Is AI the Biggest Threat to Cybersecurity Ever Built?

AI-generated, human-reviewed.

Anthropic has built an AI model capable of autonomously discovering and exploiting zero-day vulnerabilities in major operating systems, browsers, and critical infrastructure software — and they consider it too dangerous to release to the public. On this week's Security Now, Steve Gibson spent the entire episode breaking down what Claude Mythos actually did during testing, why it represents a turning point for the software industry, and whether the threat is real or just clever marketing.

What Is Claude Mythos and Why Won't Anthropic Release It?

Claude Mythos Preview is Anthropic's latest frontier AI model, distinguished not just by general intelligence improvements but by a striking leap in its ability to find and exploit security vulnerabilities in real-world software. Unlike previous models, Mythos was not explicitly trained to be a hacking tool. According to Gibson on Security Now, these capabilities emerged as an unintended byproduct of broader improvements in code reasoning and autonomy — which makes the development both more impressive and more unsettling.

Anthropic chose to release Mythos only to a limited group of critical industry partners through a program called Project Glasswing, designed to give defenders a head start before similar capabilities become available more broadly.

How Did Claude Mythos Actually Perform During Testing?

Gibson walked through three specific vulnerabilities Mythos discovered during internal testing, each one underlining just how different this model is from anything that came before it.

A 27-year-old bug in OpenBSD. OpenBSD is widely regarded as one of the most security-hardened operating systems in existence, commonly used to run firewalls and critical infrastructure. Mythos found a vulnerability that allowed a remote attacker to crash any machine running the OS simply by connecting to it — a flaw that had gone undetected for nearly three decades.

A 16-year-old vulnerability in FFmpeg. FFmpeg is a media processing library used by nearly every major platform that handles video. It has been subjected to aggressive automated testing (called fuzzing) for years, with automated tools hitting one particular line of vulnerable code an estimated 5 million times without ever catching the problem. Mythos caught it.

A chained Linux kernel exploit. Mythos autonomously linked together multiple vulnerabilities in the Linux kernel — the software running most of the world's servers — to escalate an ordinary user's access to full control of the machine.

What Is a Zero-Day Vulnerability and Why Does This Matter?

A zero-day vulnerability is a flaw in software that is previously unknown to developers and therefore unpatched. Discovering one requires genuine analysis, not pattern-matching against known problems. Gibson emphasized on Security Now, that Mythos finding zero-days is particularly significant because it rules out the possibility the model simply "remembered" known exploits from its training data. These were real discoveries.

Anthropic reported that over 99% of the vulnerabilities Mythos found during testing remain unpatched and cannot yet be disclosed — meaning the three examples discussed publicly represent just the visible tip of a much larger finding.

The Leap From Previous Models Is Stark

To put the performance gap in concrete terms, Gibson highlighted Anthropic's own internal benchmarks. When tasked with turning known Firefox vulnerabilities into working exploits, Claude Opus 4.6 (the previous generation) succeeded twice out of several hundred attempts. Claude Mythos succeeded 181 times in the same test.

Anthropic also noted that engineers with no formal security training were able to ask Mythos to find remote code execution vulnerabilities overnight and wake up to a complete, working exploit. The barrier to obtaining sophisticated exploits has effectively collapsed.

Is This Marketing or a Genuine Breakthrough?

Gibson acknowledged the skepticism circulating online and addressed it directly. While the timing ahead of a potential Anthropic IPO is convenient, the technical evidence documented in Anthropic's Red Team blog is specific, verifiable, and backed by responsible disclosure to affected software maintainers. Gibson's assessment was that Anthropic appears to genuinely have something, but stressed that the US being first does not mean it will remain alone. The DeepSeek surprise in early 2025 demonstrated how quickly other players can close the gap.

What Happens During the Transition Period?

Both Gibson and Leo Laporte landed on a sobering conclusion. 

The long-term outlook is positive: AI will eventually make software far more secure by finding and eliminating vulnerabilities before code ever ships. But the transition period — the gap between when AI-powered attack capability becomes widespread and when AI-powered defense catches up — could be turbulent.

Gibson pointed to the broader context: the first quarter of 2026 has already seen a string of major cyber incidents involving high-profile targets across government, defense, and enterprise. The security industry, Gibson argued, is not ready for what is coming.

What You Need to Know

- Claude Mythos was not trained to hack. Its offensive security capabilities emerged as a side effect of general reasoning improvements.

- The oldest vulnerability it found was 27 years old, in software considered among the most secure in the world.

- Previous automated tools had tested the FFmpeg vulnerability 5 million times without detecting it. Mythos found it.

- The performance gap between Mythos and the previous generation is not incremental — it is a categorical leap.

- Over 99% of Mythos's findings remain undisclosed while maintainers work to patch affected software.

- Project Glasswing is Anthropic's effort to give defenders early access before similar AI capabilities spread more widely.

- The short-term risk is real. Non-experts can now obtain sophisticated exploits with nothing more than a text prompt.

The Bottom Line

Claude Mythos represents something the software industry has not encountered before: an AI that can autonomously find and chain together vulnerabilities that have evaded every human expert and automated tool for decades. Gibson's conclusion on Security Now, was measured but clear — this is probably the single most significant development in the history of computer security, and the industry is not yet prepared for it. The window for defenders to get ahead of this is narrow, and it is closing.

Listen to the full breakdown on Security Now: https://twit.tv/shows/security-now/episodes/1074