With the rise of AI, super-smart office and productivity tools are now part of life for everyday computer users and professionals across the world. That growing global ubiquity includes cybercriminals, some of whom already found ingenious ways to use AI to help crack into businesses. A high-profile AI-assisted hack saw one company conned out of $25 million this year, for example. But researchers have now shown that carefully crafted AI agents can roam about a digital security system all on their own, coordinating and cooperating their attack effort, and thus find–and then potentially exploit–security vulnerabilities, with a better than one-in-two success rate.

The research team, website New Atlas explains, was testing a cluster of so-called “self-propagating Large Language Model (LLM) agents” that used a “Hierarchical Planning with Task-Specific Agents (HPTSA) method.” This is hard digital science, but behind the jargon, the explanation isn’t too tricky. Down the rabbit hole

FEATURED VIDEO An Inc.com Featured Presentation

Thanks to the explosion of AI chatbots and generative AI tools that can create amazing images and videos, we know that when commanded, chatbots can spool out reams of text, images, and even code to answer user queries–this is the “language” bit of the acronym LLM, the algorithms that make AI work. But the next big thing in AI is turning these LLM tools into agents, which are little AI programs that can do more than merely talk back to you; they can carry out tasks as well, perhaps interacting with a spreadsheet, or taking control of other apps on your PC’s desktop. Agents will really make AI very useful in terms of saving computer users time, and OpenAI’s CEO Sam Altman has been touting their powers.

But in the hacking research, agents were used to sniff around in a computer system and find errors in its security that could be exploited. These agents were organized a bit like your office probably is. New Atlas explained that there is a “planning agent” that acts as a boss that organizes and delegates tasks to dedicated “subagents,” like employees, that go off and try to hack. This system could find so-called zero-day vulnerabilities, which is deeply concerning. That’s because “zero-day vulnerability” is hacking jargon for a security loophole that isn’t publicly known yet, so there’s no defense against it. No patches have been launched to repair it, and no security-monitoring software is looking for dangerous activity around the loopholes. The agent hackers beat such zero-day flaws with a 53 percent success rate. If you’ve ever seen the classic sci-fi movie The Matrix, you might have an image of the evil Agent Smith in your mind right now–and you might be thinking along the right lines.

The news will unsettle many security experts, and it’s a reminder to make sure your office PC is up to date with all the latest security software and updates, that you’re using a firewall and that your staff are trained to identify a potential hack. But in a way, it’s also good news–so-called “white hat” hackers, who tend to be the harmless, useful kind that companies can hire to help them find security flaws, could use such systems to find and fix loopholes before more wicked (“black hat”) hackers get in. It’s also a reminder that the AI landscape is evolving really, really fast–perhaps, as some critics say, too fast. OpenAI: Bright and friendly and safe?

Meanwhile, other shady aspects of the AI world are getting noticed as well. At OpenAI, in the vanguard of AI tech, there’s yet another controversy.

Several high-profile departures from the company and its board were linked to the potential risks of the AI technology that OpenAI is building. Now another member of its former “superalignment” team, which was tasked with keeping AI development safe and aligned with humanity’s interests, has spoken up. Business Insider reports on a post from Leopold Aschenbrenner, an OpenAI researcher who was reportedly fired in April. His worries about the future of AI can be neatly summed up in a few sentences. He thinks an artificial general intelligence–the kind of “can do everything” AI you’ll have seen in popular sci-fi–will arrive by 2027. That will quickly be followed by superintelligent AI, with “human-level to superhuman capabilities.” The impact on society could be profound, and even, Aschenbrenner thinks, lead to “all-out war” over who’s developing better AI tech.

Separately, bolstering its dark, mysterious public image, OpenAI is also said to be using undercover security guards for its San Francisco Mission District office. The guards–who won’t identify themselves or who they work for–are said to be weirding-out neighboring businesses. The practice is said to be allowed under California law, but their presence doesn’t exactly paint the picture of an open, public-friendly enterprise. ​

When asked about the idea of unidentified security guards and how unfriendly that may seem, ChatGPT 4o responded like this: “Security measures can sometimes feel a bit strict, but they’re often in place to ensure the safety of everyone involved. If it’s making people uncomfortable, it might be worth bringing it up with OpenAI to see if there’s a way to make the security presence feel more approachable.”