Back to Home

The Great Unmasking: AI Didn't Break Security—It Revealed It Was Already Broken

12 min read
Sumeet Zankar

Sumeet Zankar

AI Solution Architect & Full-Stack Developer

Introduction

On April 7th, 2026, Anthropic published something that should keep every software engineer awake at night.

Their unreleased AI model — Claude Mythos Preview — had been quietly auditing the world's most critical software. What it found wasn't pretty:

  • Thousands of high-severity zero-day vulnerabilities
  • Critical bugs in every major operating system
  • Critical bugs in every major web browser
  • Flaws that had survived decades of human review

One bug in OpenBSD was 27 years old. Another in FFmpeg had been hit by automated testing tools 5 million times — and nobody noticed.

We thought we were secure. We were wrong.

This post breaks down what Mythos found, why our entire security model was built on false assumptions, and — plot twist — why this might actually be good news for defenders.

The Vulnerabilities That Time Forgot

Let's start with the hits.

The 27-Year-Old OpenBSD Bug

OpenBSD has a reputation. It's the operating system you run when security is non-negotiable — firewalls, critical infrastructure, systems where a breach means disaster. The project's unofficial motto: “Only two remote holes in the default install, in a heck of a long time!”

Mythos found a remote crash vulnerability that had been hiding in plain sight since 1998.

The bug was in OpenBSD's implementation of TCP SACK (Selective Acknowledgment) — a performance optimization from RFC 2018. The flaw combined two subtle issues:

  1. Missing bounds check: The code verified that the end of a SACK range was valid, but not the start
  2. Signed integer overflow: TCP sequence numbers wrap around, and the comparison logic could be tricked when values were ~2³¹ apart

Chain these together, and an attacker could remotely crash any OpenBSD machine just by sending crafted TCP packets. No authentication needed. No user interaction.

This bug survived:

  • 27 years of production use
  • Countless security audits
  • A codebase famously reviewed line-by-line for security

Cost for Mythos to find it? Under $50 in compute.

The FFmpeg Bug That 5 Million Tests Missed

FFmpeg is everywhere. If you've ever played a video on a computer, phone, or streaming service, you've probably used FFmpeg. It's the backbone of media encoding across the industry.

Mythos found a 16-year-old vulnerability in FFmpeg's codebase. But here's what makes this one special:

Automated fuzzing tools — the gold standard for finding memory corruption bugs — had executed the vulnerable line of code 5 million times.

None of them caught it.

The bug wasn't in some obscure code path. It wasn't hidden behind complex preconditions. It was sitting right there, being tested constantly, for over a decade.

The fuzzers didn't know what to look for. Mythos did.

The Linux Kernel Privilege Escalation Chain

Perhaps most impressive: Mythos didn't just find individual bugs. It found bugs and then chained them together into working exploits.

In the Linux kernel — which runs most of the world's servers, Android phones, and cloud infrastructure — Mythos autonomously discovered multiple vulnerabilities and combined them into a privilege escalation attack. Starting from ordinary user access, the exploit granted complete control of the machine.

This wasn't a human researcher painstakingly crafting an attack over weeks. This was an AI connecting dots across millions of lines of code, finding the path from “user” to “root” without human guidance.

The Uncomfortable Truth: We Were Never Secure

Here's what Mythos really revealed: our security was always an illusion.

We told ourselves stories:

  • “This codebase has been audited by experts”
  • “We run continuous fuzzing”
  • “It's been in production for years without issues”
  • “OpenBSD is basically unhackable”

These weren't lies, exactly. They were just... incomplete.

The audits found the obvious bugs. The fuzzers found the simple crashes. Production usage found the common failures.

But the subtle bugs — the ones requiring deep reasoning about integer overflow semantics, or understanding how two innocuous-looking code paths interact, or spotting a race condition that only manifests under specific timing — those stayed hidden.

They were always there. We just couldn't see them.

The Scale of the Problem

Anthropic's findings weren't isolated incidents. From their announcement:

“Claude Mythos Preview has already found thousands of high-severity vulnerabilities, including some in every major operating system and every major web browser.”

Every. Major. Operating system.

Every. Major. Web browser.

Windows, macOS, Linux, iOS, Android, BSD variants — all compromised.

Chrome, Firefox, Safari, Edge — all compromised.

These aren't theoretical concerns. These are working exploits. In one case, Mythos chained four browser vulnerabilities together, escaping both renderer and OS sandboxes with a complex JIT heap spray attack.

The software running our banks, hospitals, power grids, and nuclear facilities has been fundamentally broken this entire time. We just hadn't invented the microscope powerful enough to see the cracks.

The Capabilities Gap Just Collapsed

To understand why this matters, you need to understand the economics of vulnerability discovery.

The Old World

Finding zero-days used to require:

  • Deep expertise: Years of specialized training in security research
  • Significant time: Weeks or months per vulnerability
  • Expensive tools: Custom fuzzers, debuggers, analysis frameworks
  • Institutional knowledge: Understanding of specific codebases and architectures

This created a natural bottleneck. Only nation-states, well-funded criminal organizations, and elite security researchers could play at this level. The attack surface was vast, but the number of people who could exploit it was small.

The New World

Mythos Preview changes the equation:

“Non-experts can also leverage Mythos Preview to find and exploit sophisticated vulnerabilities. Engineers at Anthropic with no formal security training have asked Mythos Preview to find remote code execution vulnerabilities overnight, and woken up the following morning to a complete, working exploit.”

Read that again.

No formal security training. Overnight. Complete working exploit.

The moat around vulnerability research just evaporated. The skills that took decades to develop can now be approximated by anyone with API access to the right model.

The Numbers Don't Lie

Anthropic shared some internal benchmarks comparing Mythos to their previous best model, Opus 4.6:

Firefox JavaScript Engine Exploit Development:

  • Opus 4.6: 2 successful exploits out of hundreds of attempts
  • Mythos Preview: 181 successful exploits (plus 29 achieving register control)

OSS-Fuzz Corpus Testing (Tier 5 = Full Control Flow Hijack):

  • Opus 4.6: 1 tier-5 crash
  • Mythos Preview: 10 tier-5 crashes

This isn't incremental improvement. This is a phase change.

The Twist: Defenders Just Got the Same Weapon

Now for the good news.

If you've been reading this with growing dread, take a breath. The same capabilities that make Mythos terrifying for attackers make it transformative for defenders.

The Defender's Advantage

Attackers need to find one vulnerability to succeed.

Defenders, historically, needed to find all of them to be secure — an impossible task.

But here's what changes with AI-powered security:

  1. Speed: Mythos can audit codebases orders of magnitude faster than human teams
  2. Scale: It can be run against entire dependency trees, not just first-party code
  3. Depth: It reasons about code semantically, catching bugs that slip past pattern-matching tools
  4. Continuous: Unlike human audits, AI scanning can run on every commit

More importantly: defenders control the codebase.

Attackers can find vulnerabilities, but defenders can fix them. And with AI assistance, patches can be developed and deployed faster than ever before.

Project Glasswing: The Industry Response

Anthropic didn't just release this research and walk away. They launched Project Glasswing — a coordinated defense initiative with:

  • 40+ organizations with access to Mythos Preview for defensive scanning
  • Major tech partners: AWS, Apple, Cisco, CrowdStrike, Google, Microsoft, NVIDIA, Palo Alto Networks
  • $100 million in usage credits for defensive security work
  • $4 million in direct donations to open-source security organizations

The Linux Foundation is involved. JPMorganChase is involved. The people maintaining the world's critical infrastructure now have the same superweapon that attackers might soon have access to.

The Historical Parallel

This isn't the first time security tools have caused panic before becoming essential defensive infrastructure.

When software fuzzers first emerged, the security community worried they would tip the balance toward attackers. And initially, they did find more bugs than defenders were comfortable with.

But today, fuzzing is a cornerstone of defensive security. Projects like OSS-Fuzz continuously test critical open-source software, finding bugs before attackers do. The tool that was once feared became the foundation of modern software security.

Anthropic explicitly draws this parallel:

“We believe the same will hold true here too—eventually. Once the security landscape has reached a new equilibrium, we believe that powerful language models will benefit defenders more than attackers.”

The Transitional Period: Brace for Turbulence

Here's the catch: we're not at equilibrium yet.

Anthropic is being careful with Mythos Preview — it's not publicly available precisely because of these capabilities. But the underlying improvements that created Mythos aren't magic. They're the result of general advances in:

  • Code understanding
  • Long-context reasoning
  • Agentic task completion

Other labs are making similar progress. It's a matter of when, not if, these capabilities become widely available.

The next 12-24 months will be turbulent. Expect:

  • More zero-days disclosed: As AI auditing scales, decades of accumulated bugs will surface
  • Faster exploit development: The time from vulnerability disclosure to working exploit will collapse
  • Patch pressure: Maintainers will face unprecedented volumes of security reports
  • Insurance implications: Cyber insurance will need to reprice risk across the board

The organizations that move fastest to adopt AI-powered defensive scanning will be in the best position. The ones that wait may find themselves exposed to vulnerabilities they didn't know they had.

What This Means for You

If You're a Software Developer

Assume your code is vulnerable. Not because you're a bad programmer, but because the bar for “secure code” just got exponentially higher. Bugs that were once impossible to find are now discoverable by AI in seconds.

  • Get your code scanned by AI security tools now (not later)
  • Don't trust that “it's been in production for years” means it's safe
  • Pay special attention to C/C++ codebases and memory-unsafe dependencies

If You're a Security Professional

Your job just changed fundamentally. Manual code review and traditional pentesting aren't obsolete, but they're no longer sufficient.

  • Learn to work with AI security tools as force multipliers
  • Focus on triaging AI-generated findings (there will be many)
  • Help your organization understand the new threat landscape

If You're a Tech Leader

The risk calculus has shifted. Cybersecurity is no longer a “reasonable efforts” game. It's an arms race, and your attackers just got upgraded weapons.

  • Prioritize AI-augmented security tooling
  • Expand bug bounty programs (the ceiling on what researchers can find just rose dramatically)
  • Plan for a higher volume of critical security patches across your supply chain

If You're an Open-Source Maintainer

Help is coming. Project Glasswing specifically includes support for open-source projects, including $4M in donations to security organizations.

  • Take advantage of AI security scanning when it's offered
  • Prepare for an influx of high-quality vulnerability reports
  • This is actually good news — your project is about to get more secure

Conclusion: The End of Security Theater

For decades, software security has been a performance. We did code reviews, ran fuzzers, hired pentesters, and called it good enough. We knew, intellectually, that bugs existed. But we operated as if the ones that mattered had been found.

Mythos pulled back the curtain.

The 27-year-old bugs. The flaws that survived 5 million test runs. The vulnerabilities hiding in the most security-focused codebases on Earth.

They were always there. We were just performing security rather than achieving it.

That era is over.

AI has given us, for the first time, tools capable of finding the bugs that actually matter. The ones that sophisticated attackers might exploit. The ones that have been lurking in critical infrastructure for decades.

Yes, attackers will have access to similar capabilities. That's scary.

But defenders have something attackers don't: the ability to fix the bugs they find.

The organizations that move fastest — that embrace AI-powered security as a core capability rather than an afterthought — will be the ones standing when the dust settles.

The great unmasking has begun. The question is: what will you find when you finally look?

References

  1. Project Glasswing Announcement — Anthropic
  2. Claude Mythos Preview Technical Details — Anthropic Frontier Red Team
  3. OpenBSD SACK Patch
  4. Building AI Cyber Defenders — Anthropic Research
AICybersecurityAnthropicMythosZero-DayProject GlasswingSoftware SecurityInfoSec

Enjoyed this article?

Connect with me on LinkedIn for more insights on AI, automation, and full-stack development.

Follow on LinkedInView Portfolio
Back to HomeAll Posts →