AI Crosses the Rubicon: Claude Mythos Exposes Hidden Zero-Days and Ignites Cybersecurity Arms Race

When Anthropic unveiled Claude Mythos Preview, cybersecurity insiders expected a smarter language model. What they didn’t anticipate was a machine capable of unearthing - and exploiting - zero-day vulnerabilities that had eluded the world’s best hackers and fuzzers for decades. In the hands of Mythos, the digital battleground just shifted, and everyone is scrambling to catch up.

Fast Facts

• Claude Mythos Preview autonomously discovered and exploited zero-day vulnerabilities in major open-source projects, including OpenBSD, FFmpeg, FreeBSD, and the Linux kernel.
• During testing, Mythos converted theoretical bugs into working exploits at a rate nearly 100 times greater than previous AI models.
• Over 99% of the vulnerabilities identified by Mythos Preview remain unpatched as of its launch.
• Anthropic launched Project Glasswing to coordinate defensive disclosure with open-source and industry partners, aiming to secure critical infrastructure before attackers weaponize similar AI models.

In a demonstration that stunned even seasoned security researchers, Claude Mythos Preview unearthed a 27-year-old denial-of-service flaw in OpenBSD’s TCP SACK implementation - an obscure bug that had survived decades of scrutiny and state-of-the-art fuzzing. But the model didn’t stop at discovery. By combining a signed integer overflow with a null pointer dereference, Mythos engineered an exploit capable of crashing any vulnerable OpenBSD host on demand.

The AI’s reach extended further: it found a 16-year-old out-of-bounds write in FFmpeg’s H.264 codec, a padding mismatch that had slipped through countless audits and fuzzing campaigns. In FreeBSD, Mythos exploited a 17-year-old stack buffer overflow (CVE-2026-4747) in the NFS server, chaining advanced techniques to bypass authentication and gain root access remotely - without any human guidance.

Most alarming was Mythos’s ability to transform theoretical vulnerabilities into fully functional exploits, autonomously achieving remote code execution and local privilege escalation. The model even bypassed modern defense-in-depth protections like Kernel Address Space Layout Randomization (KASLR), stringing together multiple bugs to seize control of a Linux system.

Previous AI generations, like Anthropic’s Opus 4.6, rarely managed to weaponize discovered flaws. In contrast, Mythos Preview succeeded 181 times on Firefox vulnerabilities alone and took control of ten previously patched targets from the OSS-Fuzz corpus - an unprecedented leap in offensive AI capabilities. Yet, these powers emerged not from explicit programming but as a side effect of improved coding and reasoning skills.

Recognizing the double-edged sword, Anthropic is racing to share details with trusted partners through Project Glasswing, hoping to patch critical software before adversaries catch on. The company frames this as a short-term risk but a long-term advantage for defenders: integrating advanced AI into software pipelines could transform vulnerability management from a reactive scramble into a proactive science.

As the dust settles, one thing is clear: the line between attacker and defender has blurred. With Claude Mythos, the future of cybersecurity is no longer just about who finds the bugs first, but who wields the smartest machine. The arms race has entered a new - and unpredictable - era.

WIKICROOK

• Zero: A zero-day vulnerability is a hidden security flaw unknown to the software maker, with no fix available, making it highly valuable and dangerous to attackers.
• Fuzzing: Fuzzing is a testing method that inputs random data into software to reveal hidden bugs or security vulnerabilities.
• Remote code execution (RCE): Remote Code Execution (RCE) is when an attacker runs their own code on a victim’s system, often leading to full control or compromise of that system.
• Return: Return refers to a hacking method where attackers reuse existing program code, called Return-Oriented Programming, to bypass security and execute malicious actions.
• Kernel Address Space Layout Randomization (KASLR): KASLR randomizes kernel memory locations, making it harder for attackers to predict and exploit vulnerabilities in the operating system.