Their systematic comparison found that 7B-13B parameter models successfully identified the same classes of vulnerabilities as Mythos, including memory safety issues, logic bugs, and authentication bypasses. They argue this demonstrates that vulnerability discovery sits in a capability region where smaller models already have sufficient reasoning ability.
They apply Ethan Mollick's 'jagged frontier' concept to cybersecurity, arguing that AI capabilities advance unevenly rather than as a smooth surface. This means the policy framework of export controls and disclosure rules built on the assumption that only frontier models pose novel security threats is badly incomplete.
They argue that the cybersecurity community spent the past year assuming frontier AI represents a qualitatively new threat because only large models can discover novel vulnerabilities. With small models replicating Mythos-level findings, proposals around export controls, responsible disclosure frameworks, and access restrictions predicated on model size need fundamental rethinking.
A new analysis from Aisle's research team tested whether the vulnerability discoveries attributed to Mythos — a frontier AI system that made headlines for finding real-world software vulnerabilities — could be replicated by substantially smaller models. The answer: yes, and it wasn't even close.
Small models, including those in the 7B-13B parameter range, successfully identified the same classes of vulnerabilities that Mythos found, challenging the assumption that security research capability scales linearly with model size. The researchers ran a systematic comparison across multiple model families and sizes, testing their ability to detect memory safety issues, logic bugs, and authentication bypasses in real codebases.
The findings landed on Hacker News with a score north of 1,100 — unusually high engagement that reflects how deeply this challenges the prevailing narrative about AI capabilities and safety.
The cybersecurity community has spent the past year operating under a working assumption: frontier AI models represent a qualitatively new threat because they can discover vulnerabilities that smaller systems can't. Policy proposals, export controls, and responsible disclosure frameworks have all been built on this premise. This research suggests that premise is wrong, or at least badly incomplete.
The key conceptual framework here is the jagged frontier, a term coined by Ethan Mollick and colleagues during their BCG research collaboration. The idea is deceptively simple: AI capabilities don't advance as a smooth, uniform surface. A model might be brilliant at one task and mediocre at an adjacent one, and the boundary between "can do" and "can't do" is jagged rather than a clean line that advances with scale.
Applied to cybersecurity, the jagged frontier means that vulnerability discovery sits in a region of capability space where smaller models already have sufficient reasoning ability — the bottleneck was never raw intelligence, but rather the right prompting strategies, tool access, and task decomposition. This mirrors what security researchers have long known intuitively: finding most bugs is about systematic coverage and pattern recognition, not genius-level insight.
The Hacker News discussion surfaced a telling divide. Some commenters argued this validates the AI safety community's concerns — if small models can find vulns, the threat surface is already wider than anyone modeled. Others took the opposite read: if vulnerability discovery doesn't require frontier models, then restricting access to large models won't actually contain the offensive risk, and policy should focus elsewhere.
Both sides have a point, which is exactly what makes this finding uncomfortable. The implication isn't that frontier models are harmless — it's that the capability threshold for meaningful vulnerability discovery is lower than the industry assumed, and it's already been crossed by models that run on consumer hardware.
If you're running a security team, three things change immediately.
First, your threat model needs an update. The working assumption that AI-assisted exploitation requires access to frontier APIs — and therefore can be partially controlled through API monitoring and rate limiting — no longer holds. Attackers with locally-hosted open-weight models in the 7B-13B range have enough capability to automate vulnerability scanning at scale. This doesn't mean every script kiddie becomes a zero-day factory overnight; converting a discovered vulnerability into a working exploit still requires significant skill. But the discovery phase just got dramatically cheaper.
Second, defensive AI tooling is now accessible to everyone, not just well-funded teams. If small models can find these vulnerabilities, you can run them against your own codebase. Security teams at startups and mid-size companies can now deploy AI-assisted code review and fuzzing using open-weight models on modest infrastructure — a capability that was previously gated behind expensive frontier API access or specialized commercial tools. Tools like CodeQL and Semgrep have been doing static analysis for years, but AI-augmented approaches can catch logic bugs and complex vulnerability patterns that rule-based systems miss.
Third, the economics of bug bounty programs and vulnerability disclosure are about to shift. When AI can systematically scan codebases at low cost, the volume of reported vulnerabilities will increase. Bug bounty programs need to prepare for an influx of AI-assisted submissions. Some programs are already seeing this; the question is whether triage processes can scale to match.
For practitioners building applications, the immediate action item is straightforward: integrate AI-assisted security scanning into your CI/CD pipeline. The cost has dropped to the point where there's no excuse not to. Run a small model against your PRs as a pre-merge check. It won't catch everything, but it'll catch the classes of bugs that this research showed small models handle well — buffer overflows, SQL injection patterns, authentication logic errors, and similar well-characterized vulnerability types.
The right mental model isn't "AI replaces security engineers" — it's "AI makes security engineers 3-5x more productive at the discovery phase, and that multiplier is now available at commodity prices."
The jagged frontier framework suggests we should expect more surprises like this — tasks that seem to require frontier-scale intelligence turning out to be solvable by much smaller systems once someone figures out the right task decomposition. For cybersecurity, the genie is definitively out of the bottle. The policy conversation needs to shift from "restrict access to capable models" to "assume capable models are everywhere and build resilience accordingly." For engineering teams, the silver lining is real: the same capability democratization that empowers attackers also empowers defenders, and defenders who move first on AI-augmented security tooling will have a meaningful advantage over those who wait.
Top 10 dev stories every morning at 8am UTC. AI-curated. Retro terminal HTML email.