AI Cracks Decades-Old Linux, OpenBSD Bugs: Anthropic’s Mythos Unveiled

by

Claude Mythos Preview: Anthropic’s Unreleased AI Cracked Linux and OpenBSD Bugs Humans Missed for Decades

Anthropic’s upcoming Claude Mythos model has independently discovered thousands of critical security flaws in widely used operating systems and web browsers. In response, Anthropic is launching Project Glasswing, a cybersecurity partnership offering up to $100 million in AI resources to help defend against these vulnerabilities.

Key Takeaways:

  • Anthropic’s Claude Mythos Preview scored 83.1% on Cybergym, finding thousands of zero-days across every major OS and browser.
  • Project Glasswing launched April 7, 2026, with 11 founding partners and up to $100 million in Mythos usage credits for defenders.
  • A 27-year-old OpenBSD flaw and a 16-year-old FFmpeg bug survived millions of automated tests until Mythos found them in hours.

Claude Mythos AI Scored 83% on Cybergym and Found Critical Flaws Across Every Major Browser and OS

The model, which Anthropic describes as the largest single-model capability gain in frontier AI history, completed training and was announced publicly on April 7, 2026, after internal details surfaced in late March through a misconfigured content management system that exposed roughly 3,000 internal files.

Anthropic is not releasing the Claude Mythos Preview to the public or through its general API. The company restricted access to a vetted group of partners after the model demonstrated it could discover and exploit unknown software flaws previously at a speed and scale that outpaces both human experts and prior AI systems.

When it comes to cybersecurity testing, Mythos consistently outperformed Claude Opus 4.6. Mythos achieved significantly higher scores on several key benchmarks: 83.1% on Cybergym compared to 66.6% for Claude Opus 4.6, 93.9% versus 80.8% on SWE-bench Verified, and 77.8% to 53.4% on SWE-bench Pro. Mythos also demonstrated improvement over previous models, scoring 56.8% on Humanity’s Last Exam without assistance, while its predecessor only managed 40.0%.

This AI doesn’t require special cybersecurity knowledge to discover vulnerabilities. It leverages general improvements in its ability to reason, plan complex tasks, and act independently. When given access to a program’s code in a safe environment, it analyzes the code, guesses where memory-related errors might be, tests the program, uses debugging tools to confirm its findings, prioritizes potential vulnerabilities, and creates detailed bug reports complete with working examples of how to exploit the flaws.

Some of those exploits required almost no human direction. Tomshardware.com reports that a 27-year-old OpenBSD TCP SACK vulnerability, a subtle integer overflow that lets an attacker remotely crash any responding host by crafting malicious packets, was found autonomously after roughly 1,000 runs at a total cost under $20,000. A 16-year-old FFmpeg H.264 bug survived more than five million automated tests and multiple audits before Mythos caught it.

Testing showed Mythos performed significantly better than Claude Opus 4.6 in browser-based JavaScript engine exploits. Specifically, Mythos generated 181 successful exploits and 29 instances of register control on Firefox 147, while Claude Opus 4.6 only produced two exploits. Furthermore, Mythos was able to create functional chains of exploits that allowed it to gain root access on Linux servers, even after narrowing down a list of 100 potential vulnerabilities to just 40 and successfully exploiting over half of those.

When human experts checked 198 security reports created by the model, they confirmed the model’s assessment of how serious the vulnerabilities were 89% of the time. Even when there was some disagreement, the experts’ ratings were usually close – within one level of severity – 98% of the time.

Project Glasswing

So far, less than 1% of the security flaws we’ve found have been fixed. Anthropic is handling the reporting of these issues responsibly by publishing cryptographic ‘fingerprints’ for unfixed problems and waiting over 90 days (plus an additional 45) before sharing complete details. As an example, a 17-year-old bug in the FreeBSD NFS server (CVE-2026-4747) that allows attackers to gain full control of a system without even logging in is currently going through this disclosure process.

Project Glasswing, announced alongside the model, is Anthropic’s attempt to direct these capabilities toward defense before similar tools become widely available. Founding partners include Amazon Web Services, Apple, Broadcom, Cisco, Crowdstrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. Access is being extended to more than 40 additional critical software organizations.

Anthropic has donated $4 million to support open-source security. They gave $2.5 million to Alpha-Omega through the OpenSSF (managed by the Linux Foundation), and $1.5 million to the Apache Software Foundation.

The company acknowledged that AI tools like Mythos lower the barrier for finding and exploiting vulnerabilities, and flagged near-term risk from state actors, China, Iran, North Korea, and Russia, and criminal groups if similar capabilities spread without controls. It described a period of transitional turmoil before defenders fully integrate the technology.

Anthropic said upcoming Claude Opus releases will include safeguards to detect and block dangerous cybersecurity outputs, and plans to introduce a Cyber Verification Program for vetted security professionals. A public report on partner findings and patched vulnerabilities is expected within 90 days.

Read More

2026-04-09 10:27