An AI just designed its own management structure for a team of other AIs, which then found ten major security holes in Google Chrome.
April 24, 2026
Original Paper
Synthesizing Multi-Agent Harnesses for Vulnerability Discovery
arXiv · 2604.20801
The Takeaway
The AgentFlow system doesn't just look for bugs. it builds the entire coordination plan for how multiple agents should work together. This meta-approach allowed the AI team to discover ten previously unknown zero-day vulnerabilities in the world's most popular browser. Humans usually have to design these complex testing workflows, but the AI proved it could do it better and faster. This means that the future of cybersecurity will be an AI arms race where machines manage other machines to attack and defend software. The sheer speed of these discoveries makes traditional manual security audits obsolete. Our software is either about to get much safer or much more vulnerable.
From the abstract
LLM agents have begun to find real security vulnerabilities that human auditors and automated fuzzers missed for decades, in source-available targets where the analyst can build and instrument the code. In practice the work is split among several agents, wired together by a harness: the program that fixes which roles exist, how they pass information, which tools each may call, and how retries are coordinated. When the language model is held fixed, changing only the harness can still change succe