The 0day Rubbish project has been introduced—an innovative platform that utilizes an ensemble of state-of-the-art large language models (including GPT-5.5, Claude Opus 4.8, and DeepSeek V4) for the automated discovery of zero-day vulnerabilities. The project demonstrates a transition from manual security auditing to autonomous multi-agent systems capable of finding complex exploit chains at scales unattainable by humans.
What Happened
Developers have launched the 0day Rubbish platform, which, as a demonstration, successfully discovered a critical vulnerability chain in Cisco CUCM 14.0 with a CVSS score of 9.8. The process involves 6 stages, starting from an SQL injection and ending with achieving unauthorized remote code execution (RCE). The project employs an "aggressive disclosure" strategy, publishing working Proof of Concept (PoC) exploits immediately upon discovery to stimulate rapid patch releases by vendors.
Context
The traditional cybersecurity model relies heavily on a reactive approach and manual auditing. The use of Multi-Agent Swarm systems based on SOTA LLMs allows for the combination of different cognitive abilities of models to solve complex multi-step tasks, such as finding connections between disparate code errors.
Why It Matters for the Industry
For the industry, this signifies a paradigm shift from manual auditing to autonomous systems that radically reduce the cost and time required to discover critical vulnerabilities. This creates unprecedented pressure on software vendors, requiring instantaneous reactions to publicly available exploits and stimulating the development of tools for automated Red Teaming.
Why It Matters for Users
For users and security professionals, the threat landscape is changing: the cycle from the moment a vulnerability is discovered to the appearance of a public exploit is being reduced to a minimum. Defense will need to shift from a model of waiting for patches to a model of immediate real-time anomaly detection.
What Is Not Yet Known / Limitations
At this time, data regarding inference costs, latency, and the overall scalability of the system is unavailable, making it difficult to assess its readiness for industrial-scale production use.
Sources
- 0day Rubbish | AI-Driven Vulnerability Discovery & Responsible Disclosure
- GitHub - Exploit-Garbage/0day-Rubbish
Author
Look at AI, Editorial Staff
