Krux
April 10, 2026
Anthropic's New AI Found a 27-Year-Old Security Hole
Published: April 10, 2026 at 12:42 AM
Updated: April 10, 2026 at 12:42 AM
100-word summary
Anthropic's Claude Mythos Preview can autonomously hunt for software vulnerabilities and even write working exploits to prove they're real. The model just uncovered a 27-year-old bug in OpenBSD and a 16-year-old flaw in FFmpeg. It's too dangerous for public release, so Anthropic is limiting access to 40+ vetted organizations with $100M in usage credits to patch critical infrastructure before bad actors get similar tools. Partners have 90 days to fix what they find and publish lessons learned. Translation: the AI security arms race just went from theoretical to very real.
What happened
Anthropic's Claude Mythos Preview can autonomously hunt for software vulnerabilities and even write working exploits to prove they're real. The model just uncovered a 27-year-old bug in OpenBSD and a 16-year-old flaw in FFmpeg. It's too dangerous for public release, so Anthropic is limiting access to 40+ vetted organizations with $100M in usage credits to patch critical infrastructure before bad actors get similar tools. Partners have 90 days to fix what they find and publish lessons learned.
Why it matters
Translation: the AI security arms race just went from theoretical to very real.