The AI that hunts its own bugs

In April 2026, Anthropic revealed a model called Claude Mythos that does one thing exceptionally well: it finds security holes nobody knew were there. Not in a lab demo — in the real software the world runs on. Mythos found thousands of zero-day vulnerabilities across every major operating system and browser, including a 27-year-old bug in OpenBSD and a 16-year-old flaw in FFmpeg that everyone had walked past for over a decade.

A "zero-day" is a flaw the people who could fix it don't know about yet — zero days of warning. Finding one is hard, specialized work. Mythos found them in bulk, and in over 83% of cases wrote a working exploit on the first attempt. Anthropic decided it was too dangerous to release, and instead gave early access to a small group — Microsoft, Google, Apple, AWS, Cisco, Nvidia, JPMorgan, the Linux Foundation — under the name Project Glasswing.

That decision is the whole story. Let me unpack why.

The same skill defends and attacks

Finding a vulnerability and exploiting a vulnerability are the same skill pointed in opposite directions. The work of "where is this software weak?" is identical whether you're the one patching it or the one breaking in. So a tool that's brilliant at the first is, for free, brilliant at the second. There's no version of "finds bugs really well" that doesn't also mean "finds bugs really well for whoever's holding it."

That's why Mythos couldn't just be shipped. A public tool this good at finding zero-days would hand every attacker on earth the same superpower it hands defenders. Anthropic's answer — give it to the people who maintain the world's biggest systems, so they can find and fix their own holes first — is a bet that defenders moving first beats attackers moving at all. It's a reasonable bet. It is not a comfortable one.

The window just got shorter

Security has always run on a clock. A bug exists; someone finds it; the race is whether the fix ships before the exploit spreads. For decades that window was measured in weeks or months — enough time for a patch to roll out, for systems to update.

AI is collapsing that window. When a model can go from "found it" to "working exploit" in the time it takes to read this sentence, the comfortable weeks disappear. The defender who waits for the monthly patch cycle is now operating on attacker time. This is the real operational shift behind the headline: not that bugs get found, but that the gap between discovery and weaponization is shrinking toward zero.

What this means if you ship software

You don't get Glasswing access, but the lesson reaches you anyway. The old assumption — "our obscure little bug will probably never be found" — is dead. Obscurity was a defense only because finding bugs was expensive. Make finding them cheap and automatic, and every flaw is in scope, including the 27-year-old one nobody ever looked at.

So the move is the unglamorous one. Patch fast, because the window between a flaw going public and being exploited is shrinking. Keep your dependencies current, because the 16-year-old flaw in some library you imported is exactly what these tools surface. And point the same kind of tooling at your own code before someone else points theirs — the cheapest zero-day to fix is the one you found yourself.

The bottom line

Claude Mythos is the clearest picture yet of AI's double edge: a genuine gift to defenders and a genuine gift to attackers, in the same model, because they were always the same capability. The technology doesn't choose a side. The speed does — and right now it's shrinking the defender's window from weeks to hours.

You can't put this back in the box, and you can't opt out of the world it creates. The only version of "secure" that survives a world of automated bug-hunting is the one where you hunt your own bugs first. Whoever finds the flaw first decides what happens next. Make sure, as often as you can, that it's you.