Anthropic's Claude Decides It’s a Cybersecurity Vigilante, Now We’re All on Patch Watch

Anthropic is putting its latest AI model under digital house arrest after Claude Mythos Preview started unearthing ancient security flaws like it’s raiding a digital tomb of deprecated code. The bot didn’t just find a few bugs—it exposed a full-blown archaeological dig site of vulnerabilities across operating systems, browsers, and crypto libraries. Turns out, when you train an AI on decades of code, it doesn’t just learn syntax—it develops trauma from reading old C implementations.

Among the relics: a 27-year-old vulnerability in OpenBSD, which has seen more life stages than most DeFi protocols (and yes, older than Ethereum itself). Claude basically said, “This bug was already vintage when Satoshi mined the genesis block,” and then casually moved on like it was no big deal. Also on the hit list: a 16-year-old flaw in FFmpeg—because apparently video decoding has been quietly gaslighting us since 2008—and a 17-year-old remote code execution bug in FreeBSD that’s been chilling in the shadows like a degen whale waiting to dump.

Linux kernel bugs? Check. Weaknesses in TLS, AES-GCM, and SSH—protocols that are supposed to keep the internet from collapsing into chaos? Also check. At this point, it’s less “AI finds bugs” and more “AI starts narrating a horror podcast about your infrastructure.” One wonders if the model paused mid-scan to whisper, “You should’ve patched that in 2009, bud.”

“We found a 27-year-old bug in OpenBSD. This thing is older than Ethereum.” Yeah, and somehow still younger than the average crypto influencer’s claimed ROI. The discovery is equal parts impressive and terrifying—like realizing your house is built on a sinkhole, but the sinkhole has Wi-Fi and a GitHub account.

With 99% of these vulnerabilities still unpatched (because DevOps teams are apparently too busy debugging smart contracts), Anthropic isn’t letting this AI roam free. Claude Mythos Preview is now on a strict need-to-know basis via Project Glasswing—a digital roundtable of over 40 heavyweights including AWS, Apple, Cisco, Google, JPMorgan, Microsoft, and Nvidia. It’s like giving the keys to the apocalypse vault to a coalition that’s seen every season of Mr. Robot twice.

The timing couldn’t be tighter. AI-powered cyberattacks have surged 72% year-over-year, and 87% of global organizations got hit with AI-enabled attacks in 2025. That’s more than the percentage of altcoins that survive a bear market. We’re officially in the era where your biggest threat isn’t some hoodie-clad hacker in a basement—it’s an LLM fine-tuned by someone who thinks “zero-day” is a new yield farming strategy.

"Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely," Anthropic warned—diplomatic speak for “soon, every script kiddie with a GPU and a dream will be running their own digital Magneto.” The genie isn’t just out of the bottle; it’s writing exploit code and filing for venture funding.

The company acknowledges the path forward is long: "In the long run, we expect that defense capabilities will dominate… But the transitional period will be fraught." Translation: AI will eventually make software bulletproof, but first, we’ll go through a phase where everything gets pwned faster than a poorly audited airdrop contract.

So while the future promises self-healing code and AI-generated patches that deploy themselves during lunch breaks, don’t hold your breath. The crypto market moves at lightspeed, but patch deployment