Ethical Hacking Champion Predicts AI Will Intensify Competition

Valentina Palmiotti, known professionally as Chompie, a top-tier ethical hacker and recent victor at the prestigious Pwn2Own competition in Berlin, has cautioned that the emergence of advanced artificial intelligence tools, such as Claude Mythos, may effectively end her competitive career. While AI currently serves as a valuable asset for securing "bug bounties"—rewards paid to researchers who identify security flaws before malicious actors can exploit them—Palmiotti believes systems like Mythos are becoming so potent that even elite human hackers will soon find themselves outmatched.

The rise of AI has significantly disrupted the cybersecurity landscape, with particular attention focused on Mythos. Developed by Anthropic, the model reportedly identified 1,600 vulnerabilities across hundreds of software applications. Due to its potential danger, Anthropic has restricted access to the tool, making it available only to a select group of government agencies and cybersecurity firms.

Pwn2Own, organized by the ZeroDay Initiative, challenges ethical hackers globally to uncover weaknesses in designated products. This year, the event distributed nearly $1.3 million (£970,000) to participants who collectively discovered 47 previously unknown attack vectors across various platforms and software. All identified flaws were promptly reported to the respective companies, allowing them to patch the security holes before they could be weaponized by criminals.

During the first day of the contest, Chompie successfully demonstrated a breach in an Nvidia-linked system, securing a $20,000 prize. However, she immediately shifted into what she termed "zombie hacker mode" to prepare for subsequent challenges. “As soon as I won the first prize I ran back to my hotel room to keep working on the other one. I worked from 6pm til 6am and didn't sleep,” she recounted. Her intense effort paid off; video footage from the event captured a exhausted but satisfied Chompie on stage after successfully hacking a Linux-based system to claim an additional $50,000.

Chompie described this "zombie mode" as a period of intense, sleepless research and testing, sustained by energy drinks and adrenaline, often while wearing a black hoodie. “It's not healthy,” she admitted with a laugh, though she maintained that such dedication was essential. This year, many competitors, including Chompie, have leveraged AI tools like Claude Code to accelerate their workflow during these grueling sessions. In her role as a security researcher for IBM X-Force, as well as in competitions, she noted that AI currently provides a distinct advantage.

However, Palmiotti believes this advantage is temporary. She anticipates that the balance will shift with the introduction of more powerful models like GPT 5.5 Cyber and Claude Mythos. “I competed in Pwn2Own this year because I thought it might be my last chance,” she explained. She clarified that she does not foresee the disappearance of ethical hacking or security research entirely, but she expects the "lower-hanging fruit" to vanish, making it increasingly difficult for average researchers to succeed.

According to Chompie, only the absolute best hackers will remain capable of discovering novel bugs and winning prizes in this new era. She cited Orange Tsai, a Taiwanese hacker who prefers to remain anonymous and is a frequent winner of major hacking awards, as an example of this elite tier. Tsai led his team to a $375,000 (£278,000) victory by uncovering highly complex attack paths.

In contrast to Chompie’s concerns, Tsai views AI more optimistically. “For me, AI feels more like a really awesome assistant that helps accelerate my research workflow,” he said. He noted that while he generates numerous interesting ideas during research, he is limited by the need to sleep, preventing him from testing every possibility individually. “AI can finally help free my hands,” he added.

Although Tsai acknowledged that AI is raising the performance bar, he remains hopeful that human creativity and intuition will continue to identify vulnerabilities that AI tools might overlook. This divergence in perspective raises a critical question: if it becomes increasingly difficult for ethical hackers to penetrate online systems, what implications does this have for malicious actors?

Source: BBC News Generated at: 2026-05-27 00:43:55 UTC