Source link : https://tech365.info/claude-mythos-uncovered-a-tough-reality-your-enterprise-patching-course-of-is-approach-too-sluggish/
In 2024, researchers from the College of Illinois discovered that GPT-4, when supplied with a standard vulnerabilities and exposures (CVE) description, might autonomously exploit 87% of a curated 15-vulnerability one-day dataset. With out the outline, it might solely exploit 7%. This supplied a “margin of safety” for the trade as a result of whereas AI might exploit identified vulnerabilities, it couldn’t uncover them.
Nevertheless, on April 7, Anthropic introduced that Claude Mythos Preview had closed that margin, with the mannequin autonomously discovering hundreds of zero-day vulnerabilities throughout main working techniques and browsers. Individually, Mythos scored 83.1% on the CyberGym vulnerability replica benchmark. In a single marketing campaign concentrating on OpenBSD throughout 1,000 scaffold runs, the full compute value was lower than $20,000.
Exploitation timelines are collapsing. Langflow’s CVE-2026-33017 (CVSS 9.8) was exploited 20 hours after disclosure with no public proof-of-concept. Marimo’s CVE-2026-39987 (CVSS 9.3) was hit in 9 hours and 41 minutes.
The defensive infrastructure most organizations depend on wasn’t designed for this. Rapid7’s 2026 menace panorama report states that the median time from CVE publication to CISA’s identified exploited vulnerabilities (KEV) itemizing is 5 days. Google’s M-Traits 2026 report discovered that exploitation is going on earlier than a patch is even launched. When the Langflow advisory was…
—-
Author : tech365
Publish date : 2026-05-31 18:14:00
Copyright for syndicated content belongs to the linked Source.
—-
1 – 2 – 3 – 4 – 5 – 6 – 7 – 8