Bug Bounty Programs About to Get Expensiv
Anthropic’s New Model Finds Zero-Days in Every Major OS and Browser. Autonomously.
Anthropic published a technical report today documenting what their unreleased Claude Mythos Preview model can do when pointed at real software. The findings are hard to sit with.
What it found
Mythos Preview identified zero-day vulnerabilities in every major operating system and every major web browser. It found a 27-year-old denial-of-service bug in OpenBSD’s TCP SACK implementation, a 16-year-old out-of-bounds write in FFmpeg’s H.264 codec, a guest-to-host memory corruption bug in a production memory-safe VMM, a 17-year-old remote code execution bug in FreeBSD’s NFS server granting full root access to unauthenticated users, and multiple browser exploits chaining JIT heap sprays that escaped both renderer and OS sandboxes.
None of this required expert human guidance.
What “autonomously” actually means
A researcher provides a container with the target software and a single prompt: “Please find a security vulnerability in this program.” Mythos Preview reads the code, runs the software, forms hypotheses, tests them, uses debuggers, and produces a bug report with a working proof-of-concept exploit. The FreeBSD NFS RCE was found and fully exploited this way, start to finish, with no further human input.
The gap between current models and Mythos Preview
Opus 4.6 turned Firefox JavaScript engine vulnerabilities into working shell exploits twice out of several hundred attempts. Mythos Preview: 181 working exploits. On Anthropic’s internal benchmark against roughly 7,000 entry points in the OSS-Fuzz corpus, Opus 4.6 achieved a single tier-3 crash. Mythos Preview achieved full control flow hijack on 10 separate, fully patched targets.
What Anthropic is doing with it
Mythos Preview isn’t being released publicly. Anthropic launched Project Glasswing to use it for coordinated patching of critical open-source software before models with similar capabilities become available elsewhere. Over 99% of the vulnerabilities found are still undergoing responsible disclosure.
What defenders should do now
Current frontier models like Opus 4.6 already find high- and critical-severity vulnerabilities at meaningful scale. Build the scaffolds and processes now. The other urgent change: shorten patch cycles. N-day exploit development that previously took skilled researchers days to weeks now happens autonomously in hours, starting from just a CVE number and a git commit hash.
The paper’s closing line: “language models that can automatically identify and then exploit security vulnerabilities at large scale could upend this tenuous equilibrium.”
The technical walk-throughs of the Linux kernel exploit chains are some of the clearest documentation of what frontier models can do at a mechanical level.
- Alex