The majority of vulnerabilities are in newly committed lines of code. This has been shown again and ...

jryio • today at 8:11 PM • 1 reply • view on HN

The majority of vulnerabilities are in newly committed lines of code. This has been shown again and again [1] [2]

From a marketing standpoint Anthropic is showing that they're able to direct 'compute' to find vulnerabilities where human time/cost is not efficient or effective.

Project Glasswing is attempting to pay off as many of these old vulnerabilities as possible now so the low-hanging fruit has already been picked.

The next generation of Mythos and real world vulnerabilities exploits are going to be in newly committed code...

[1]: https://dl.acm.org/doi/epdf/10.1145/2635868.2635880

[2]: https://arxiv.org/abs/2601.22196

Replies

staticassertion • today at 8:14 PM

> The majority of vulnerabilities are in newly committed lines of code. This has been shown again and again

That's fine, I wouldn't argue against that. It doesn't really change things, right?

> From a marketing standpoint Anthropic is showing that they're able to direct 'compute' to find vulnerabilities where human time/cost is not efficient or effective.

Yes, they've demonstrated that.

alt Hacker News

Replies