Specialized AI detects 92% of real-world DeFi exploits

• A purpose-built AI security agent detected vulnerabilities in 92% of 90 exploited DeFi contracts ($96.8 million in exploit value), compared with 34% and $7.5 million for a baseline GPT-5.1-based coding agent running on the same underlying model.
• The gap came from domain-specific security methodology layered on top of the model, not differences in core AI capability, according to the report.
• The findings come as prior research from Anthropic and OpenAI shows AI agents can execute end-to-end smart contract exploits at low cost, accelerating concerns that offensive AI capabilities are scaling faster than defensive adoption.

A purpose-built AI security agent detected vulnerabilities in 92% of exploited DeFi smart contracts in a new open-source benchmark.

The study, released Thursday by AI security firm Cecuro, evaluated 90 real-world smart contracts exploited between October 2024 and early 2026, representing $228 million in verified losses. The specialized system flagged vulnerabilities tied to $96.8 million in exploit value, compared with just 34% detection and $7.5 million in coverage from a baseline GPT-5.1-based coding agent.

Both systems ran on the same frontier model. The difference, according to the report, was the application layer: domain-specific methodology, structured review phases and DeFi-focused security heuristics layered on top of the model.

The findings arrive amid growing concern that AI is accelerating crypto crime. Separate research from Anthropic and OpenAI has shown that AI agents can now execute end-to-end exploits on most known vulnerable smart contracts, with exploit capability reportedly doubling roughly every 1.3 months. The average cost of an AI-powered exploit attempt is about $1.22 per contract, sharply lowering the barrier to large-scale scanning.

Previous CoinDesk coverage outlined how bad actors such as North Korea have begun using AI to scale hacking operations and automate parts of the exploit process, underscoring the widening gap between offensive and defensive capabilities.

Cecuro argues that many teams rely on general-purpose AI tools or one-off audits for security, an approach the benchmark suggests may miss high-value, complex vulnerabilities. Several contracts in the dataset had previously undergone professional audits before being exploited.

The benchmark dataset, evaluation framework and baseline agent have been open-sourced on GitHub. The company said it has not released its full security agent due to concerns that similar tooling could be repurposed for offensive use.

• Over $5 million in tokenized Dubai real estate becomes tradable on a controlled secondary market.
• The XRP Ledger-based tokens are backed by title deeds, with trades synced to Dubai’s land registry and supported by Ripple Custody.
• The project is part of Dubai’s broader plan to tokenize $16 billion in property by 2033.

Disclosure & Polices: CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of Bullish (NYSE:BLSH), an institutionally focused global digital asset platform that provides market infrastructure and information services. Bullish owns and invests in digital asset businesses and digital assets and CoinDesk employees, including journalists, may receive Bullish equity-based compensation.