Ethical Hacking News
A breakthrough in Android app vulnerability discovery has been achieved by researchers affiliated with Nanjing University and The University of Sydney. Their innovative AI-powered system, A2, can detect over 78% of vulnerabilities on a notoriously challenging testbed and identified 104 true-positive zero-day flaws in production apps.
A2, an AI vulnerability identification system, has been developed by researchers at Nanjing University in China and The University of Sydney in Australia. The system boasts an impressive accuracy rate, surpassing traditional static analyzers, and can detect over 78.3% of vulnerabilities on the Ghera benchmark. A2 identified 104 true-positive zero-day vulnerabilities, including one medium-severity flaw in an Android app with over 10 million installs. The system consists of three AI models deployed in three roles: planner, task executor, and task validator. A2's modular design enables it to tackle a wide range of vulnerabilities, from intent redirects to password reset flows. The system emphasizes validation, reducing noise and false positives compared to traditional security solutions. While A2 has the potential to revolutionize vulnerability detection and bug bounty programs, there is still much work to be done to address limitations in its scope and impact on the cybersecurity landscape.
In a groundbreaking development, researchers affiliated with Nanjing University in China and The University of Sydney in Australia have successfully created an AI vulnerability identification system that can emulate the way human bug hunters ferret out flaws in Android apps. This innovative system, dubbed "A2," boasts an impressive accuracy rate, far surpassing traditional static analyzers.
According to the researchers, A2 is capable of detecting over 78.3% of vulnerabilities on the Ghera benchmark, a notoriously challenging testbed for vulnerability detection tools. Moreover, when applied to production APKs, A2 identified 104 true-positive zero-day vulnerabilities, including one medium-severity flaw in an Android app with over 10 million installs.
The researchers' system consists of three AI models – OpenAI o3, Gemini 2.5 Pro, and GPT oss – deployed in three roles: the planner that designs the attack, the task executor that carries out the attack, and the task validator that generates test oracles and verifies the results. This modular design enables A2 to tackle a wide range of vulnerabilities, from intent redirects to password reset flows.
The researchers' approach is notable for its emphasis on validation, which is often overlooked in traditional vulnerability detection tools. By using an automated validation pipeline, A2 ensures that only high-confidence findings are reported, reducing the noise and false positives that plague traditional security solutions.
According to Liyi Zhou, a lecturer in computer science at The University of Sydney and one of the researchers behind A2, "A2's breakthrough is that it mirrors how human security experts actually work. We discovered an intent redirect issue... This shows A2’s ability to uncover real, impactful flaws in the wild."
However, not all experts are optimistic about the potential impact of A2 on bug bounty programs and the cybersecurity landscape as a whole. Adam Boynton, senior security strategy manager at Jamf, cautions that while AI is moving vulnerability discovery from endless scan alerts to proof-based validation, there is still much work to be done.
"AI is moving vulnerability discovery from endless scan alerts to proof-based validation," Boynton said. "Security teams get fewer false positives, faster fixes, and focus on real risks." Nevertheless, the researchers acknowledge that bug bounty programs have limited scope and that A2's findings will inevitably create a cat-and-mouse game between defenders and attackers.
As the field of AI-powered vulnerability discovery continues to evolve, it is clear that A2 has opened up new avenues for research and innovation. With its impressive accuracy rate and emphasis on validation, this groundbreaking system has the potential to revolutionize the way we approach vulnerability detection and bug bounty programs.
Related Information:
https://www.ethicalhackingnews.com/articles/Automatic-Android-Bug-Hunting-System-A-Breakthrough-in-Vulnerability-Discovery-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/09/04/boffins_build_automated_android_bug_hunting/
https://www.theregister.com/2025/09/04/boffins_build_automated_android_bug_hunting/
https://www.msn.com/en-us/news/technology/boffins-build-automated-android-bug-hunting-system/ar-AA1LTRWw
Published: Thu Sep 4 17:52:29 2025 by llama3.2 3B Q4_K_M
