Skip to main content
CybersecurityVulnerability Management

Generative AI Exposes Software Vulnerabilities at Scale

Cluttered desk with laptop, notes, and diagrams, hint of coding tool in background.

"Modern generative AI systems—not just Anthropic’s, but OpenAI’s and other, open-source models—are getting really good at finding and exploiting vulnerabilities in software." — the Guardian essay

Anthropic’s Claude Mythos Preview and the release decision

Last month Anthropic announced Claude Mythos Preview and, unusually, said it would not release the model to the general public. Instead, the company offered access only to a select group of companies to scan and fix their own software. The essay frames that decision as both a defensive posture and a commercial calculation: Mythos is "very expensive to run," and Anthropic "doesn’t appear to have the resources for a general release." The announcement therefore served two functions at once — a product claim and a containment choice — with the added effect of signaling capability without widespread verification.

OpenAI’s GPT-5.5 and Aisle’s reproductions

The essay places Mythos in a competitive landscape. The UK’s AI Security Institute found that OpenAI’s GPT-5.5, "already generally available," is comparable in capability to Mythos. Additionally, the company Aisle "reproduced Anthropic’s published results with smaller, cheaper models." Those two points push back on a narrative of unique capability: other models can detect similar vulnerabilities, and some teams can reproduce the published results without Anthropic’s infrastructure.

What this means for technologists and security teams; policymakers and regulators; and affected enterprises

  • Technologists and security teams will face a higher tempo of discovery. The essay argues attackers will automate vulnerability discovery and exploitation, but defenders will also use the same capabilities to find and patch flaws — turning AI-powered scanning into a normal part of development.
  • Policymakers and regulators should expect more than technical exploits. The piece warns that AIs will surface loopholes in regulatory regimes and tax codes, producing challenges that take years and political capital to fix — longer than the time it takes to patch software.
  • Affected enterprises will contend with both a surge in attacks and a surge in updates. The essay notes many devices and systems are unpatchable, and many organizations fail to patch timely, so vulnerabilities uncovered by AI may "stick around" even as other systems become more secure.

Mozilla’s use of Mythos: 271 Firefox vulnerabilities

The essay supplies a concrete example of defensive use: Mozilla used Mythos to find "271 vulnerabilities in Firefox." Those vulnerabilities "have been fixed, and will never again be available to attackers," the piece reports. That illustrates the symmetrical potential of the technology: the same scanner that can expose attack surfaces can be applied to eliminate them. Yet the essay cautions that finding and exploiting is often easier than finding and fixing, and that real-world constraints — unpatchable hardware, slow update cycles, and organizations that don’t apply patches — will blunt that defensive promise.

Tax codes, regulatory loopholes, and the broader societal risk

The essay widens the lens beyond software. It argues that tax codes and other regulatory regimes are "a series of algorithms with inputs and outputs" and therefore resemble computer code in ways that matter. The same searching, pattern‑matching and reasoning that finds software vulnerabilities "almost certainly apply to similar systems" — including tax loopholes and regulatory exploits. The author expresses confidence that "the major investment banks are working on this right now, in secret," having fed AIs national tax codes to search for money‑saving strategies. The essay invokes the "Double Dutch Irish Sandwich" as an example of a complex cross‑jurisdictional tax dodge and asks whether AIs can discover even more intricate variants.

Crucially, the essay contrasts fix timelines: software vendors can often push patches in days, while changing tax law "generally takes years" and is subject to lobbying pressures. The carried interest example is cited to underline how political resistance can keep a loophole open despite repeated attempts to close it.

The picture the essay paints is clear and unnerving: advanced models like Mythos are a harbinger of a world in which automated discovery accelerates both exploitation and remediation — but not evenly. In the short term, attackers may have the edge wherever systems are unpatchable or organizational practice lags. Over the longer run, as models improve and defenders bake automated scanning into development, the essay argues the "endgame gives AI‑enhanced defenders advantages over AI‑enhanced attackers." Which reality prevails will depend on how quickly organizations patch, how governments adapt regulatory processes, and how quietly powerful actors use AIs to hunt for loopholes.

Read the original essay: https://www.schneier.com/blog/archives/2026/05/how-dangerous-is-anthropics-mythos-ai.html