🎙️ EP 68: Claude Got Hacked… By Claude?! And OpenAI's New Free Models Are Here - podcast episode cover

🎙️ EP 68: Claude Got Hacked… By Claude?! And OpenAI's New Free Models Are Here

Aug 06, 2025•12 min
--:--
--:--
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

What happens when an AI starts hacking itself? Today’s episode covers Claude’s jaw-dropping security flaws — and how it helped researchers break its own defenses. Also: OpenAI just released its first free, customizable AI models in 5 years. And they’re shockingly close to GPT-4 performance.

We’ll talk about:

  • How Claude accidentally revealed two major vulnerabilities in Claude Code
  • The wild competitions Claude is winning against human hackers
  • OpenAI’s launch of gpt-oss-120b and gpt-oss-20b — and what makes them different
  • Why Sam Altman says they were “on the wrong side of history” on open models

Keywords: Claude Code, OpenAI gpt-oss, AI security, CVE-2025-54794, gpt-oss-120b, hacking AI, agentic models, AI competition

Links:

  1. Newsletter: Sign up for our FREE daily newsletter.
  2. Our Community: Get 3-level AI tutorials across industries.
  3. Join AI Fire Academy: 500+ advanced AI workflows ($14,500+ Value)

Our Socials:

  1. Facebook Group: Join 247K+ AI builders
  2. X (Twitter): Follow us for daily AI drops
  3. YouTube: Watch AI walkthroughs & tutorials

Transcript

So imagine this. You've got an advanced AI, something like Claude. It's winning hacking competitions, really impressive stuff. But then here's the twist. It actually helps attackers find critical security flaws in itself. It's this really deep paradox, isn't it? AI evolves so fast. Amazing capabilities emerge. But then you see these inherent kind of unsettling risks laid bare, this tension. creation versus vulnerability. That's something we're really going to dig into today. Welcome

to the Deep Dive. We're taking all the latest AI news and challenges from a pretty packed newsletter, and we're breaking it down for you, making it clear, making it digestible. Our plan. First, unpack OpenAI's big kind of surprising shift towards open models. Then, look at the sheer speed of AI innovation right now. It's dizzying. We'll check out some new tools, new techniques people are using, and then, yeah, circle back to that really fascinating, maybe slightly terrifying

security thing with Claude. We want to give you the clarity, the details that stick. and really connect it all back to what it means for your grasp of this whole AI landscape. Yeah, absolutely. And just quickly, before we jump right in, maybe clarify a couple of terms we'll be throwing around. So open weight models. Think of these like, well, the core AI mechanics, the weights, they're public. You can grab them, use them, tweak them for what you need. But, and this is key, it's not the

full picture. You don't get the original training data or the whole architecture blueprint. That's what makes something truly open source. And this isn't quite that. Okay. And then agentic tasks. This is basically when an AI isn't just answering your question, right? It's given a goal. And then it actually uses external tools, maybe searches the web, runs some code to go out and achieve that goal itself. It's like giving the AI a job to do with tools. Got it. OK, so let's start

with that big news. Open AI. It feels like a major pivot. I mean, five years, they've mostly kept their best stuff locked down. And now, boom, new open weight models for everyone. For open AI, that feels huge. Oh, it's absolutely huge. And they're specific about what they're offering. Two main sizes. You've got GPUR120B, super powerful, but get this, designed to run on just one high

-end NVIDIA GPU. That's pretty efficient. Then there's the smaller one, DPTOS20B, lightweight enough for a regular laptop, just needs 16 gigs of RAM. And the important part for both, you can fine -tune them, customize them. They're built for those agentic tasks we just talked about. Plus, and this is a big deal for businesses, fully commercially usable. Apache 2 .0 license. You can find them on Hugging Face right now. Okay. Accessible, tunable, sounds promising.

But how do they actually stack up performance -wise? The sources suggest they're actually outperforming some existing open models. Like DeepSeek R1, Quia, on certain things. Yeah, that's right. On specific benchmarks like coding think code forces and some reasoning tasks like HLE. They seem to hold their own or even beat them. Which is impressive for new kids on the block. But there's always a but, right? Yeah, pretty much.

They definitely fall short of OpenAI's own closed models, like their GBT 3 .5 or GBT 4 mini versions, especially on more complex stuff. And hallucinations, you've got to watch out for those. The rate's higher, up to 53 % on person QA, which tests factual stuff about people. So powerful, yes, but limitations are there. It's expected with these smaller models, really. Also text only. No images, no audio yet, but definitely built for those agent workflows calling external tools.

Interesting tradeoffs. So stepping back, why? Why would OpenAI, the company practically synonymous with closed AI, make this move now? Well, the why it matters here is pretty fascinating. It looks like OpenAI is deliberately getting in the ring with companies like Meta. And also some big Chinese labs, DeepSeat, Quen, Moonshot. These guys have been winning over developers like crazy

with their open models. And Sam Altman, OpenAI's CEO, even said before they felt they were kind of on the wrong side of history being so closed off. So this move, it lines up way better with their original 2015 mission, remember. AI for wide benefit. Whether you see it as smart PR or a real change of heart, it definitely shakes up the power dynamics. For developers, one source called it. Gold. Pure gold. It kind of re -decentralizes things a bit, doesn't it? Let's innovation happen

outside the usual big tech players. So what's the real impact of OpenAI's shift to these more accessible models for you? Simply put, it gives developers way more power and options, which directly shapes what they can actually build. Right. That shift is huge. And it kind of leads us into just the sheer amount of stuff happening in AI generally. It's almost impossible to keep up, isn't it? Ooh, tell me about it. It's just constant. But some cool highlights recently.

Really show the range. Like there was this viral prompt going around from Bucko Capital for doing super deep company research, like professional level stuff. Just got an update, apparently sharper now than Cloud Opus 4 .1 came out. Not quite the next big generation, 5 .0 or whatever, but a more precise updated version of their best model. That's live now. Character .ai. They launched this new social feed, but it's all AI characters

interacting. Kind of wild. And Google Gemini, this is neat, lets you create personalized kids storybooks with illustrations in minutes across like 45 languages. You can even use your own photos to set the style. Crazy creative power. It's not just cool features, though, is it? There's this growing economic story, too. Axios was saying AI is basically propping up the U .S. economy right now. And I saw Derek Thompson put it super

bluntly. GDP growth equals AI capex. Ha! He's directly linking investment in AI infrastructure to, well, the whole economy growing. That's fundamental. And you see it in the real world, absolutely. Big funding rounds, real impact. Look at Carbine. They just landed $100 million to improve their AI system for 911 calls. Their revenue growth is like 477%, operating in nearly 300 places now. That's AI directly touching public safety, making emergency response better. It's not just

abstract tech anymore. How do these varied AI advances reshape your daily interactions or even the economy? Well, AI is subtly changing how we work, how we create things, and yeah, even how our economies tick. It really is creeping into everything. So, OK, beyond the big headlines, how are people actually using this stuff, building with it, finding new ways to make things work,

maybe even make money? Yeah, good question. On the practical side, you see lots of head -to -head comparisons now, like chat GPT agents versus Genspark AI. Which one's better for coding? For research, for writing stuff. People are figuring out the right tool for the job. But there's also this deeper idea emerging called context engineering. It's about moving past just simple prompts. You give the AI much richer information, better strategies, so it becomes less of a tool and more of an actual

intelligent partner. Building smarter agents faster. Think of it like giving the AI a really good briefing before a mission. That makes sense. And I saw something really intriguing for anyone who creates content online. of AI SEO coupled with Cloudflare's pay -per -crawl model. The suggestion is your content could actually get paid just for being crawled and found useful by an AI, even if no human clicks on it. It's a direct response to Google doing more zero -click

searches, right? Imagine getting paid just because your info is valuable to an AI. Wild. Super interesting concept. And yeah, the tools keep coming. Rapid fire. Covertro lets you build AI agents fast, no coding needed, kind of democratizing that context engineering thing. Embeddable helps you build interactive web tools just by chatting with an AI, making web dev easier. WritingMate 3 .0, one subscription, access to multiple different

AI models, simplifies things. And Corvenimage is apparently getting really good at drawing text accurately within images and precise editing. That's always been tricky for image AI. It just shows how specialized and diverse the tools are

getting. other quick updates that caught my eye just some quick hits open ai models now on aws for the first time that's big for enterprise adoption google's notebook lm their research assistant tool is opening up to younger users 13 and up google also mentioned their new genie 3 model framing it as a step towards agi Always interesting when they talk AGI. 11 labs dropped, 11 music letting you generate your own music

tracks. And the GSA, the U .S. government procurement agency, added OpenAI, Google, and Anthropic to their line of approved AI vendors. So AI is definitely going government mainstream. Which of these new tools or methods do you think will be most impactful for daily workflows? I think tools simplifying AI agent creation and maybe those new content monetization models seem pretty promising. Okay. Let's shift to our final segment. And honestly,

this one is the most mind -bending. The story about Claude AI discovering its own security flaws. It's both brilliant and deeply alarming. Right. It's exactly that paradox we started with. So researchers found two pretty critical security holes in Claude code. And the wild part is Claude itself kind of helped them find these weaknesses during the testing process. Hey, flaw hashtag one. It's got a fancy number. CVE -2025 -54794. Basically, Claude was tricked into escaping its

sandbox, its designated working area. The path checking wasn't strong enough. It wandered off where it shouldn't have. So it broke out of its cage. Yeah, very much. And then flaw hashtag two, CVE -2025 -54795. Claude has a list of safe commands it can use. But attackers figured out how to sneak malicious code inside those supposedly safe commands. It really hammers home. These AI systems can reason. And that reasoning ability can be turned back on them to break their own

rules. Okay, but here's the part that just... floors me. Despite having these flaws, Claude is simultaneously winning hacking competitions. Exactly. That's the stunning part. It ranked in the top 3 % in PICO CTF, which is a big student hacking contest. And on Hack the Box, a cybersecurity training site, it solved 19 out of 20 challenges they gave it. Whoa. Just pause and think about that. An AI that can not only solve complex hacking challenges better than most humans, but also

help discover its own ways to be hacked. Yeah, brilliant and terrifying is the only way to put it. It shows this incredible, almost self -aware level of problem solving, but the implications for security are huge. The source we looked at put it really starkly. If Claude can reverse engineer its own sandbox and start solving CTFs better than most humans, we've crocked a line. We definitely have. It means we're essentially

building AI hackers now. And whether they end up being security tools for us or tools used against us. Well, that depends entirely on how well we can build those sandboxes, those controls. And honestly, I still wrestle with how you truly sandbox something this intelligent, especially when it learns and adapts so damn fast. It's a massive challenge. It keeps me up sometimes thinking about it. That vulnerability. Yeah.

That challenge is real. So boiling it down. What are the immediate concerns or opportunities when AI can both hack systems and find its own flaws? It means cybersecurity just got exponentially more complex. We need way more sophisticated guardrails, constant vigilance, the opportunity. Maybe AI could be the ultimate security auditor, finding flaws we miss. The concern, that same intelligence could be the ultimate weapon if not contained. It's a double -edged sword, isn't

it, our sponsor? All right, let's try and pull the threads together here. What are the big ideas from this deep dive? We've definitely seen this ongoing trend towards democratizing AI, right? Open AI's move with open models puts serious power into more hands, which should spur innovation. And just the sheer pace, it's relentless. From AI creating kids' books to literally driving economic growth figures. It's everywhere. And threaded through it all is that core duality,

that paradox. Immense power for good, better research tools, safer emergency responses. But right alongside it, these incredibly complex challenges of control, security, safety. Cloud finding its own flaws is just the most vivid example. It underscores both the brilliance we're unlocking and the absolute need for caution, for thoughtful governance as we build these things.

So here's the thought to leave you with. As these AI models get more open, more powerful, and even capable of analyzing themselves, What does that mean for our responsibility? All of us. How do we collectively shape where this goes, make sure it develops safely? Something to chew on. Definitely. Keep digging into it yourself. The conversation's only getting started. Thanks for joining us for this deep dive into the world of AI. Yeah, thanks for listening. We appreciate it. Out to your old music.

Transcript source: Provided by creator in RSS feed: download file
For the best experience, listen in Metacast app for iOS or Android