Krux
April 13, 2026
Anthropic's Mythos Finds Zero-Days Faster Than Teams Can Patch
Published: April 13, 2026 at 12:30 AM
Updated: April 13, 2026 at 12:30 AM
100-word summary
Anthropic's red team tested whether its unreleased Mythos Preview model could hunt zero-day exploits like a security researcher. It found 595 crashes across 7,000 code entry points, built 181 working exploits, and uncovered a 27-year-old OpenBSD bug. The kicker: over 99% of discovered vulnerabilities remain unpatched. Previous models barely cracked double-digit exploits, making this a qualitative jump in offensive AI capability. The report warns defenders to build faster triage workflows, but the math is stark. AI can now discover vulnerabilities faster than the coordinated disclosure process can close them, flipping the advantage to whoever runs the scan first.
What happened
Anthropic's red team tested whether its unreleased Mythos Preview model could hunt zero-day exploits like a security researcher. It found 595 crashes across 7,000 code entry points, built 181 working exploits, and uncovered a 27-year-old OpenBSD bug. The kicker: over 99% of discovered vulnerabilities remain unpatched. Previous models barely cracked double-digit exploits, making this a qualitative jump in offensive AI capability. The report warns defenders to build faster triage workflows, but the math is stark.
Why it matters
AI can now discover vulnerabilities faster than the coordinated disclosure process can close them, flipping the advantage to whoever runs the scan first.