algorithm on secp256k1. That number is mind-bogglingly low. Knowing essentially nothing about neutral atoms when Oratomic's paper landed, I was intrigued and decided to learn more about the tech. I fell straight down the rabbit hole and spent a couple hundred hours on the topic. I got a little obsessed and watched every YouTube video I could find and spoke to a bunch of experts. My conclusion? The tech is real, very real. Even Google recently decided to start a neutral atom lab, a notable pivot from their sole focus on superconducting qubits. If you care about qday, i.e. the day a quantum computer will break the first piece of cryptography in production, neutral atoms demand your attention. I shared some of my learnings on Shor and neutral atoms in a 30min talk at the ZKProof cryptography conference. You can find it on YouTube by searching "zkproof neutral atom". Here's an interesting observation about this duo of breakthrough papers: neither Google nor Oratomic say a word about what their results mean for qday. No timelines. Zero. Nada. That is especially baffling given that the whole point of whitehat quantum cryptanalysis is to inform qday estimations and help the general public make good decisions. So let me attempt to partially fill the silence, similarly to what Scott Aaronson did in his April 29 post. Given everything I know, including scary non-public information, I now put the odds of qday by 2032 at 50%. 10% by 2030. Anecdotally, the US government has its own date: 2035. Originating at the NSA and later adopted by NIST, it's when branches of the US government will be disallowed from using quantum-vulnerable cryptography. In plain language: with hindsight, that date is a joke and should be discounted entirely. I don't see how NIST avoids being forced to pull it forward by years. Part 3: post-quantum cryptography There are good reasons to sound the alarm today, but please do not panic. Rushing carelessly towards immature post-quantum cryptography is a recipe for disaster. IMO a good target date for migration is 2029, roughly 3.5 years out. 2029 happens to be the date selected by Google, Cloudflare, and the Ethereum Foundation. These days most of my time goes to safely migrating Ethereum towards post-quantum cryptography as part of the broader lean Ethereum effort. There's a lot to do. We need to rip out and replace BLS signatures at the consensus layer, KZG commitments at the data layer, and ECDSA signatures at the execution layer. The plan to get there is compelling, and is based on hash-based cryptography. Within the Ethereum Foundation we've developed a Swiss army knife called leanVM (github[.]com/leanEthereum/leanVM) powered by the magic of hash-based SNARKs. Thanks to truly exceptional work by Emile, Thomas, and others, its performance is derisked. Regarding security, leanVM is a jewel, a minimal zkVM crafted for end-to-end formal verification and maximum security. Want to help? There are two $1M initiatives. First, the Proximity Prize (proximityprize[.]org). Solve a long-standing mathematical conjecture in coding theory, improve hash-based SNARKs, and go home a millionaire. Second, the Poseidon Initiative (poseidon-initiative[.]info), offers $1M for breaking Poseidon, the SNARK-friendly hash function.

Some LC-36 updates. Now that we’ve had access to the pad and integration facility we can share a bit of good news. The propellant farm, oxygen, liquid hydrogen and LNG tanks are all in good shape. This is good luck because these are very long lead items. The water tower is also good. The big support tower is damaged, but it can be repaired in place rather than torn down and replaced. The booster “Never Tell Me The Odds” and the three GS-2s that were onsite in the integration facility also look good. I’ve seen some speculation that we might move directly to the 9x4 configuration, but we won’t do that. Rate manufacturing of 7x2 is going well, and we’re going to continue that at pace as planned and store the stages for use. In addition, we had already been working for some time on eliminating our transporter-erector in favor of an alternative vertical conop, and we’ll now go directly to that; so we don’t need a new transporter-erector. We will fly again before the end of this year. Gradatim Ferociter.

Blue Origin just vaporized a rocket, a launch pad, and Amazon's entire satellite deployment timeline in nine seconds. NG-4 was supposed to fly June 4 carrying 48 Amazon Leo satellites. That mission was the first of 24 contracted Blue Origin launches Amazon needs to build its Starlink competitor. Amazon has roughly 240 satellites in orbit against an FCC requirement of 1,618 by July 2026. They already filed for a two-year extension because they were falling short. Losing your primary heavy-lift rocket on the pad doesn't help that math. The pad damage is the part people aren't thinking about. New Glenn carries roughly 2.4 million pounds of propellant. The explosion toppled one of LC-36's lightning protection towers. That launch complex took years to build and billions to outfit. You can manufacture a new rocket in months. You cannot rebuild a launch pad in months. The cascade gets worse. Blue Origin's Blue Moon MK1 lunar lander is supposed to launch on New Glenn this fall for NASA's CLPS program. That mission is the pathfinder for Artemis III, which needs Blue Moon MK2 to fly on New Glenn in mid-2027 to land astronauts at the lunar south pole. Every month LC-36 sits damaged pushes Artemis further into the late 2020s. Jeff Bezos has two companies betting on the same rocket. Amazon Leo needs 24 New Glenn launches to close the gap with Starlink. NASA needs New Glenn for Artemis. Both timelines just broke simultaneously, and LC-36 is on fire.