https://preview.redd.it/a2xsl4utff3h1.png?width=1248&format=png&auto=webp&s=bea6a07168de32d07d5c4b46be7f75e4c8be265c So Wired’s security reporter, Lily Hay Newman, just put out a piece on Monday about how AI is completely shifting the bug-hunting game. Basically, Anthropic has this closed project called Project Glasswing, and they showed that their new model, Claude Mythos, flagged over 10,000 high and critical severity security flaws in global system software in just a single month. During the testing phase, the model scanned over 1,000 open-source projects. Cloudflare, who is partnering with Anthropic, ended up finding 2,000 bugs in their own systems, with 400 of them being high severity. What’s crazy is that the model’s false positive rate was actually better than human testers. Around the same time, Mozilla used it to find and patch 271 security issues in Firefox 150. To give you some context, Anthropic’s older model, Claude Opus 4.6, found ten times fewer bugs back in Firefox 148. The UK AI Safety Institute also mentioned that Claude Mythos is the first model to completely pass their cyberattack simulations, and independent firms confirmed that 90.6% of the bugs it flagged were totally legit. This is fundamentally changing how digital defense works because AI is finding vulnerabilities way faster than human engineers can actually verify them, report them, and push out the necessary patch updates. It’s putting a ton of pressure on the whole security ecosystem right now. Source: https://www.wired.com/story/the-ai-era-is-creating-a-bug-hunting-arms-race/ submitted by /u/andrewaltair
Originally posted by u/andrewaltair on r/ArtificialInteligence