Buy Crypto
Pay with
USD
USD
Buy & Sell
Hot
Supports Visa, Mastercard, SEPA & more
P2P
0 Fees
Flexible trading, zero fees
Gate Card
Use your crypto for payments worldwide
Markets
Trade
Basic
Advanced
Futures
Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Stocks
CFD
U.S. stock CFD derivatives
US Stocks
Access real US stocks and ETFs
HK Stocks
Trade quality Hong Kong-listed stocks
Korean Stocks
SK Hynix
Real Korean stocks and top assets
Stock Futures
High leverage, 24/7 trading
Tokenized Stocks
Backed by real stock assets
IPO Access
Unlock full access to global stock IPOs
GUSD
Mint GUSD for Treasury RWA yields
Stocks Activities
Trade Popular Stocks and Unlock Generous Airdrops
Earn
Launch
CandyDrop
tag
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
IPO Access
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Investment
Square
Square
Post, share, and explore crypto trends
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
flower_head
More
Promotions
AI
Others
TradFi
2026 World Cup
Rewards
Square
Latest
Hot
News
Profile

AgentFlow combines 300 agents to mine 10 Chrome zero-day vulnerabilities including sandbox escape.

MeNews
ME News message. On April 23 (UTC+8), according to Beating Intelligence monitoring, the UCSB Yu Feng team, together with fuzz.land and other organizations, proposed AgentFlow, an automated synthesis method for multi-agent harnesses (programs that orchestrate agent role assignments, information transmission, tool allocation, and retry logic) for vulnerability discovery. The paper notes that when the model stays unchanged, simply modifying the harness can make the success rate differ by several times; however, existing solutions are mostly manually written or only search within a limited design space. AgentFlow uses a typed-graph DSL to unify five harness dimensions (roles, topology, message patterns, tool bindings, and coordination protocol) into an editable graph program, and in a single step it can simultaneously add or revise agents, topology, prompts, and tool sets. The outer loop locates failure stages from runtime signals such as the target program’s coverage and sanitizer reports, replacing pass/fail binary feedback. On TerminalBench-2, paired with Claude Opus 4.6, it achieves 84.3% (75/89), the highest score of its kind on that leaderboard. On the Chrome codebase (35 million lines of C/C++), the system synthesizes harnesses made up of over 300 agents; the automatically evolved agent instructions specifically target C++ memory-safety vulnerabilities, requiring crash verification with ASAN/UBSAN, and deduplicating via shared documents and file locks among multiple agents. Running for 7 days on 192 H100 blocks using the open-source model Kimi K2.5, it found 10 zero-day vulnerabilities, all confirmed by Chrome VRP. Six have been assigned CVE numbers, involving WebCodecs, Proxy, Network, Codecs, and Rendering, with vulnerability types including UAF, integer overflow, and heap buffer overflow. Among them, CVE-2026-5280 and CVE-2026-6297 are Critical-level sandbox escapes. fuzz.land co-founder Shou Chaofan said that some vulnerabilities were originally discovered using MiniMax M2.5, and that MiniMax M2.5 and Opus 4.6 can also find most of them. AgentFlow has been open-sourced. (Source: BlockBeats)
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments

  • Pinned

Sitemap