Mythos AI finds and exploits thousands of zero-day vulnerabilities
Updated
Updated · The Conversation · May 4
Mythos AI finds and exploits thousands of zero-day vulnerabilities
12 articles · Updated · The Conversation · May 4
In tests, Claude Mythos Preview found 271 Firefox flaws, built exploits for 181, and took over a simulated corporate network in three of 10 trials.
Anthropic withheld public release after the April 7 disclosure, instead giving selected tech companies access under Project Glasswing amid alarm from governments and the IT sector.
Researchers say the model mainly automates known attack methods at unprecedented speed, exposing longstanding patching gaps and raising questions over whether defenders or attackers benefit first.
AI can find 27-year-old bugs in critical code. What ticking time bombs in our digital world will it expose next?
With elite hacking now costing just a prompt, how can anyone but tech giants afford to stay secure?
As AI automates hacking, are we entering an era of unbreakable defense or unstoppable cyberattacks?
The 72.4% Exploit Success Rate: How Anthropic’s Mythos AI is Collapsing Cybersecurity Timelines
Overview
In early 2026, Anthropic's Mythos Preview revolutionized cybersecurity by autonomously discovering over 2,000 zero-day vulnerabilities and performing the entire attack lifecycle in minutes. This breakthrough, driven by advances in code understanding and autonomy, triggered a 'vulnerability tsunami' overwhelming defenders, as 99% of these flaws remain unpatched and exploits now appear within 24 hours of disclosure. In response, Anthropic launched Project Glasswing, granting limited access to major tech partners to preemptively patch vulnerabilities, while sparking debates over access and governance. The rapid AI-driven threat landscape demands defenders adopt autonomous, machine-speed defenses focused on continuous exposure assessment and faster remediation, reshaping security priorities and budgets.