Anthropic's Mythos Found Thousands of Zero-Days — and 99% Are Still Unpatched

Anthropic's new Mythos Preview model discovered thousands of zero-day vulnerabilities across every major OS and browser — at $50 per find. Over 99% remain unpatched, and only eleven companies have access to the tool.

Somewhere inside Anthropic's offices, an AI model spent a night tearing through the source code of every major operating system on the planet. By morning, it had found a 27-year-old bug in OpenBSD that no human had ever caught.

That model is Claude Mythos Preview, and the numbers from Anthropic's own red team report read like science fiction. In a head-to-head test against Firefox 147's JavaScript engine, the previous best model — Opus 4.6 — produced 2 working exploits from several hundred attempts. Mythos Preview produced 181. Plus 29 additional register control achievements for good measure.

What Mythos Actually Did

The model discovered thousands of zero-day vulnerabilities across every major operating system and every major web browser. Not theoretical weaknesses — actual exploitable bugs, many hiding in plain sight for over a decade. A 16-year-old FFmpeg codec vulnerability. A 17-year-old FreeBSD NFS remote code execution flaw (now CVE-2026-4747). A guest-to-host memory corruption in a production memory-safe virtual machine monitor.

On the OSS-Fuzz benchmark, where Opus 4.6 managed zero tier-5 control flow hijacks, Mythos Preview found 10. It autonomously chained 2 to 4 vulnerabilities together for Linux kernel privilege escalation, bypassing KASLR, exploiting subtle race conditions, and injecting SSH keys for root access — all without human guidance.

The cost? Under $20,000 for a thousand-run campaign against OpenBSD. Roughly $50 per successful vulnerability find. Individual complex exploits ran $1,000 to $2,000 each.

The Uncomfortable Math

Over 99% of discovered vulnerabilities remain unpatched. That number should terrify every CISO reading this. When 89% of Mythos's severity assessments matched expert human validation — and 98% were within one level — we're not talking about a tool that finds junk bugs. This is a system that identifies critical vulnerabilities faster than the entire global security industry can patch them.

Anthropic's response was Project Glasswing: restricting Mythos Preview access to eleven companies — AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. Eleven companies now hold the keys to a tool that can crack open the software running civilization.

My Opinion

I'll be blunt: this is the most significant development in cybersecurity since Stuxnet, and almost nobody outside the security community is talking about it properly.

Here's what bugs me. The same capability that makes Mythos devastating at finding bugs makes it devastating at exploiting them. Anthropic says these capabilities "emerged as a downstream consequence of general improvements in code, reasoning, and autonomy" — they weren't even trying to build a hacking machine. It just happened. Every frontier lab improving general reasoning is now, whether they acknowledge it or not, building increasingly powerful offensive cyber weapons.

The $50-per-vulnerability economics change everything. Nation-state cyber operations that once required teams of specialists and months of work can now be replicated by anyone with API access and a weekend. Anthropic made the right call restricting access, but Mythos is a capability milestone, not a product. Other labs will reach this threshold within 12 months. The window for the security industry to prepare is closing fast, and the patching infrastructure we've relied on for decades was already failing before AI entered the picture.

Author: Yahor Kamarou (Mark) / www.humai.blog / 16 Apr 2026

Mark

AI Strategy & Transhumanism Researcher Exploring the intersection of human evolution, AI consciousness, and productivity optimization. Author of 100+ guides on AI tools, workflow automation, and the future of human enhancement at HumAI.blog.