Anthropic: All your zero-days are belong to Mythos

Hasn't released it to the public, because it would break the internet - in a bad way

For years, the infosec community’s biggest existential worry has been quantum computers blowing away all classical encryption and revealing the world’s secrets. Now they have a new Big Bad: an AI model that can generate zero-day vulnerabilities.

Anthropic made the model and named it Mythos. Thankfully, the AI company decided not to release it, because it would break the internet – and not in a good way.

"AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities," the company said.

Mythos is markedly different from Claude Opus 4.6, which Anthropic only recently said was not very skilled at developing working exploit code. Where Opus 4.6 managed an exploit development success rate of just over zero percent, Mythos Preview generated a working exploit 72.4 percent of the time.

What Anthropic is describing is literally a zero-day engine: "Engineers at Anthropic with no formal security training have asked Mythos Preview to find remote code execution vulnerabilities overnight, and woken up the following morning to a complete, working exploit."

Fortunately, instead of releasing Mythos, Anthropic chose to provide a preview version to a set of industry partners so they can use it to find flaws in their systems before adversaries do.

The AI biz calls its limited release initiative Project Glasswing. Participants include: Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks.

And while this tech industry anti-rogues’ gallery scans their own systems with the purportedly perspicacious Mythos, Anthropic invited around 40 other organizations to participate in this introspective bug hunt, subsidized by up to $100M in usage credits for Mythos Preview and $4M in direct donations to open-source security organizations.

If that sounds a bit like an arsonist handing out fire extinguishers, well, that's on you for being so cynical.

Word of Mythos leaked last month when a draft blog post from Anthropic surfaced. The details published on Tuesday paint a stark picture for the security community: "During our testing, we found that Mythos Preview is capable of identifying and then exploiting zero-day vulnerabilities in every major operating system and every major web browser when directed by a user to do so."

The 22 Anthropic researchers listed as authors of its Tuesday post insist that the vulns are often subtle and difficult to detect. Some are decades old, like the now-patched 27-year-old bug in OpenBSD.

"The exploits it constructs are not just run-of-the-mill stack-smashing exploits (though as we'll show, it can do those too). In one case, Mythos Preview wrote a web browser exploit that chained together four vulnerabilities, writing a complex JIT heap spray that escaped both renderer and OS sandboxes. It autonomously obtained local privilege escalation exploits on Linux and other operating systems by exploiting subtle race conditions and KASLR-bypasses. And it autonomously wrote a remote code execution exploit on FreeBSD's NFS server that granted full root access to unauthenticated users by splitting a 20-gadget ROP chain over multiple packets."

According to Anthropic, Mythos identified "thousands of additional high- and critical-severity vulnerabilities." The company is in the process of disclosing them responsibly.

Uh, thanks? ®