AI Has Crossed the Offensive Threshold: Inside Claude Mythos and the End of Human-Dominated Bug Hunting

Speaking to outlets including the BBC and Moneycontrol, Palmiotti explained that the technology is evolving at a pace where even the top tier of human talent may become non-competitive. She predicted that AI hacking contests could make competitions like Pwn2Own obsolete, because the raw speed, scale, and autonomy of systems like Mythos cannot be matched by any individual human, no matter how skilled .

Critically, her warning is not that AI will instantly replace all security researchers, but that it is crossing a capability threshold which changes the economics of who—or what—finds the most critical vulnerabilities first. The trajectory, she argues, points toward machines .

What Claude Mythos Actually Does: Capabilities Beyond Benchmark Scores

Claude Mythos Preview is not a narrow cybersecurity tool. It is a general-purpose language model, Anthropic's next-generation successor to its Claude line. It was not specifically trained to be a hacker. Yet when its capabilities were evaluated, the results shocked even its creators .

Thousands of Zero-Day Discoveries

Anthropic confirmed that Mythos Preview autonomously discovered thousands of high-severity vulnerabilities across every major operating system and every major web browser. This includes previously unknown (zero-day) flaws that no human researcher had yet uncovered . One report described it producing 303 pages of vulnerability findings in 21 minutes .

Working Exploit Development

Previous AI models could sometimes find vulnerabilities, but almost never autonomously build a working exploit. On a benchmark that involved turning known Firefox JavaScript engine vulnerabilities into functional shell exploits, Mythos Preview succeeded 181 times. The previous best Anthropic model, Claude Opus 4.6, had a near-zero success rate . This is not an incremental improvement—it represents a threshold being crossed .

Reverse Engineering Stripped Binaries

Mythos can analyze closed-source or compiled software even after human-readable debugging information has been removed. It examines raw machine-level code, understands how the program functions, and uncovers vulnerabilities that would be opaque without source access .

Autonomous Exploitation Without Human Prompting Beyond a Single Instruction

Researchers used a straightforward scaffold: containerize the target codebase, invoke the model with Claude Code running Mythos Preview, and give it a single-paragraph prompt asking it to find vulnerabilities. The model then independently identified and wrote exploits for previously unknown security gaps . The UK's AI Security Institute (AISI) independently evaluated Mythos and confirmed its advanced cyber capabilities .

The Unsettling Part: These Abilities Emerged by Accident

Anthropic was explicit: the model's offensive cyber capabilities were not deliberately trained. They "emerged as a downstream consequence of general improvements in code, reasoning, and autonomy" . The same improvements that make the model more effective at patching vulnerabilities also make it more effective at exploiting them. This has enormous governance implications: if offensive capability is an emergent property of general reasoning power, future, even more capable models may be impossible to make safe without fundamentally limiting their intelligence .

Why Only 50 Organizations? Inside Project Glasswing and Historic Government Intervention

When Anthropic launched Claude Mythos Preview in April 2026, it did something no major AI lab had done before: it announced its most powerful model and simultaneously told the public they cannot use it .

The company created Project Glasswing, a restricted-access program that limits Mythos Preview to approximately 50 carefully vetted organizations. These include major technology companies such as Apple, Amazon Web Services, Microsoft, Google, Cisco, CrowdStrike, Broadcom, Palo Alto Networks, and Nvidia, as well as critical infrastructure operators like JPMorgan Chase. U.S. government entities, including the National Security Agency (NSA), were also granted access . The goal is to harden the world's most critical software first, giving defenders a head start before similar—or more capable—offensive AI inevitably proliferates .

Anthropic's reasoning is straightforward: the model is simply too dangerous for broad release. The company acknowledged Mythos is "currently far ahead of any other AI model in cyber capabilities" and that it "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders" . In the wrong hands, it could orchestrate coordinated cyberattacks on power grids, hospitals, and financial systems .

The White House Steps In

The situation escalated when Anthropic proposed expanding access from roughly 50 organizations to 120. The White House blocked that expansion—the first known instance of the U.S. government restricting an AI model's commercial rollout based on policy considerations, rather than a specific law or regulation . Administrators cited fears the model could fall into adversarial hands and concerns about whether Anthropic has enough compute to serve an expanded set of users without degrading service for critical federal partners .

Meanwhile, the Pentagon announced classified-network AI partnerships with eight companies—OpenAI, Google, Microsoft, AWS, Nvidia, SpaceX, Oracle, and xAI—and pointedly excluded Anthropic from the list, signaling rising tensions between the company and the U.S. defense establishment .

For now, Mythos remains behind locked doors. Japan's three megabanks gained access in May 2026, making the country one of the first outside the U.S. to use the model defensively .

The Human Vulnerability Researcher: Endangered or Evolving?

The arrival of Claude Mythos has ignited an urgent philosophical debate in cybersecurity. Do human vulnerability researchers have a viable future, or are we witnessing the beginning of the end?

The Case for Humans: Why Expertise Still Matters

1. AI augments, it doesn't yet replace. Palmiotti herself uses Claude Code to enhance her efficiency while relying on human skill for context and creative reasoning. Many researchers argue that human expertise remains critical for high-level strategy, understanding the purpose and business logic of a system, and creative chain-of-attack reasoning that models cannot yet replicate .

2. Access controls preserve human roles—for now. Mythos is locked to approximately 50 organizations. The overwhelming majority of bug bounty programs, penetration tests, and vulnerability assessments are still performed by human researchers using far less capable tools. While this changes the frontier, it does not dissolve the massive existing industry .

3. Novel domains and judgment. Humans retain advantages in detecting business logic flaws, conducting nuanced social engineering assessments, and providing risk-based contextual judgment that current AI models may overlook or misinterpret. AI may find a technically exploitable buffer overflow; a human researcher can tell you whether that overflow actually matters in the business context .

The Case for Obsolescence: Why Speed and Scale Are Winning

1. Raw speed and scale are beyond human reach. Mythos can ingest entire codebases, find vulnerabilities, and write exploits in minutes—work that might occupy a skilled human team for weeks or months. One publication described it as "an AI that can break into almost any computer on Earth" after it found thousands of unknown vulnerabilities across all major operating systems simultaneously .

2. Elite human contests are becoming AI showcases. Palmiotti's prediction that hacking competitions like Pwn2Own may become obsolete is not just a feeling—it's a structural observation. If one model can find and chain vulnerabilities that might otherwise require multiple elite teams, the economics of vulnerability hunting shift fundamentally .

3. Cost and efficiency advantages are overwhelming. A single AI system can scan millions of lines of code, connect small vulnerabilities into critical exploit chains, and operate at a scale no human can sustain. This fundamentally changes what is possible in vulnerability discovery—not because humans are ineffective, but because they cannot compete on volume .

The debate is unlikely to resolve cleanly. More likely, the immediate future will bifurcate: an inner circle of AI-augmented defenders using tools like Mythos under strict government- and corporate-vetted access, and a vast outer circle where the majority of security work remains stubbornly, humanly manual. The distance between those two circles is narrowing.