I now understand why Anthropic is so afraid of what frontier models might do.
Over the past week, I watched two AI models collaborate to reverse-engineer a signed, obfuscated Java application, defeat its platform checks, extract authentication tokens from a running JVM, bypass license restrictions, and build a self-maintaining agent that survives vendor updates. The JARs are signed with SHA-256 digests. The updater re-downloads tampered files. None of it mattered. The models wrote ASM bytecode transforms that intercept classes in memory at load time, leaving every file on disk pristine and untouched.
Anyway. Here's what happened.
Follow-up to Extracting Bookmap from ThinkorSwim. A week later, three things happened that forced a rethink.
This content is encrypted
Enter the decryption key to view this article.