Cybersecurity researchers at multiple firms have reproduced Anthropic’s headline Mythos vulnerability discoveries using publicly available AI models, according to CNBC. The findings challenge the narrative that Mythos represents a unique capability leap, instead suggesting that orchestration techniques and scale are the more important variables.
“What we are seeing across the industry now is that people are able to reproduce the vulnerabilities found with Mythos through clever orchestration of public models to get very, very similar results,” Ben Harris, CEO of cybersecurity firm watchTowr, told CNBC.
What the Researchers Found
Vidoc Security ran older, publicly available models from both OpenAI and Anthropic against the same codebases that Mythos analyzed. “We ran older models against the same code base to see if we’d be able to detect the same vulnerabilities,” CEO Klaudia Kloc told CNBC. “We did, with both OpenAI and Anthropic’s older models.”
The technique is called orchestration: splitting code into smaller pieces and coordinating multiple models or tools to cross-check results. Aisle, another cybersecurity firm, reached the same conclusion. Founder Stanislav Fort wrote in a blog post that “a thousand adequate detectives searching everywhere will find more bugs than one brilliant detective who has to guess where to look.”
Anthropic did not dispute the findings. A company spokesperson pointed CNBC to a February blog post showing that Claude Opus 4.6, a widely available model, had already found more than 500 “high severity” vulnerabilities in open-source software.
Where Mythos Differs
The distinction is in what happens after discovery. Mythos can develop working exploits with minimal human input, automating a step that previously required skilled security researchers, according to Anthropic. That exploit-generation capability is what prompted Anthropic to restrict the model to vetted partners under Project Glasswing: Amazon, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks, plus over 40 additional organizations.
Anthropic is committing up to $100M in usage credits for Mythos Preview across defensive security work and $4M in direct donations to open-source security organizations, according to the Project Glasswing page.
The scale numbers are significant. An earlier Anthropic model found roughly 20 vulnerabilities in the Firefox browser. Mythos found nearly 300, and the total count across all software runs into the tens of thousands, CEO Dario Amodei said at an Anthropic financial services event on May 5.
The Competitive Response
OpenAI launched GPT-5.5-Cyber in limited preview on May 8, restricted to vetted U.S. cybersecurity defenders and government agencies, according to CNBC. The Trump administration is also considering new government oversight over future models.
Amodei framed the situation as a time-sensitive window. Chinese AI models are “maybe six to 12 months” behind Mythos, he said, giving defenders roughly that amount of time to patch the vulnerabilities before adversarial nations can exploit them.
The Orchestration Lesson
The expert consensus points to a structural reality that agent builders should internalize: the vulnerability discovery capability is not locked behind a single frontier model. It is an emergent property of orchestrating existing models at scale. Kloc said the capability has existed “for a couple of months, if not a year.” The implication for enterprises is that defensive scanning cannot wait for access to Mythos. The tools to find these vulnerabilities, and to exploit them, are already public.