AI Goes Rogue: Claude Mythos Preview Exposes Hidden Zero-Days Across the Internet

In a move that’s sending shockwaves through both hacker circles and security operations centers, Anthropic has unveiled the Claude Mythos Preview - an artificial intelligence model that doesn’t just spot bugs, but autonomously finds and weaponizes zero-day vulnerabilities in the world’s most critical software. With this release, the line between defense and offense in cybersecurity just got dramatically blurrier.

Unlike earlier AI models that served mainly as code reviewers or vulnerability checkers, Claude Mythos Preview is a game-changer: it independently audits massive codebases, reasons through complex security flaws, and crafts working exploits - all in a matter of hours. In internal evaluations, Anthropic tasked Mythos with targeting every major OS and browser. The results were unsettling: the AI unearthed bugs that had survived decades of fuzzing and manual audits, including a 27-year-old OpenBSD TCP bug and a 16-year-old FFmpeg codec flaw that had long evaded detection.

Perhaps most alarmingly, Mythos Preview demonstrated the ability to chain together advanced exploitation techniques - like bypassing kernel protections and escaping sandboxes - without any human guidance. In one instance, it produced a fully functional unauthenticated root exploit for FreeBSD’s NFS server, a feat typically reserved for the world’s elite hackers.

Anthropic isn’t releasing this tool to the public. Instead, access is tightly controlled under “Project Glasswing,” a collaboration with critical industry and open-source partners. The goal: to harden vital infrastructure before these AI capabilities inevitably become widespread. The company’s message is clear - defenders must start using AI for their own audits, tighten patch cycles, and automate incident response, or risk being outpaced by adversaries wielding similar tools.

Where previous models like Opus 4.6 rarely succeeded in autonomous exploitation, Mythos saturates internal benchmarks and reliably achieves full control-flow hijack on patched targets. In large-scale open source testing, it generated hundreds of severe crashes and thousands of new bug reports, many still pending public disclosure. This marks a watershed moment: language models have evolved from passive assistants to active, autonomous vulnerability hunters.

The debut of Claude Mythos Preview signals a turbulent new phase for cybersecurity, where the friction that once slowed attackers is vanishing. As AI-accelerated research upends long-held assumptions, defenders and policymakers alike face a daunting question: can we keep pace with machines that never sleep, never forget, and now, never miss?

WIKICROOK

• Zero: A zero-day vulnerability is a hidden security flaw unknown to the software maker, with no fix available, making it highly valuable and dangerous to attackers.
• Exploit chain: An exploit chain is a series of linked vulnerabilities that attackers use together to breach a system, bypassing security through multiple steps.
• Fuzzing: Fuzzing is a testing method that inputs random data into software to reveal hidden bugs or security vulnerabilities.
• ROP gadgets: ROP gadgets are small code snippets in memory, chained by attackers to perform malicious actions in Return-Oriented Programming (ROP) attacks.
• Control: A control is a security measure or safeguard used to prevent, detect, or respond to cyber threats and protect information systems from harm.