Models finding software vulnerabilities is not the primary source of cybersecurity risk (opens in new tab)

I have tried and failed to write a longer post since 2024, so here goes a short one with less detail.Discourse has primarily focused on models' ability to develop new exploits against important software from scratch. That capability is impressive, but the tech industry has been dealing with people regularly finding 0-day exploits for important pieces of software for more than twenty years. Having to patch these vulnerabilities at a 10xed or even 100xed cadence for a fixed period of time is we...