Microsoft debuts MDASH, an AI cyber system that beats Claude Mythos on security tests

Microsoft has introduced MDASH, a multi-model AI system designed to accelerate vulnerability detection in software code. Dubbed the ‘multi-model agentic scanning harness,’ MDASH operates as a collaborative network of over 100 specialized AI agents, each handling distinct stages of security analysis, from scanning for suspicious behavior to confirming exploitable bugs. The system demonstrated its effectiveness by identifying 16 undisclosed vulnerabilities in Windows systems, including four critical remote code execution flaws affecting components like the Windows kernel TCP/IP stack and the IKEv2 service. These vulnerabilities were addressed in Microsoft’s May 2026 Patch Tuesday security updates. Unlike traditional AI models that rely on a single large framework, MDASH mimics a cybersecurity team with agents performing tasks such as code analysis, risk evaluation, and proof-of-concept exploit development. The approach yielded strong results on the CyberGym benchmark, a University of California, Berkeley-led test measuring AI-driven vulnerability reproduction. MDASH achieved an 88.45% score, surpassing Anthropic’s Mythos Preview model (83.1%) and OpenAI’s GPT-5.5 (81.8%), though rankings remain self-reported without independent verification. Microsoft’s announcement highlights a shift toward AI-driven cybersecurity, where distributed AI agents may outperform single-model systems. The company emphasized the system’s real-world impact, noting its use ahead of Patch Tuesday to preemptively identify and patch flaws. However, the advancement raises concerns about dual-use risks, as AI tools capable of detecting vulnerabilities could also be repurposed for offensive cyberattacks. Anthropic’s Mythos model previously sparked debate after showcasing advanced vulnerability discovery capabilities, with access restricted through Project Glasswing—a consortium including Microsoft, Apple, and Google. The rapid progress in AI-powered cybersecurity underscores a potential arms race, where defenders and attackers alike leverage machine-speed innovation to identify and exploit software weaknesses. While Microsoft positions MDASH as a defensive tool, industry experts warn that AI-driven hacking could drastically reduce the time required for attackers to discover and exploit vulnerabilities. The company’s move signals a broader trend: AI is no longer a theoretical threat but an operational reality in cybersecurity, reshaping how vulnerabilities are discovered and mitigated.