AI Writes Full Chrome Exploit for $2,283, Raising Alarms About Shrinking Patch Windows

A security researcher uses Anthropic's Claude Opus 4.6 to build a fully working Chrome exploit for just $2,283, sparking urgent warnings that AI is dangerously compressing the time between patch releases and active cyberattacks.

• Hacktron CTO Mohan Pedhapati uses Anthropic's Claude Opus 4.6 to develop a full working exploit chain targeting the V8 JavaScript engine in Chrome 138, bundled in Discord, at a cost of $2,283 in API fees and roughly 20 hours of human guidance.
• Security experts warn that as AI models grow more capable, the window between patch release and active exploitation is shrinking, with every public code commit now serving as a potential starting gun for attackers armed with an API key.
• Developers are urged to prioritize security before code ships, monitor dependencies more closely, automate security patching, and exercise greater caution around when vulnerability details in open source projects become publicly visible.