21 Zero-Days in FFmpeg ➤ Low-Cost, High-Precision Autonomous Vulnerability Discovery via AI Agents ✤ https://depthfirst.com/research/21-zero-days-in-ffmpeg The Depth First team, through their self-developed "Autonomous Security Agent"
A team at depthfirst.com has developed an "Autonomous Security Agent" that can identify zero-day vulnerabilities in software with high accuracy and low cost. This AI agent successfully found 21 zero-day flaws in the FFmpeg multimedia framework, some of which had existed for 23 years. The team's method significantly reduced the cost of such research, estimated at around $1,000, and demonstrated the effectiveness of specialized AI agents for security auditing. AI
IMPACT Demonstrates the potential for cost-effective AI agents to significantly improve software security auditing.