IndustryPlatform

Mythos uncovers 6,202 critical bugs in major open-source projects

Anthropic's Mythos security agent identified 6,202 high- or critical-severity vulnerabilities across 1,000+ open-source repositories in a one-month pilot, with independent verification confirming 90 percent of findings and a false-positive rate below human testers.

ByAlex Sokoloff·May 28, 2026

Mythos uncovers 6,202 critical bugs in major open-source projects

Anthropic released interim results from Mythos and Project Glasswing on May 27, revealing that the AI security agent has identified 6,202 high- or critical-severity vulnerabilities across more than 1,000 widely used open-source repositories. Partners running the tool in private codebases reported hundreds of critical bugs each, with some teams seeing a tenfold increase in detection speed. Cloudflare alone flagged 2,000 issues—400 of them high or critical—and reported fewer false positives from Mythos than from human penetration testers.

Of the 6,202 open-source findings, 1,752 have been independently verified by six third-party security firms. Ninety percent of those checks confirmed real vulnerabilities, and 62 percent (1,100 bugs) retained their original high or critical severity rating. One example: Mythos generated a working exploit against wolfSSL that would allow an attacker to forge certificates, enabling a convincing phishing site that browsers would treat as legitimate with no warning to the user.

More in Industry

The flood of disclosures is outpacing remediation capacity. Some project maintainers have asked Anthropic to slow the reporting rate because patching takes an average of two weeks per high-severity bug. The sheer volume—23,000 total findings when medium- and low-severity issues are included—has exposed a bottleneck in open-source security infrastructure that few anticipated would emerge this quickly.

What remains unclear is whether Anthropic will expand Mythos access beyond enterprise partnerships or keep the tool gated. The current pilot concludes in the coming weeks, and the next release should clarify how much capability will reach smaller projects that lack dedicated security teams.

Research

NSFW

Platform

Confident agents hijack multi-LLM debates, arXiv study shows

Researchers model multi-agent LLM systems as mixtures of experts governed by social-influence dynamics, where confident agents dominate group decisions regardless of correctness.

May 31, 2026

IndustryNSFW

Google's AI search leaves brands blind to how they're described

Google I/O confirmed AI-generated answers now dominate search results, upending SEO strategies built around traditional link rankings and leaving most brands without insight into how AI systems describe them.

May 30, 2026

ReleasesNSFWPlatform

Mero-Artemis-31B-v0.3.1-heretic: uncensored 31B multimodal merge on Gemma4

sh0ck0r released Mero-Artemis-31B-v0.3.1-heretic, a 31-billion-parameter uncensored image-text-to-text model built on Gemma4 and available in safetensors format on HuggingFace.

May 30, 2026

PlatformNSFW

YouTube moves AI labels to top of Shorts, auto-detects synthetic content

YouTube is relocating AI disclosure badges to more visible positions on Shorts and long-form videos and will begin automatically identifying AI-generated content, the company announced this week.

May 30, 2026

ReleasesNSFW

Llama 3.2 3B uncensored GGUF quantization debuts for CPU inference

Jadzblaze99 published quantized GGUF weights for an uncensored fine-tune of Meta's Llama 3.2 3B Instruct model, enabling CPU and low-VRAM deployment of a 3-billion-parameter conversational model without safety filters.

May 30, 2026