Claude Mythos Preview Uncovers Thousands of Zero‑Days, Sending Cybersecurity Experts

Anthropic’s internal red‑team report shows Claude Mythos Preview turned 72.4% of identified bugs into working exploits and achieved register control in another 11.6%, according to Matthias Meyer’s April 7 analysis. The model not only flags vulnerabilities; it writes functional proof‑of‑concept code autonomously, a capability absent from earlier Claude versions. In tests against Firefox’s JavaScript shell, the exploit conversion rate far outstripped traditional static‑analysis tools, underscoring a shift from detection to active exploitation.

Project Glasswing, the coalition Anthropic launched alongside Mythos, includes Apple, Microsoft, Google, AWS, CrowdStrike, NVIDIA, the Linux Foundation and more than 40 other firms, Meyer reports. The partnership will receive $100 million in usage credits for Mythos and a $4 million donation to open‑source security projects. Its mandate: scan and patch the thousands of zero‑days uncovered across Windows, macOS, Linux, Android, iOS and major browsers before malicious actors can weaponize them.

Anthropic says fewer than 1% of the discovered critical zero‑days have been fully patched, highlighting the scale of the problem. The report notes many flaws date back 27 years, meaning legacy codebases remain vulnerable despite decades of updates. By granting early access to Mythos, Glasswing partners aim to close the gap between discovery and remediation, leveraging the model’s exploit‑generation speed to outpace potential attackers.

Casey Newton’s column adds that the leaked blog post described Mythos as “a step change” in AI performance that could “presage an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.” Newton cites the same Anthropic announcement that the coalition will scan both proprietary and critical open‑source systems, effectively turning the model into a shared defensive asset while keeping the technology out of the public domain.

The urgency is clear: if the model’s exploit‑building ability spreads beyond the Glasswing partners, defenders could be overwhelmed. Anthropic’s decision to withhold public release reflects the perceived risk, but the sheer volume of exploitable bugs—thousands across every major OS and browser—means the cybersecurity community faces a new, AI‑driven threat surface that must be addressed immediately.