V8

$2,283. That’s what it cost Mohan Pedhapati, CTO of security firm Hacktron, to build a fully functional 12-phase exploit chain targeting Chrome’s V8 JavaScript engine — using Claude Opus 4.6 as his primary engineering partner. No prior exploit code fed to the model. No exploit framework to scaffold from. Just a researcher, an API key, and roughly 20 hours of human effort across 1,765 requests and 2.33 billion tokens. The result was working Remote Code Execution (RCE). ...