Anthropic has begun limiting access to its latest AI system, Claude Mythos Preview, after early testing showed it could uncover thousands of critical vulnerabilities across widely used software environments.
Summary
- Anthropic limited access to its Claude Mythos Preview model after it identified thousands of critical vulnerabilities across major software systems.
- Findings include decades old bugs across operating systems, cryptographic protocols, and web applications, with most vulnerabilities still unpatched.
The model, described as general purpose, identified critical vulnerabilities spanning major operating systems and web browsers, raising immediate questions about how such capabilities could be handled safely as they scale.
“Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely,” Anthropic said.
Industry data cited by Anthropic points to a 72% year over year increase in AI-powered cyberattacks, with 87% of global organizations reporting exposure to AI-enabled incidents in 2025. The concern now is less about whether these tools will be used offensively and more about how quickly they spread beyond controlled environments.
Anthropic’s internal findings suggest the scale of the problem runs deeper than previously understood. Many of the vulnerabilities flagged by Mythos Preview had gone unnoticed for years. Some trace back decades.
One of the most notable discoveries was a 27-year-old bug in OpenBSD, an operating system known for its focus on security. The issue has now been patched. The model also uncovered a 16-year-old flaw in FFmpeg, a 17-year-old remote code execution vulnerability in FreeBSD, and several issues within the Linux kernel.
Beyond operating systems, the model also detected weaknesses in widely used cryptographic standards such as TLS, AES GCM, and SSH. Web applications were found to contain a range of vulnerabilities, including cross-site scripting, SQL injection, and cross-site request forgery, which are often used in phishing attacks.
“99% of the vulnerabilities it found have not yet been patched, so it would be irresponsible for us to disclose details about them,” the company said, pointing to the risks of premature disclosure.
The ability to detect zero-day vulnerabilities at this scale could change how software security is handled. In the past, finding such issues required specialized expertise and significant time. AI systems can now scan large codebases much faster, which could speed up both detection and response. However’s there’s still the risk of misuse if this falls into the wrong hands.
“Work of defending the world’s cyber infrastructure might take years,” Anthropic said. “In the long run, we expect that defense capabilities will dominate: that the world will emerge more secure, with software better hardened, in large part by code written by these models. But the transitional period will be fraught.”
For now, access to Mythos Preview remains limited, with the company focusing on working with partners to address existing vulnerabilities and reduce the risks tied to wider deployment.
