[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-llm-agents-real-vulnerability-hunters-zh":3,"tags-llm-agents-real-vulnerability-hunters-zh":35,"related-lang-llm-agents-real-vulnerability-hunters-zh":45,"related-posts-llm-agents-real-vulnerability-hunters-zh":49,"series-research-d9868f49-f928-4053-ae16-416dffad41d7":86},{"id":4,"title":5,"content":6,"summary":7,"source":8,"source_url":9,"author":10,"image_url":11,"keywords":12,"language":19,"translated_content":10,"views":20,"is_premium":21,"created_at":22,"updated_at":22,"cover_image":11,"published_at":23,"rewrite_status":24,"rewrite_error":10,"rewritten_from_id":25,"slug":26,"category":27,"related_article_id":28,"status":29,"google_indexed_at":30,"x_posted_at":10,"tweet_text":10,"title_rewritten_at":10,"title_original":10,"key_takeaways":31,"topic_cluster_id":10,"embedding":10,"is_canonical_seed":21},"d9868f49-f928-4053-ae16-416dffad41d7","為什麼 LLM agents 正在變成真正的漏洞獵手","\u003Cp data-speakable=\"summary\">\u003Ca href=\"\u002Fnews\u002Fwhy-gpt-5-5-should-be-default-coding-llm-2026-zh\">LLM\u003C\u002Fa> agents 已經能在真實軟體中找出漏洞，不再只是協助寫程式。\u003C\u002Fp>\u003Cp>\u003Ca href=\"\u002Ftag\u002Fllm\">LLM\u003C\u002Fa> agents 不再只是新奇玩具；它們正在變成實用的漏洞發現工具，而 Linux kernel、\u003Ca href=\"\u002Ftag\u002Fdocker\">Docker\u003C\u002Fa>、OpenSSL 的最新發現已經證明這一點。這些不是練習題，而是現代基礎設施的核心元件。當一組自我協作的 agents 能在不同程式碼庫中，從大範圍搜尋一路走到可信的 bug 發現，資安研究的玩法就已經變了。\u003C\u002Fp>\u003Ch2>第一個論點\u003C\u002Fh2>\u003Cp>真正的突破不是「LLM 會猜 bug 模式」，而是多個 agents 能像小型研究團隊那樣分工：一個探索程式路徑，一個評估可利用性，一個修正假設，一個避免搜尋卡住。這種編排把模型從聰明的自動補字，變成持續工作的研究者。再加上 activation steering，代表系統不是只對提示詞做反應，而是被導向資安推理模式。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778591454009-e0hv.png\" alt=\"為什麼 LLM agents 正在變成真正的漏洞獵手\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>這和傳統 fuzzing 的演進很像。早期 fuzzers 很快，但覆蓋面窄；後來真正有效的流程，是把 fuzzing、symbolic execution、sanitizers 和人工 triage 串在一起。agentic LLM 工作流也是同一條路。重點不是「AI 找到一個 bug」，而是「一個工作流跨過 kernel、container、crypto 三種軟體層，靠多步推理找出漏洞」。這才是值得安全團隊重視的訊號。\u003C\u002Fp>\u003Ch2>第二個論點\u003C\u002Fh2>\u003Cp>在單一應用裡找到缺陷很有用，但同一套流程能在 Linux kernel、Docker、OpenSSL 都挖出可信漏洞，代表的是另一個層級。這三者分別對應現代運算的底層、中層與信任邊界：kernel 決定核心記憶體安全，container 決定隔離與執行環境，OpenSSL 則影響幾乎所有下游產品的機密性與完整性。能同時碰到這三層，表示它不是只學會某個專案的怪癖，而是在學系統軟體的通用推理方式。\u003C\u002Fp>\u003Cp>這種可遷移性是防守方最該在意的地方。Linux kernel 是最難找遠端可達記憶體破壞漏洞的場域之一，程式碼巨大、歷史包袱重、細節又極度敏感。Docker 的問題會直接影響隔離失效與營運風險。OpenSSL 則可能讓加密信任鏈整個失守。當一條自動化探索管線能碰到這三個領域，瓶頸就不再是「AI 看不看得懂程式」，而是「人類能不能跟上 AI 輔助的偵察速度」。\u003C\u002Fp>\u003Ch2>反方可能怎麼說\u003C\u002Fh2>\u003Cp>懷疑者的論點其實很強：這些系統仍然需要專家監督，漏洞發現不等於穩定利用，更不等於負責任揭露。資安圈看過太多看起來很厲害、實際上卻經不起審查的 demo。若流程依賴大量手工 steering 和精細編排，那它就還不算真正自主；把它講成革命，容易高估方法成熟度。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778591449563-ljg3.png\" alt=\"為什麼 LLM agents 正在變成真正的漏洞獵手\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>這個批評是合理的，但它沒有推翻結論。完全自主不是重點，穩定地擴大搜尋空間、產出值得專家驗證的候選漏洞，才是重點。這次在 kernel、Docker、OpenSSL 的成果，已經跨過這條線。即使最後仍要人類確認影響範圍、撰寫報告，最昂貴的初始發現階段已經被明顯壓低成本。限制存在，但那是部署限制，不是重要性限制。\u003C\u002Fp>\u003Ch2>你能做什麼\u003C\u002Fh2>\u003Cp>資安團隊應該停止把 agentic LLM 當成旁支實驗，改把它納入漏洞研究流程。工程師可以把它和 fuzzers、static analysis、sanitizer 輸出串在一起，並在真實程式碼庫上量測 \u003Ca href=\"\u002Fnews\u002Fwhy-mvm-is-the-right-kind-of-go-interpreter-zh\">pre\u003C\u002Fa>cision、triage 時間與漏洞品質。PM 應該把預算放在評估框架，而不是一次性 demo。創辦人若在做 devt\u003Ca href=\"\u002Fnews\u002Fwhy-google-deepmind-is-winning-model-talent-war-zh\">oo\u003C\u002Fa>ls 或安全工具，應該優先打造讓 agents 能搜尋、排序、交接給人的工作流，因為價值已經出現在這裡；會贏的不是問「agents 能不能找洞」的人，而是把洞變成可處理結果的人。\u003C\u002Fp>","LLM agents 已經不只是寫程式工具，它們開始能在真實系統中找出有價值的漏洞，而且這件事正在改變資安研究的分工方式。","letsdatascience.com","https:\u002F\u002Fletsdatascience.com\u002Fnews\u002Fllm-agents-find-kernel-docker-openssl-vulnerabilities-d08ffc7a",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778591454009-e0hv.png",[13,14,15,16,17,18],"LLM agents","漏洞發現","Linux kernel","Docker","OpenSSL","資安自動化","zh",0,false,"2026-05-12T13:10:27.450959+00:00","2026-05-12T13:10:27.434+00:00","done","653541b9-a7c4-42ca-909f-6540558f9975","llm-agents-real-vulnerability-hunters-zh","research","7a5a2d84-bd79-4604-876c-80486c6c691e","published","2026-05-13T09:00:10.887+00:00",[32,33,34],"LLM agents 已經能參與真實漏洞發現，不只是生成程式碼。","多代理協作與 activation steering，讓模型能做更接近研究員的推理工作。","防守方應把 agents 納入既有資安流程，重點放在可驗證與可交接的結果。",[36,38,39,41,43],{"name":15,"slug":37},"linux-kernel",{"name":14,"slug":14},{"name":17,"slug":40},"openssl",{"name":13,"slug":42},"llm-agents",{"name":16,"slug":44},"docker",{"id":28,"slug":46,"title":47,"language":48},"llm-agents-real-vulnerability-hunters-en","Why LLM agents are becoming real vulnerability hunters","en",[50,56,62,68,74,80],{"id":51,"slug":52,"title":53,"cover_image":54,"image_url":54,"created_at":55,"category":27},"667b72b6-e821-4d68-80a1-e03340bc85f1","turboquant-seo-shift-small-sites-zh","TurboQuant 與小站 SEO 變化","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778840440690-kcw9.png","2026-05-15T10:20:27.319472+00:00",{"id":57,"slug":58,"title":59,"cover_image":60,"image_url":60,"created_at":61,"category":27},"381fb6c6-6da7-4444-831f-8c5eed8d685c","turboquant-vllm-comparison-fp8-kv-cache-zh","TurboQuant 與 FP8 實測結果","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778839867551-4v9g.png","2026-05-15T10:10:36.034569+00:00",{"id":63,"slug":64,"title":65,"cover_image":66,"image_url":66,"created_at":67,"category":27},"c15f45ee-a548-4dbf-8152-91de159c1a11","llmbda-calculus-agent-safety-rules-zh","LLMbda 演算替 AI 代理人立安全規則","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778825503412-mlbf.png","2026-05-15T06:10:34.832664+00:00",{"id":69,"slug":70,"title":71,"cover_image":72,"image_url":72,"created_at":73,"category":27},"0c02225c-d6ff-44f8-bc92-884c8921c4a3","low-complexity-beamspace-denoiser-mmwave-mimo-zh","更簡單的毫米波波束域去噪器","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778814650361-xtc2.png","2026-05-15T03:10:30.06639+00:00",{"id":75,"slug":76,"title":77,"cover_image":78,"image_url":78,"created_at":79,"category":27},"9d27f967-62cc-433f-8cdb-9300937ade13","ai-benchmark-wins-cyber-scare-defenders-zh","為什麼 AI 基準賽在資安領域的勝利，應該讓防守方警醒","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778807450006-nofx.png","2026-05-15T01:10:29.379041+00:00",{"id":81,"slug":82,"title":83,"cover_image":84,"image_url":84,"created_at":85,"category":27},"bc402dc6-5da6-46fc-9d66-d09cb215f72b","why-linux-security-needs-patch-wave-mindset-zh","為什麼 Linux 安全需要「補丁浪潮」思維","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778741449813-s2wn.png","2026-05-14T06:50:24.052583+00:00",[87,92,97,102,107,112,117,122,127,132],{"id":88,"slug":89,"title":90,"created_at":91},"f18dbadb-8c59-4723-84a4-6ad22746c77a","deepmind-bets-on-continuous-learning-ai-2026-zh","DeepMind 押注 2026 連續學習 AI","2026-03-26T08:16:02.367355+00:00",{"id":93,"slug":94,"title":95,"created_at":96},"f4a106cb-02a6-4508-8f39-9720a0a93cee","ml-papers-of-the-week-github-research-desk-zh","每週 ML 論文清單，為何紅到 GitHub","2026-03-27T01:11:39.284175+00:00",{"id":98,"slug":99,"title":100,"created_at":101},"c4f807ca-4e5f-47f1-a48c-961cf3fc44dc","ai-ml-conferences-to-watch-in-2026-zh","2026 AI 研討會投稿時程整理","2026-03-27T01:51:53.874432+00:00",{"id":103,"slug":104,"title":105,"created_at":106},"9f50561b-aebd-46ba-94a8-363198aa7091","openclaw-agents-manipulated-self-sabotage-zh","OpenClaw Agent 會自己搞砸自己","2026-03-28T03:03:18.786425+00:00",{"id":108,"slug":109,"title":110,"created_at":111},"11f22e92-7066-4978-a544-31f5f2156ec6","vega-learning-to-drive-with-natural-language-instructions-zh","Vega：使用自然語言指示進行自駕車控制","2026-03-28T14:54:04.847912+00:00",{"id":113,"slug":114,"title":115,"created_at":116},"a4c7cfec-8d0e-4fec-93cf-1b9699a530b8","drive-my-way-en-zh","Drive My Way：個性化自駕車風格的實現","2026-03-28T14:54:26.207495+00:00",{"id":118,"slug":119,"title":120,"created_at":121},"dec02f89-fd39-41ba-8e4d-11ede93a536d","training-knowledge-bases-with-writeback-rag-zh","用 WriteBack-RAG 強化知識庫提升檢索效能","2026-03-28T14:54:45.775606+00:00",{"id":123,"slug":124,"title":125,"created_at":126},"3886be5c-a137-40cc-b9e2-0bf18430c002","packforcing-efficient-long-video-generation-method-zh","PackForcing：短影片訓練也能生成長影片","2026-03-28T14:55:02.688141+00:00",{"id":128,"slug":129,"title":130,"created_at":131},"72b90667-d930-4cc9-8ced-aaa0f8968d44","pixelsmile-toward-fine-grained-facial-expression-editing-zh","PixelSmile：提升精細臉部表情編輯的新方法","2026-03-28T14:55:20.678181+00:00",{"id":133,"slug":134,"title":135,"created_at":136},"cf046742-efb2-4753-aef9-caed5da5e32e","adaptive-block-scaled-data-types-zh","IF4：神經網路量化的聰明選擇","2026-03-31T06:00:36.990273+00:00"]