Researchers say Claude Mythos preview discovered thousands of zero‑day vulnerabilities

Cybersecurity is the domain here, and the stakes are simple: if one model can find bugs faster than defenders can patch them, the whole balance shifts. That is the claim around Anthropic’s Claude Mythos Preview. But the story is not “AI found some bugs.” The story is that Anthropic says the model crossed a line where it can both identify and exploit zero-days across major operating systems and browsers, and that is why the company chose not to release it publicly on April 7. (red.anthropic.com) ### What is Claude Mythos, exactly? Mythos Preview is an unreleased Anthropic model that the company describes as its most capable frontier system so far. The unusual part is not just that it writes code well. It is that Anthropic built an entire release decision around its cybersecurity ability, then said general availability was off the table and access would be restricted to defensive work with selected partners. (www-cdn.anthropic.com) ### What did it supposedly do? Anthropic’s red-team writeup says Mythos could identify and then exploit zero-day vulnerabilities in every major operating system and every major web browser during testing. The company also says many of the bugs were old and subtle, including a now-patched 27-year-old OpenBSD bug, and that more than 99% of the vulnerabilities it found were still unpatched when it published, which is why the examples are sparse. (red.anthropic.com) ### Is there public evidence beyond Anthropic’s own claims? Yes — but it is narrower than the broadest hype. Mozilla said last week that Firefox 150 included fixes for 271 vulnerabilities identified during an early Mythos evaluation. That is the cleanest external validation because it comes from the maintainer of a real, hardened codebase, not from a benchmark or a demo. Mozilla framed the resu(red.anthropic.com)c’s prior model helped find 22 bugs in Firefox 148. (blog.mozilla.org) ### So were those 271 all catastrophic zero-days? Probably not, and this is where the thread needs some air. Mozilla said “271 vulnerabilities,” but its public advisory structure does not map one-to-one onto 271 critical remote-code-execution disasters. Some were likely lower-severity issues, hardening fixes, or bugs that would not each earn a separate public (blog.mozilla.org) single-handedly found 271 internet-ending flaws. (blog.mozilla.org) ### Why is Anthropic locking it down? Because the same skill that helps defenders also helps attackers. Anthropic’s own risk materials say Mythos is more capable and more agentic than prior models, especially on software engineering and cybersecurity tasks. The company’s answer is Project Glasswing — a restricted program for defensive security work rather than a normal product launch. (anthropic.com) ### Who gets access? The launch partners include AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic says it also extended access to more than 40 additional organizations that build or maintain critical software infrastructure, with up to $100 million in usage credits and $4 million in donations for(anthropic.com)olled infrastructure than like a chatbot feature. (anthropic.com) ### What changed versus a year ago? The gap is autonomy and scale. Security teams already use fuzzers, static analyzers, and AI coding helpers. Mythos is being presented as something closer to an elite bug hunter that can reason across codebases, reproduce issues, and in some cases build working exploits. If that claim holds up broadly, defenders can sweep for latent bugs much faster — but attackers can too, once comparable models spread. (red.anthropic.com) ### What is the real takeaway? The takeaway is not that zero-days are gone. It is that bug hunting may be moving from scarce human craft to scalable machine labor. Mozilla’s 271-fix release is the strongest concrete signal so far. Anthropic’s bigger claim — thousands of zero-days across hardware and software — may turn out partly true, overstated in places, or both at once. But either way, the industry is already acting like the threshold has been crossed. (blog.mozilla.org)