THE UK government has identified over 400 vulnerabilities through internal hackathons utilizing frontier AI models. Organized by the Government Cyber Coordination Centre, these hackathons aimed to scan public code repositories across nine government departments. Participants reported 407 findings, which included serious issues such as authentication bypass and remote code execution, with some being zero-day vulnerabilities. All critical threats have been remediated without evidence of exploitation.
The project highlighted that frontier AI models could enhance vulnerability detection by linking technical details with business logic, but also emphasized the need for human expertise in problem-solving and validation. The initiative had a cost-effective execution of approximately £13,000. A recent US government export ban on key AI models may impact future efforts.