Anthropic's Mythos Preview autonomously built 8 working exploits from 18 recent Firefox patches and 8 full SYSTEM level exploit chains from 21 Windows kernel patches, producing its first Windows exploit in 31 minutes—... The cost to run individual exploit campaigns fell below $50 per successful run, with full operat...

Create a landscape editorial hero image for this Studio Global article: According to a March 2026 Axios report on Anthropic's Mythos Preview AI, what did the company's frontier red team find when they tested the. Article summary: **Note:** The Axios report in question was published **June 8, 2026**, not March 2026. The earlier Axios stories were in April (announcement) and March (Claude Opus bug-hunting). Below is the full breakdown based on the . Topic tags: general, general web, user generated. Reference image context from search candidates: Reference image 1: visual subject "Anthropic has said Mythos Preview has found thousands of high-severity vulnerabilities, including some in every major operating system and web" source context "Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models | CSO Online" Reference image 2: visual subject "Anthropic has said
In June 2026, Anthropic's frontier red team revealed a new and unsettling capability of its restricted Claude Mythos Preview model: the ability to read publicly disclosed software patches and autonomously turn them into working exploits in minutes. The findings, shared exclusively with Axios, tested Mythos against N-day vulnerabilities—flaws that had already been patched by vendors but remained unpatched inside most organizations. The results did not just break existing timelines; they effectively eliminated them .
Anthropic's red team fed Mythos 18 recently disclosed Firefox security patches and 21 Windows kernel patches—all released after the model's training cutoff—and instructed it to build working exploits. Across the Firefox set, Mythos autonomously produced 8 working code-execution exploits without human intervention. On the Windows kernel side, where source code is unavailable, it generated 8 full exploit chains that escalated a low-privilege user to complete SYSTEM control .
The speed was the headline: Mythos produced its first Windows proof-of-concept exploit in 31 minutes and ultimately created eight distinct exploits in roughly 12 hours . To put that in perspective, the median enterprise patch window was approximately 70 days, unchanged since 2022, while Mythos compressed weaponization into under an hour. This mismatch creates what analysts are calling a structural "patch gap": defenders physically cannot install fixes faster than AI-generated exploits can be deployed
.
The broader implication is that the traditional N-day window—the weeks or months defenders counted on between patch release and exploit availability—has effectively collapsed .
In a separate but related evaluation, Mythos triggered 13 out of 14 Windows bugs that Microsoft had classified as "unlikely to be exploited," and drove one of those bugs to full system control . Microsoft's "low exploitability" rating currently covers 80 to 90% of even critical-severity bugs, meaning the set of vulnerabilities that security teams treat as urgent may need to expand by roughly 5x
. The ratings system, designed for a world where exploit development took weeks of expert human labor, now underestimates the threat from autonomous AI that can handle the same work in minutes.
One of the most uncomfortable numbers in Anthropic's disclosures is the cost. Individual zero-day discovery runs cost under $50 per successful attempt. A full OpenBSD scanning campaign—thousands of runs—cost approximately $20,000 and uncovered multiple critical vulnerabilities, including a 27-year-old bug in OpenBSD's TCP stack . Linux kernel N-day root exploits were built for under $2,000 each
. Anthropic's total red team campaign remained well under $20,000 for entire codebase sweeps
.
These are not nation-state budgets. They are individual-developer or small-team budgets, meaning the barrier to sophisticated vulnerability discovery and exploit development has dropped dramatically at exactly the moment AI capabilities have risen sharply .
Anthropic disclosed Claude Mythos Preview on April 7–8, 2026, describing a frontier model that autonomously discovered and exploited zero-day vulnerabilities in every major operating system and web browser, finding thousands of high-severity bugs, including flaws that had survived decades of expert review . Because of the extreme dual-use risk, Anthropic did not release Mythos publicly. Instead, it created Project Glasswing, a controlled cybersecurity initiative initially limited to about 50 partner organizations including AWS, Apple, Cisco, Google, Microsoft, JPMorgan, and the Linux Foundation
.
As of June 2026, Glasswing is expanding to roughly 150 organizations across more than 15 countries, including national security agencies in Australia, the UK, and several EU and Asian nations . Partners receive a 90-day exclusive patch window before findings are publicly disclosed
. By late May 2026, Mythos had found more than 10,000 high- or critical-severity vulnerabilities across systemically important software
.
Mozilla's collaboration with Anthropic alone resulted in 271 zero-day vulnerabilities found and fixed in Firefox 150—the largest single security fix batch in the browser's history .
Industry response: Cisco joined the initial Glasswing partner cohort, along with other major tech and cybersecurity firms, gaining early access to Mythos for defensive vulnerability discovery in its own and open-source software . Mozilla's internal partnership with Anthropic predated the full Mythos rollout, and the results—271 zero-days patched—demonstrated the defensive potential when used responsibly
.
Trump administration: The policy response was turbulent. In April 2026, National Cyber Director Sean Cairncross led outreach to agencies, but CISA funding cuts and internal political battles complicated coordination . On May 21, Trump scrapped a planned executive order that would have required AI labs to submit frontier models for government review 90 days before public release, telling reporters he did not want anything slowing America's lead over China
.
Less than two weeks later, on June 3, Trump signed a revised executive order on AI innovation and cybersecurity that created a voluntary 30-day review framework for new frontier models—lighter than the rejected 90-day mandate but still a recognition that the status quo was insufficient .
Meanwhile, administration agencies including Treasury, the Federal Reserve, and the Office of Management and Budget rushed to secure access to Mythos after the April warnings, with Treasury receiving emergency briefings despite an earlier Trump directive to cease use of Anthropic technology .
Congress: OpenAI and Anthropic held closed-door briefings with the House Homeland Security committee on AI-powered cyber threats, marking some of the first dedicated AI cybersecurity threat briefings for congressional staff .
The core implication is clear: the era when a patch release bought defenders weeks of breathing room is over, at least against adversaries with access to frontier AI. The asymmetry is stark—enterprises still take roughly 70 days to patch, while AI can weaponize the same flaws in under an hour. Organizations are now being forced to reconsider which vulnerabilities they treat as urgent, how they prioritize patching, and whether their vulnerability management cadence can survive in a world where exploit development has become cheap, fast, and automated.
Studio Global AI
Use this topic as a starting point for a fresh source-backed answer, then compare citations before you share it.
Anthropic's Mythos Preview autonomously built 8 working exploits from 18 recent Firefox patches and 8 full SYSTEM level exploit chains from 21 Windows kernel patches, producing its first Windows exploit in 31 minutes—...
Anthropic's Mythos Preview autonomously built 8 working exploits from 18 recent Firefox patches and 8 full SYSTEM level exploit chains from 21 Windows kernel patches, producing its first Windows exploit in 31 minutes—... The cost to run individual exploit campaigns fell below $50 per successful run, with full operating system sweeps costing under $20,000, making sophisticated vulnerability weaponization accessible at individual develo...
Mythos also triggered 13 of 14 Windows bugs Microsoft rated 'unlikely to be exploited,' suggesting the set of vulnerabilities needing urgent patching may need to expand roughly 5x.