Hugging Face: open-source AI gives defenders the same capabilities as attackers

Hugging Face has published a comprehensive article on how artificial intelligence is changing the balance of power in cybersecurity — and why the openness of models and tools is just as important as their capabilities. At the center of the article is the Mythos system: a language model with specialized tooling designed for finding and patching vulnerabilities. The authors emphasize that the capabilities of such systems are nonlinear. A small model embedded in a well-designed agent pipeline with domain expertise can compete with much larger proprietary solutions — and this is especially valuable for defenders with limited budgets.

The central argument is the structural advantage of open ecosystems. When a vulnerability is discovered, the cycle consists of four stages: discovery, verification, coordination, and patch distribution. Proprietary vendors go through all four stages within a single organization — a single point of failure. Open communities distribute each stage among multiple teams: the Linux kernel security team, the Open Source Security Foundation, and Hugging Face specialists in model supply chain security. An attacker who compromises one node does not stop the entire ecosystem.

The myth of 'security through obscurity' is addressed separately. The authors point out that AI tools are already capable of helping with reverse engineering binary files without source code. A huge layer of legacy firmware and embedded code — proprietary, binary, long unmaintained — is becoming increasingly accessible for automated analysis. Proprietary code does not protect against attacks; it only slows down defenders who lack access to source code.

The authors propose a concrete defense architecture: semi-autonomous agents based on open source code. The agent operates within predetermined boundaries, critical steps require human confirmation, and all system behavior can be audited through open logs and traces. 'A human in the control loop makes sense only when they can look inside the loop' — the article's key formulation. Proprietary systems do not allow this.

For organizations with sensitive data, open solutions provide an additional advantage: they can be deployed entirely within their own infrastructure, fine-tuned on internal data, and customized for specific requirements — without transmitting data to external providers.

The authors' conclusion: the future of AI-powered cybersecurity will be determined not by individual models, but by the ecosystems around them. Open systems give defenders visibility, control, community, and shared infrastructure — exactly what is lacking in isolated defense using proprietary tools.