4 posts tagged with "vulnerability-research"

What I Keep Hearing​

Lately, the same conversation keeps coming up with colleagues, students, and fellow researchers. The shape of it is roughly:

I've started reading and experimenting with AI, and honestly, it's really good. In some areas it's already faster than me. The more I use it, the less I can see what work will be left for us in five years.

The feeling is real, and I've heard it from senior reverse engineers with fifteen years on the keyboard and from people on their first run through Ghidra. The more capable the tools get in your hands, the more your relevance feels uncertain. That's a hard place to operate from.

Here's the part worth holding onto: we've been in this place before. The path out of the worry has been the same every time. Engage with the new tool early. Stay ahead of it by working with it.

If you're curious about how AI can accelerate your reverse engineering workflows, check it out. Especially useful if you're looking to get started with agentic RE.

The video is up from our talk at RE//verse 2026 in Orlando, Agentic Diffing Apple Security Updates.

The powerful AI made it likelier that the consultants "fell asleep at the wheel" and made big errors when it counted. -- Ethan Mollick, Co-Intelligence

Ethan Mollick has a warning for anyone using AI: the better it gets, the easier it is to stop paying attention. When outputs are polished and instant, you stop thinking critically. You stop building skill. You become a passenger.

He's right, but only if you're using AI wrong.

"It’s exciting to see open-source tools like ghidriff shaping the research frontier. This new paper validates what many of us have been building toward: diffing as the perfect context for LLMs, and agentic pipelines that turn binary changes into actionable security insight." – CSL