Anthropic’s Mythos AI Uncovers Critical Vulnerabilities, Threatening DeFi Infrastructure

Anthropic has unveiled 'Claude Mythos Preview,' an AI model capable of discovering and exploiting zero-day vulnerabilities at a scale that surpasses decades of human security research. The model has already demonstrated its ability to uncover long-dormant bugs in hardened systems, including a 27-year-old flaw in OpenBSD and a 16-year-old vulnerability in FFmpeg, the latter of which had evaded five million automated scans. Unlike the theoretical risks associated with quantum computing, Mythos is currently operational. The company's technical findings reveal security flaws in the world's most popular cryptography libraries, including TLS, AES-GCM, and SSH. These libraries are fundamental to internet security, securing HTTPS connections and the remote server access that supports both centralized exchanges and DeFi infrastructure. The risk is particularly acute for DeFi protocols due to their open-source nature. With approximately $200 billion currently locked in smart contracts across networks like Ethereum and Solana, the ability of an AI to catalog weaknesses at machine speed for near-zero marginal cost creates a significant security gap that traditional audits may not cover. Anthropic warns that 'friction-based' security measures—such as multisig governance, timelocks, and traditional audit reports—may be insufficient against AI-assisted adversaries. These tools are designed to slow down attackers but do not eliminate the underlying code-level vulnerabilities that Mythos can exploit. While the DeFi Select Index recently rose 7% amid geopolitical easing between the U.S. and Iran, the long-term security implications remain a latent risk for traders. Currently, the model is not available to the general public and is restricted to 'Project Glasswing,' a select group of 40 tech giants including Microsoft, Apple, and Google.