Jun 09, 2026 21:00:00

Anthropic points out that the AI 'Claude Mythos Preview,' which has extremely high cyberattack capabilities, can develop attacks within hours of a publicly disclosed vulnerability called 'N-day,' meaning 'the norm will change from N-day to N-hour.'

Anthropic's '

Claude Mythos Preview ,' released in April 2026, has attracted attention for its extremely high capability in 'discovering and exploiting software vulnerabilities.' Concerns have been raised that OSS maintainers may not be able to keep up with the speed of vulnerability discovery , potentially increasing risks, and that tests by a UK government agency have revealed that it can autonomously execute a complete network takeover attack. Now, Anthropic has demonstrated that Claude Mythos Preview can execute the development of an attack that exploits a vulnerability, which would normally take several weeks, in just a few hours.

N-days \ red.anthropic.com
https://red.anthropic.com/2026/n-days/

In a report published by Anthropic in May 2026 outlining the achievements of Claude Mythos Preview to date, it was shown that Anthropic and approximately 50 partners had used Claude Mythos Preview to discover more than 10,000 vulnerabilities rated as 'high' or 'critical' in globally important software. When the vulnerabilities discovered by Claude Mythos Preview were re-verified by independent security research companies, it was found that 90.6% were genuine vulnerabilities, and 62.4% were actually rated as 'high' or 'critical,' highlighting the high accuracy of the methodology.

Claude Mythos Preview has discovered 6,202 potential vulnerabilities estimated to be of 'high' severity or higher; an initial report on the high-performance AI, which is being considered for use by Japanese banks, has been released - GIGAZINE

Anthropic has also published a report on Claude Mythos Preview's ability to generate working attack code from 'N-day' vulnerabilities. N-day vulnerabilities are those that have already been disclosed and for which patches have been released or are in development, but for which no actual exploits exist, in contrast to zero-day vulnerabilities that are unknown. Anthropic has previously published several articles on the cybersecurity capabilities of AI models, most of which focused on zero-day vulnerabilities, but the majority of real-world damage is caused by N-day vulnerabilities.

Attackers create attack code by reverse engineering publicly available N-day patches, analyzing source code and patch differences. In most cases, N-day attacks are a race against time; while it traditionally takes days to weeks to create attack code, the defenders have time to widely deploy updates.

However, according to Anthropic, Claude Mythos Preview could potentially accelerate and automate the creation of attack code, solving the time bottleneck that has been a problem for attackers.

The following graph shows the overall score for each of the six models tested, after performing three trials on each of the 18 vulnerabilities included in the dataset. The vertical axis represents the number of proof-of-concept (PoC) creations for the vulnerabilities, and the horizontal axis represents the elapsed time. A steeper slope on the graph indicates a higher ability to create PoCs quickly. According to the graph, Claude Mythos Preview created its first PoC in approximately 12 minutes and 13 PoCs in 40 minutes. It took approximately 3 hours to complete the 14th PoC.

The following study selected three models that showed the best performance in the first test—Claude Mythos Preview, Claude Opus 4.8, and Claude Opus 4.6—and investigated how consistently each model could perform PoC development for 18 vulnerabilities by commanding 50 PoC development iterations for each vulnerability. Claude Opus 4.8 and Claude Opus 4.6 were able to consistently resolve only one vulnerability, while Claude Mythos Preview was able to consistently resolve seven vulnerabilities.

Claude Mythos Preview particularly excelled in testing to develop exploits that crash machines using N-day vulnerabilities. Claude Opus 4.8 created two exploits, Claude Opus 4.6 and Claude Sonnet 4.6 each created one, and the other models were unable to create any exploits, but Anthropic reports that Claude Mythos Preview created its first working exploit in just under an hour, and ultimately created eight different exploits in about 12 hours.

In addition, in tests to create Proof of Concept (PoC) that trigger a blue screen from Windows vulnerabilities, Claude Sonnet 4.6 and Claude Opus 4.7 each developed PoCs for 13 out of 21 vulnerabilities, Claude Opus 4.8 for 15, and Claude Mythos Preview for 18. The first PoC for Claude Mythos Preview was completed in 31 minutes, and all 18 were completed within 6 hours.

Anthropic states, 'This suggests that users currently in a patch gap are facing a much greater threat than before, and the risks are only increasing as model performance improves. The term 'N-day' is now dangerously misleading, and 'N-hour' is a more appropriate term for the reality we are currently facing.' They also suggest that the defense should accelerate the speed of patch deployment as a countermeasure.