AI Hackers on the Rise: XBOW's Oege de Moor Discusses Autonomous AI

In a compelling presentation, Oege de Moor, associated with XBOW, offered a glimpse into the emerging world of autonomous AI hackers. De Moor, a prominent figure in the cybersecurity research community, discussed how artificial intelligence is transforming the landscape of vulnerability discovery and exploitation. The talk, aimed at a knowledgeable audience, highlighted the increasing sophistication and autonomy of AI agents in identifying and leveraging software weaknesses, drawing parallels to historical shifts in warfare and technological advancement.

Who is Oege de Moor and XBOW?

Oege de Moor is presented as a key figure in the field of AI-driven cybersecurity, specifically within the context of autonomous hacking capabilities. While the provided information does not detail de Moor's specific background beyond his association with XBOW, the context of the presentation suggests expertise in AI research and application, particularly in security. XBOW, the entity de Moor represents, appears to be at the forefront of developing and utilizing AI agents for cybersecurity tasks, including vulnerability detection and exploitation.

The Rise of Autonomous AI Hackers

De Moor's presentation began by framing the current cybersecurity situation as a battleground where AI is increasingly playing a significant role. He drew a historical analogy to the Battle of Nagashino in 1575, where Oda Nobunaga's army, equipped with advanced firearms, defeated the cavalry-centric forces of the Takeda clan. This analogy serves to illustrate how technological superiority, specifically the adoption of new tools, can dramatically shift the balance of power. De Moor posited that autonomous AI agents are the new 'firearms' in the cybersecurity realm, capable of performing complex tasks without direct human oversight.

He detailed how human hackers have historically used AI as an assistant, but the trend is now shifting towards AI performing the entire process autonomously. This includes reconnaissance, identifying vulnerabilities, and executing exploits. De Moor highlighted a specific example of a Microsoft Bing Images remote code execution vulnerability (CVE-2026-32191) discovered by an AI, which required only a URL as input to find and exploit. This demonstration underscored the efficiency and autonomy that AI agents are achieving.

The Performance of AI Models in Security

A significant portion of the presentation focused on the rapid advancements in AI model performance, particularly in the context of security tasks. De Moor presented data showcasing the performance of various AI models, including 'Sonnet,' 'Gemini,' 'Alloy,' and 'GPT' variants, over time. The graph displayed a clear trend of increasing 'Solver Success Rate' from August 2025 to the present. Notably, the gap between open-weight models and proprietary models in these benchmarks is shrinking rapidly. De Moor projected that within 6-9 months, open-weight models would catch up to proprietary ones, emphasizing that this timeline represents a critical deadline for the cybersecurity community to adapt.

He elaborated on how XBOW's approach involves using these frontier models to identify vulnerabilities, comparing it to 'pair programming' where different AI models collaborate and compensate for each other's weaknesses. This collaborative approach, de Moor suggested, is key to achieving higher success rates in complex cybersecurity tasks.

Implications for Cybersecurity and the Future

De Moor raised critical questions about the exploitability of AI-discovered vulnerabilities: "Are these weaknesses exploitable in the wild? Are they config/deployment issues or coding errors?" He stressed that understanding the nature of these vulnerabilities is crucial for developing effective defenses. The rapid progress of AI in cybersecurity presents a dual-edged sword: while it can be used for defensive purposes, such as identifying flaws before malicious actors do, it also empowers attackers with increasingly potent tools.

The presentation concluded with a call to action for the security community. De Moor outlined three key priorities: 1) maximizing the cyber capabilities of frontier models by finding all possible bugs, 2) rallying the security community to express their expertise as specialized agents, and 3) prioritizing what truly matters by focusing on 'Safe AI hackers' to select bugs that pose the most significant risk. He urged the audience to recognize the narrowing gap between open-weight and proprietary models and to proactively adapt their strategies, stating, "We have 6-9 months before open weights catches up. THIS IS YOUR DEADLINE."

Key Takeaways for the AI and Startup Scene

The insights from Oege de Moor's presentation have significant implications for the AI and startup sectors. The rise of autonomous AI hackers signals a new era of cybersecurity threats, where AI-driven attacks could become more sophisticated, faster, and more widespread. Startups and established companies alike must invest in AI-powered security solutions and develop robust defense mechanisms to counter these evolving threats. Furthermore, the increasing parity between open-weight and proprietary AI models suggests that the democratization of advanced AI capabilities will extend to the cybersecurity domain, potentially leveling the playing field for both attackers and defenders.