[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-browser-exploit-benchmarks-prove-ai-security-here-zh":3,"article-related-browser-exploit-benchmarks-prove-ai-security-here-zh":30,"series-research-902b314d-316c-48aa-9a2a-e4d16f32d2ac":83},{"id":4,"slug":5,"title":6,"content":7,"summary":8,"source":9,"source_url":10,"author":11,"image_url":12,"cover_image":12,"category":13,"language":14,"translated_content":11,"related_article_id":15,"keywords":16,"key_takeaways":22,"views":26,"created_at":27,"published_at":28,"topic_cluster_id":29},"902b314d-316c-48aa-9a2a-e4d16f32d2ac","browser-exploit-benchmarks-prove-ai-security-here-zh","為什麼瀏覽器 exploit 基準已證明 AI 安全威脅就在眼前","\u003Cp data-speakable=\"summary\">\u003Ca href=\"\u002Ftag\u002Fclaude\">Claude\u003C\u002Fa> M\u003Ca href=\"\u002Fnews\u002Fru-he-yong-python-zheng-he-mistral-ocr-zh\">ytho\u003C\u002Fa>s 與 GPT-5.5 的 \u003Ca href=\"\u002Ftag\u002Fbenchmark\">benchmark\u003C\u002Fa> 顯示，自主瀏覽器漏洞利用已成為現實能力。\u003C\u002Fp>\u003Cp>我認為，browser exploit benchmark 已經證明 AI 安全威脅不是未來式，而是現在進行式。這不是因為模型會「猜題」，而是因為它們開始能把已知漏洞一路推到可執行的攻擊結果。Carnegie Mellon 的 ExploitBench 直接測到 V8 漏洞到 code execution 的完整鏈條，\u003Ca href=\"\u002Ftag\u002Fclaude-mythos\">Claude Mythos\u003C\u002Fa> Preview 在 41 個漏洞中有 21 個衝到最高層級，平均 9.90\u002F16；GPT-5.5 則只有 5.51。更重要的是，Mythos 在 fully autonomous mode 仍有 9.55，表示它不是靠提示詞拼裝出來的表演，而是在做真正的 exploit 工作。\u003C\u002Fp>\u003Ch2>第一個論點\u003C\u002Fh2>\u003Cp>這個 benchmark 的價值，在於它測的是「攻擊是否真的完成」，不是「模型是否看懂題目」。很多 AI secu\u003Ca href=\"\u002Fnews\u002Fbitcoin-tops-80k-senate-advances-clarity-act-zh\">rity\u003C\u002Fa> demo 停在分類、偵測、或 notebook 裡的 proof of concept，對防守方沒有直接意義。ExploitBench 用五個層級評分，最高到 target system 的 arbi\u003Ca href=\"\u002Fnews\u002Fmistral-cybersecurity-model-banks-europe-zh\">tra\u003C\u002Fa>ry code execution，這才是安全團隊真正關心的分界線。當攻擊者能在瀏覽器或 JavaScript engine 裡跑指令，sandbox 在實務上就已經失去意義。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779019382261-mfmw.png\" alt=\"為什麼瀏覽器 exploit 基準已證明 AI 安全威脅就在眼前\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\n\n\u003Cp>但把它降格成「只是已知漏洞」也低估了風險。現實中的入侵鏈，大多不是靠發明全新漏洞，而是靠更快、更穩、更大量地把已知漏洞變成可用攻擊。只要模型能穩定把已知 browser vulnerability 推到 code execution，它就已經能補上攻擊鏈最耗時、最磨人的中段。這一段一旦被自動化，防守方面對的就不是單次攻擊，而是可規模化的 exploit 工廠。\u003C\u002Fp>\u003Ch2>你能做什麼\u003C\u002Fh2>\u003Cp>如果你是工程師、PM 或創辦人，現在該做的不是討論 AI 會不會帶來風險，而是把它當成既有風險來設計系統。優先縮短 browser 與 JavaScript engine 的更新週期，降低單點爆炸半徑，並把 agentic red teaming 納入常態流程；同時，對內使用這類模型做 fuzz triage、漏洞分析與攻擊路徑演練，但必須加上嚴格權限與審計。結論很直接：自主 exploit 開發已經進入威脅模型，你的防線也要跟著進入這個時代。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779019391751-3cv5.png\" alt=\"為什麼瀏覽器 exploit 基準已證明 AI 安全威脅就在眼前\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n","Claude Mythos 與 GPT-5.5 的 benchmark 結果顯示，自主瀏覽器漏洞利用已是現實能力，不是未來威脅。","the-decoder.com","https:\u002F\u002Fthe-decoder.com\u002Fnew-benchmark-shows-claude-mythos-and-gpt-5-5-can-develop-real-browser-exploits-autonomously\u002F",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1779019382261-mfmw.png","research","zh","75d7b925-0c14-4a30-b61f-0cdb2353fcd9",[17,18,19,20,21],"browser exploit","AI security","ExploitBench","V8","autonomous exploitation",[23,24,25],"ExploitBench 測到的是從漏洞到 code execution 的完整攻擊鏈，不是玩具級 demo。","Claude Mythos 已展現接近實用的自主 exploit 能力，且明顯領先 GPT-5.5。","防守方應把自主攻擊視為現實風險，立即強化更新、縮小 blast radius 並導入紅隊自動化。",9,"2026-05-17T08:03:21.360298+00:00","2026-05-17T08:03:21.179+00:00","0c35a120-52fc-41fc-afa3-d404eb934158",{"tags":31,"relatedLang":42,"relatedPosts":46},[32,34,36,38,40],{"name":17,"slug":33},"browser-exploit",{"name":20,"slug":35},"v8",{"name":18,"slug":37},"ai-security",{"name":19,"slug":39},"exploitbench",{"name":21,"slug":41},"autonomous-exploitation",{"id":15,"slug":43,"title":44,"language":45},"browser-exploit-benchmarks-prove-ai-security-here-en","Why browser exploit benchmarks prove AI security is already here","en",[47,53,59,65,71,77],{"id":48,"slug":49,"title":50,"cover_image":51,"image_url":51,"created_at":52,"category":13},"4fa896da-9616-425a-92bc-c1d7d5861ff9","streamma-multi-agent-reasoning-latency-zh","StreamMA 讓多代理推理邊想邊傳","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780554786134-1w1d.png","2026-06-04T06:32:32.769423+00:00",{"id":54,"slug":55,"title":56,"cover_image":57,"image_url":57,"created_at":58,"category":13},"f31f51ba-4445-4e43-9bda-31e70f53d42b","audio-language-models-arbitration-reversals-zh","音訊模型不是聽不懂","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780553877373-ux95.png","2026-06-04T06:17:27.890159+00:00",{"id":60,"slug":61,"title":62,"cover_image":63,"image_url":63,"created_at":64,"category":13},"447ac6c9-477b-45c8-bec2-ff94dc4cf5d4","stride-training-data-attribution-sparse-recovery-zh","STRIDE 讓訓練資料歸因快 13 倍","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780552979370-897a.png","2026-06-04T06:02:29.149166+00:00",{"id":66,"slug":67,"title":68,"cover_image":69,"image_url":69,"created_at":70,"category":13},"33c9a55c-a8c0-4367-b742-f4567d1e98e3","mathematicians-warn-ai-could-distort-math-zh","數學界警告 AI 會扭曲證明標準","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780504386035-080l.png","2026-06-03T16:32:29.415063+00:00",{"id":72,"slug":73,"title":74,"cover_image":75,"image_url":75,"created_at":76,"category":13},"5c3cb90f-7efd-426f-8c09-32a303f82be9","humanoid-gpt-zero-shot-motion-tracking-zh","Humanoid-GPT：用 GPT 擴大動作追蹤","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780469319284-znpc.png","2026-06-03T06:47:34.463464+00:00",{"id":78,"slug":79,"title":80,"cover_image":81,"image_url":81,"created_at":82,"category":13},"e3a4b0f7-03b3-43c6-ae51-906b337c5c2f","ipt-vlms-hidden-space-reasoning-zh","IPT 讓 VLM 更會想像隱藏空間","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780468394735-1k40.png","2026-06-03T06:32:46.560029+00:00",[84,89,94,99,104,109,114,119,124,129],{"id":85,"slug":86,"title":87,"created_at":88},"f18dbadb-8c59-4723-84a4-6ad22746c77a","deepmind-bets-on-continuous-learning-ai-2026-zh","DeepMind 押注 2026 連續學習 AI","2026-03-26T08:16:02.367355+00:00",{"id":90,"slug":91,"title":92,"created_at":93},"f4a106cb-02a6-4508-8f39-9720a0a93cee","ml-papers-of-the-week-github-research-desk-zh","每週 ML 論文清單，為何紅到 GitHub","2026-03-27T01:11:39.284175+00:00",{"id":95,"slug":96,"title":97,"created_at":98},"c4f807ca-4e5f-47f1-a48c-961cf3fc44dc","ai-ml-conferences-to-watch-in-2026-zh","2026 AI 研討會投稿時程整理","2026-03-27T01:51:53.874432+00:00",{"id":100,"slug":101,"title":102,"created_at":103},"cf046742-efb2-4753-aef9-caed5da5e32e","adaptive-block-scaled-data-types-zh","IF4：神經網路量化的聰明選擇","2026-03-31T06:00:36.990273+00:00",{"id":105,"slug":106,"title":107,"created_at":108},"53a0dc54-0371-4e40-8d5e-74e94a73840c","geometry-aware-similarity-metrics-for-neural-representations-zh","超越距離測量：用微分幾何重新理解神經網路","2026-03-31T06:01:01.241968+00:00",{"id":110,"slug":111,"title":112,"created_at":113},"fee7d472-a775-4b1d-bbc2-1e8bca1bbf8b","on-the-fly-repulsion-in-the-contextual-space-for-rich-divers-zh","讓AI繪圖更有創意：用排斥力提升生成多樣性","2026-03-31T06:01:25.439673+00:00",{"id":115,"slug":116,"title":117,"created_at":118},"a9901203-d69b-447b-8854-15d14eab32b4","vision-aided-beam-prediction-cnn-eca-zh","影像輔助波束預測升級 CNN","2026-04-01T10:00:25.8073+00:00",{"id":120,"slug":121,"title":122,"created_at":123},"b55e7dd4-0a24-4b3d-804d-b0309a03f498","triple-band-fss-mimo-antenna-sub-6-ghz-zh","三頻 FSS MIMO 天線瞄準 sub-6 GHz","2026-04-01T13:18:36.857305+00:00",{"id":125,"slug":126,"title":127,"created_at":128},"f68290bd-e7f3-4b30-ba22-dcd4e0130a66","openclaw-1299-repos-eight-weeks-analysis-zh","OpenClaw 1299 個 Repo 的資料解讀","2026-04-02T05:03:45.208411+00:00",{"id":130,"slug":131,"title":132,"created_at":133},"ed9f80eb-eb02-4d35-8ad4-0ddf428751dd","beam-coherence-aware-combining-mmwave-mimo-zh","毫米波 MIMO 的雙階合併法","2026-04-02T05:27:26.897188+00:00"]