Overview
- This week Anthropic released red-team results showing its Mythos Preview built proof-of-concept exploits from published patches for Firefox and Windows far faster than expected.
- In tests the company reported Mythos produced a first Windows kernel PoC in 31 minutes, created PoCs for 18 of 21 kernel bugs and assembled eight privilege‑escalation exploit chains within hours.
- Against Firefox’s SpiderMonkey, Mythos autonomously developed eight working code‑execution exploits from 18 security patches and produced its first exploit in roughly an hour.
- Anthropic says the patch itself helps attackers by showing what changed, and it estimated the Windows exploit work cost about $15,700 in API credits—roughly $2,000 per full exploit—illustrating how automation cuts skill and cost barriers.
- Responding to the speed and volume of AI‑found issues, Anthropic is limiting broader Mythos access until more safeguards are in place while vendors, open‑source maintainers and governments push for controlled testing, faster coordination and updated patching practices.