In a groundbreaking achievement, OpenAI’s GPT-5.6 Sol Ultra model has autonomously developed a complete exploit chain for Google Chrome, starting solely from publicly accessible security patch information. This remarkable feat underscores the potential of advanced AI in the field of cybersecurity.
Researchers at Hacktron challenged three cutting-edge AI models—GPT-5.6 Sol Medium, Sol Ultra, and Grok 4.5—to real-world offensive security tasks. The objective was to scrutinize V8, the JavaScript engine of Chrome, and construct an entire exploit chain from publicly available security-fix commits.
AI-Powered Security Analysis
The AI models were provided access to the V8 source tree, version 14.9.207.35, aligned with Chrome version 149.0.7827.201, along with a sandboxed d8 build to facilitate testing. The models aimed to execute a three-stage exploitation process, a standard approach in browser security research.
The initial phase involved targeting primitives to achieve operations like addrof, fakeobj, and arbitrary read/write within the V8 sandbox. The subsequent step required escaping the sandbox by leaking crucial addresses, allowing memory read/write beyond the sandbox. Finally, the models sought to control the program counter and execute arbitrary commands.
Sol Ultra’s Comprehensive Exploit
While Sol Medium and Grok 4.5 encountered challenges post-initial memory leaks, Sol Ultra successfully executed the entire chain, evidencing its success by launching a calculator. The exploit commenced with a Maglev type-confusion bug in V8’s array iterator, enabling addrof and fakeobj primitive construction.
Sol Ultra then orchestrated a series of strategic escalations, including forging a fake JSArray for expansive read/write capabilities and corrupting DataView metadata. It exploited a signed-integer bug in string handling to leak native addresses and used a NativeModule vulnerability for controlled operations, ultimately hijacking execution through a posix_spawnp call.
Implications for Cybersecurity
This accomplishment by Sol Ultra utilized 2.1 billion tokens, processed 14,062 requests, and incurred a cost of approximately $1,597. The AI generated 74 sub-agents managing 70% of the investigative workload, with the root agent maintaining strategic oversight despite significant context loss.
The implications of this development are profound. The potential for scalable, compute-driven exploit creation could revolutionize traditional exploit development, shifting the advantage towards resourced actors who might weaponize patches faster than defenders can deploy mitigations.
Security teams must now prioritize rapid patch deployment, as the historical “patch gap” may diminish significantly. This evolution in AI-driven security emphasizes the need for enhanced threat detection and swift response capabilities to safeguard against increasingly sophisticated threats.
