Anthropic says Claude Mythos found 10,000 major software flaws in a month
Anthropic’s AI model Claude Mythos, part of Project Glasswing, identified over 10,000 critical software flaws in a month, including 2,000 bugs in Cloudflare’s systems and 6,202 high-severity vulnerabilities in open-source projects. The company highlights a growing cybersecurity gap as AI detects flaws faster than humans can patch them, with 90.6% of reported issues validated by independent firms." "article": "Anthropic’s AI model, Claude Mythos, uncovered more than 10,000 critical software vulnerabilities in just one month as part of Project Glasswing, a cybersecurity initiative announced last month. The company reported that partners, including Cloudflare and Mozilla, found hundreds of high-severity flaws in their systems, with Cloudflare detecting 2,000 bugs—400 classified as high or critical—using Mythos Preview. Mozilla identified 271 vulnerabilities in Firefox 150, a tenfold increase compared to previous testing with Claude Opus 4.6. The UK AI Security Institute also noted Mythos solved end-to-end cyberattack simulations, including a real-time $1.5 million fraudulent wire transfer prevention for a partner bank. In open-source projects, Mythos scanned over 1,000 repositories, uncovering 6,202 high- or critical-severity flaws, with 90.6% confirmed as valid by independent security firms. Anthropic emphasized the challenge of triaging vulnerabilities, as many AI-generated reports overwhelm developers. The company stated that 530 serious bugs have been reported, with 75 already fixed and 65 receiving public advisories. Another 827 vulnerabilities remain undisclosed. On average, patches for Mythos-identified flaws take about two weeks, exposing a widening gap between AI’s detection speed and human response times. The findings underscore a growing cybersecurity risk: AI models now outpace human capabilities in identifying flaws, straining already stretched security teams. Anthropic’s data suggests a need for improved collaboration between AI-driven detection and developer response systems to mitigate escalating threats in critical infrastructure.
Anthropic’s AI model, Claude Mythos, uncovered more than 10,000 critical software vulnerabilities in just one month as part of Project Glasswing, a cybersecurity initiative announced last month. The company reported that partners, including Cloudflare and Mozilla, found hundreds of high-severity flaws in their systems, with Cloudflare detecting 2,000 bugs—400 classified as high or critical—using Mythos Preview. Mozilla identified 271 vulnerabilities in Firefox 150, a tenfold increase compared to previous testing with Claude Opus 4.6. The UK AI Security Institute also noted Mythos solved end-to-end cyberattack simulations, including a real-time $1.5 million fraudulent wire transfer prevention for a partner bank. In open-source projects, Mythos scanned over 1,000 repositories, uncovering 6,202 high- or critical-severity flaws, with 90.6% confirmed as valid by independent security firms. Anthropic emphasized the challenge of triaging vulnerabilities, as many AI-generated reports overwhelm developers. The company stated that 530 serious bugs have been reported, with 75 already fixed and 65 receiving public advisories. Another 827 vulnerabilities remain undisclosed. On average, patches for Mythos-identified flaws take about two weeks, exposing a widening gap between AI’s detection speed and human response times. The findings underscore a growing cybersecurity risk: AI models now outpace human capabilities in identifying flaws, straining already stretched security teams. Anthropic’s data suggests a need for improved collaboration between AI-driven detection and developer response systems to mitigate escalating threats in critical infrastructure.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.