What to know:
- Anthropic’s new Claude Mythos Preview model has autonomously discovered serious zero-day vulnerabilities in widely used software, outperforming both human researchers and existing automated tools.
- The model uncovered long-hidden flaws in systems such as OpenBSD, FFmpeg, and core Linux components, and demonstrated it can rapidly turn known bugs into full working exploits at low cost.
- Anthropic reports that Mythos has found critical weaknesses in major cryptography libraries and protocols like TLS, AES-GCM, and SSH, raising urgent security concerns for DeFi and other crypto infrastructure that rely on friction-based defenses such as multisig, timelocks, and audits.
Anthropic has created an AI that can independently discover and take advantage of previously unknown software flaws – zero-day vulnerabilities – better than any existing automated tools or even decades of work by human security researchers, according to the company.
Examining its strengths reveals possible risks to the security of crypto and decentralized finance systems. First, let’s talk about what it can do.
Cracks long-hidden vulnerabilities
Claude Mythos Preview is remarkably good at finding hidden software bugs – bugs that even experienced human experts have missed. It’s like finding a single needle in a huge pile of hay.
Researchers discovered a 27-year-old security flaw in OpenBSD, a highly secure operating system, using less than $50 worth of computing resources.
A security vulnerability existed in FFmpeg, the video software used by many online streaming services, for 16 years before being discovered. Surprisingly, automated security scans had checked for problems in the software five million times without detecting it.
The AI didn’t stop at simple tasks – it even created a complex attack for web browsers by combining four different weaknesses to bypass multiple security measures. Plus, it rapidly transformed a known flaw in Linux into a fully functional attack within a day, costing less than $2,000 – something a human expert would typically spend weeks accomplishing.
As a researcher in this space, I’ve been following the development of Mythos with growing concern, and I think the tech industry is right to be alarmed. Unlike the largely hypothetical risks posed by quantum computing to Bitcoin, Mythos is already here, actively finding security flaws in code that protects user funds – flaws that have eluded detection by both humans and existing tools for over 27 years. It’s a very different level of threat.
Why should crypto developers care
The most important takeaway from Anthropic’s recent research is that their Mythos system discovered security weaknesses in widely used cryptography libraries – the tools that keep internet connections safe. This includes libraries like TLS, AES-GCM, and SSH, which are essential for secure online communication (like HTTPS), data encryption, and allowing secure remote access to servers that power things like decentralized finance (DeFi) and cryptocurrency exchanges.
Flaws or bugs in these could let someone forge certificates or decrypt private communications.
DeFi protocols face a significant risk because their code is open to the public. This means anyone – even automated systems like Mythos – can quickly and cheaply identify vulnerabilities within the code.
Although around $200 billion worth of assets in smart contracts on blockchains like Ethereum and Solana have undergone security checks by both people and automated tools, Anthropic asserts that their Mythos system offers a more advanced level of security, going beyond these traditional methods.
The company pointed out that security measures which mainly rely on making things difficult for users – instead of strong, technical defenses – might not hold up well against attackers who use AI models.
Features like requiring multiple approvals for blockchain transactions, delaying transactions for a set time, and providing security audits are all ways to add friction and make attacks more difficult. Instead of preventing attacks through code, these methods simply slow down potential attackers.
So far, recent events haven’t caused major market drops. In fact, the CoinDesk DeFi Select Index has risen 7% in the last day, doing better than Bitcoin and Ether, likely because the temporary truce between the U.S. and Iran has made investors more confident. However, traders should watch both the overall economy and the developments surrounding Mythos, as it could have significant effects on the security of software and blockchain technology.
After careful consideration, we’ve decided not to make the Mythos model available to everyone just yet. Instead, we’re sharing it with a limited group – around 40 leading tech companies like Google, Apple, and Microsoft – as part of an initiative we’re calling ‘Project Glasswing.’
Read More
- United Airlines can now kick passengers off flights and ban them for not using headphones
- Crimson Desert: Disconnected Truth Puzzle Guide
- All 9 Coalition Heroes In Invincible Season 4 & Their Powers
- Invincible Season 4 Episode 6 Release Date, Time, Where to Watch
- Mewgenics vinyl limited editions now available to pre-order
- The Boys Season 5 Spoilers: Every Major Character Death If the Show Follows the Comics
- Assassin’s Creed Shadows will get upgraded PSSR support on PS5 Pro with Title Update 1.1.9 launching April 7
- Grok’s ‘Ask’ feature no longer free as X moves it behind paywall
- Does Mark survive Invincible vs Conquest 2? Comics reveal fate after S4E5
- Grey’s Anatomy Season 23 Confirmed for 2026-2027 Broadcast Season
2026-04-08 15:20