AIToday

AI bug-hunting tools spark 3.5× surge in security vulnerability reports

THE DECODER1d ago4 min read
AI bug-hunting tools spark 3.5× surge in security vulnerability reports

Key takeaway

Security vulnerability reports jumped to about 1,500 high-severity and critical vulnerabilities in June 2026—more than 3.5 times the previous monthly record—following the release of Anthropic's Claude Mythos Preview, an AI model that can autonomously find software bugs. Anthropic's Glasswing program has already uncovered more than 10,000 such vulnerabilities, signaling a shift toward AI-driven security discovery that is flooding the vulnerability disclosure pipeline.

Summaries like this, in your inbox every morning.

Sign up free →

3 Key Points

  • What happened

    In June 2026, organizations reported about 1,500 high-severity and critical vulnerabilities (CVEs), more than 3.5 times the previous monthly record. The spike began in April 2026, aligned with Anthropic's announcement that its Claude Mythos Preview model can find software vulnerabilities on its own.

  • Why it matters

    AI models are now discovering security flaws at scale. Anthropic's Glasswing program has uncovered more than 10,000 high-severity or critical vulnerabilities, and OpenAI's Daybreak program is also contributing to the surge. For organizations, this means more vulnerabilities are being surfaced and reported — both a risk exposure and an opportunity to patch systems before threats materialize.

  • What to watch

    The article documents the spike through June 2026 via Epoch AI's tracking. The trend reflects a fundamental shift: AI-driven discovery is outpacing human-only vulnerability hunting, and the volume of reported CVEs may continue to climb as more trusted partners use these tools.

FAQ

What is Claude Mythos Preview and what does it do?
Claude Mythos Preview is Anthropic's AI model that can find software vulnerabilities on its own. Trusted partners were already using it to discover and fix bugs before its public release in April 2026.
How many vulnerabilities has Anthropic's Glasswing program found?
Anthropic's Glasswing program has uncovered more than 10,000 high-severity or critical vulnerabilities so far, some of which have not yet been published.
Is OpenAI also contributing to this surge?
Yes. OpenAI's Daybreak program is likely adding to the surge in reported vulnerabilities, according to Epoch AI.

Discussion

No discussion yet for this article

Stay ahead with AI news

Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.

Get Started Free

Free · takes 30 seconds · unsubscribe anytime

1 minute a day. The AI essentials.

200+ sources · Email / LINE / Slack

Get it free →