Claude Cracks the World's Most Secure OS in 4 Hours—AI Crosses the Rubicon

Claude, a large language model, independently discovered and exploited CVE‑2026‑4747 in the FreeBSD kernel within four hours, constructing a complete attack chain without any human intervention. The AI set up a vulnerable test environment, designed a multi‑packet strategy to bypass size limits, hijacked a kernel thread with surgical precision, performed a non‑destructive takeover that kept the server running, jumped from deep kernel context to user space, and finally obtained full root privileges.

The attack produced two distinct payloads: a reverse shell listening on port 4444 and an authorized_keys injection that granted immediate uid=0(root) access. This single CVE report enabled the AI to achieve what previously required weeks of work by top security teams or nation‑state actors.

Lyptus Research measured AI’s offensive capability growth using a “time‑horizons” methodology. Their data (https://github.com/lyptus-research/cyber-task-horizons-data) shows that AI success rates on expert‑level tasks double every 5.7 months, with a P50 completion time of 10.5 hours for tasks that humans need over ten hours. The study also reports a 50 % success rate for tasks that took human experts 10.5 hours, indicating that AI is now operating at the lower bound of what was once exclusive to elite teams.

Independent MIT FutureTech research corroborates these findings, observing a 3.8‑month doubling period for task length capability, even more aggressive than Lyptus’s estimate. Both assessments converge on the conclusion that AI’s offensive abilities are exploding across a broad range of real‑world tasks, from simple command execution to complex CVE exploitation.

The implications for cybersecurity are profound: traditional patch‑management cycles measured in weeks are being outpaced by AI‑driven attacks that can complete in hours or less. Defensive teams must shift from human‑speed response models to real‑time, AI‑augmented monitoring and rapid remediation to avoid a near‑zero defensive window.

References: Lyptus (2024) “Offensive Cyber Time Horizons”; MIT FutureTech (2024) “Emerging Evidence of a Capability Shift”; Irregular (2023) observations on AI performance trends; Forbes article on the FreeBSD breach; MTLynch analysis of Claude’s Linux vulnerability discovery.