Anthropic's yet-to-be-released Claude Mythos Preview model has autonomously identified thousands of high-severity zero-day vulnerabilities across all major operating systems and web browsers, including a 27-year-old flaw in OpenBSD and a 16-year-old bug in FFmpeg that had eluded human experts and automated tools for decades.
Benchmark-Shattering Performance
On the Cybergym security benchmark, Claude Mythos scored 83.1%, dramatically outpacing its predecessor Claude Opus 4.6 (66.6%). It achieved 93.9% on SWE-bench Verified (vs. 80.8%), 77.8% on SWE-bench Pro (vs. 53.4%), and 56.8% on Humanity's Last Exam without any external tools (vs. 40.0%). Anthropic attributes these gains to broader advances in reasoning, multi-step planning, and autonomous agent behavior.
The model requires no specialized cybersecurity training to find these bugs. Given a target codebase in an isolated container, it reads the source code, forms hypotheses about memory safety errors, compiles and runs the software with debuggers like Address Sanitizer, ranks files by vulnerability likelihood, and produces validated bug reports with working proof-of-concept exploits—often with minimal human guidance.
Ancient Flaws No Match
Tomshardware.com reported that a 27-year-old OpenBSD TCP SACK vulnerability (a subtle integer overflow enabling remote denial-of-service) was autonomously found after about 1,000 runs at a total cost of less than $20,000. A 16-year-old FFmpeg H.264 bug survived over five million automated tests and multiple audits before Mythos discovered it. In testing Firefox 147's JavaScript engine, Mythos produced 181 full shell exploits and 29 cases of register control; Claude Opus 4.6 produced just two shell exploits in the same test set.
The model also built working Linux kernel privilege escalation chains, from user to root on servers, after filtering 100 recent CVEs down to 40 exploitable candidates and successfully exploiting over half of them. Human validators reviewed 198 of the model's vulnerability reports and agreed with the severity ratings 89% of the time, with 98% agreement within one severity level.
Project Glasswing Launched
On April 7, 2026, Anthropic announced Project Glasswing, a defensive cybersecurity coalition supported with up to $100 million in Mythos usage credits. Founding partners include Amazon Web Services, Apple, Broadcom, Cisco, Crowdstrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. Access will be extended to over 40 other critical software organizations.
Anthropic also committed $4 million in donations for open-source security: $2.5 million to Alpha-Omega via the Linux Foundation's OpenSSF, and $1.5 million to the Apache Software Foundation. Less than 1% of the identified bugs are fully patched so far; the company is coordinating responsible disclosure, publishing cryptographic SHA-3 commitments for unpatched issues, and following a 90-plus-45-day timeline before full details are released. Already public is the FreeBSD NFS server remote code execution CVE-2026-4747 (17 years old, granting full unauthenticated root access).
The company acknowledged that AI tools like Mythos lower the barrier for both discovery and exploitation, highlighting near-term risks from state actors (China, Iran, North Korea, Russia) and criminal groups. Future Claude Opus releases will include safeguards to detect and block dangerous cybersecurity outcomes, and a Cyber Verification Program for screened security professionals is planned. A public report on partner findings and patched vulnerabilities is expected within 90 days.

