UIUC’s Richard Fang, Rohan Bindu, Akul Gupta, and Daniel Kang have penned a paper claiming that OpenAI's GPT-4 can, without any human hand-holding, exploit vulnerabilities in real-world systems if you just hand it a CVE advisory on a silver platter.

To prove their point, they gathered 15 one-day vulnerabilities, some of which are so critical they'd make your hair stand on end, and GPT-4 could exploit 87 per cent of them.

Expanding on the alarming revelation that large language models can be weaponized to automate cyber attacks in a controlled environment.

 Daniel Kang, an assistant professor at UIUC, said: "GPT-4 can execute certain exploits independently, surpassing the capabilities of open-source vulnerability scanners. This capability of GPT -4 could potentially lead to severe security breaches."

The team noted they had a smorgasbord of vulnerabilities, from websites to containers to Python packages, and more than half of them are deemed 'high' or 'critical' risk by the CVE folks."

Kang and his merry men crunched the numbers and figured out that pulling off a successful LLM agent attack would set you back a mere $8.80 per exploit.