8 July 2026 Hacks .

Claude Mythos: When AI Turns Vulnerabilities Into a Triage Problem

At the end of January 2026, Daniel Stenberg switched off the signal.

The creator of curl, one of the world’s most widely deployed open-source projects, ended the project’s bug bounty programme. Not because vulnerabilities had disappeared. Not because security had become secondary. But because the programme was receiving too many low-quality reports, often generated with the help of AI.

The figure says it all: fewer than 5% of reports received in 2025 were valid, compared with around 15% previously. For a small team of maintainers, the problem was no longer purely technical. It had become organisational.

Every report had to be read. Every hypothesis had to be checked. Every false lead consumed time that no one got back.

A few months later, another development gave the issue a new dimension. Anthropic introduced Claude Mythos Preview, followed by Claude Mythos 5, a family of models geared towards advanced cyber capabilities. This time, the problem was no longer just noise. According to Anthropic and evaluations published by the UK AI Security Institute, Mythos also shows a growing ability to discover and chain together real vulnerabilities.

For CISOs, this is the most difficult scenario: more noise to filter, but also more genuine vulnerabilities to address.

Key takeaways

  • curl ended its bug bounty programme after the rate of valid reports fell below 5%.

  • Claude Mythos Preview was evaluated by the UK AI Security Institute on advanced cyber tasks.

  • The model achieved a 73% success rate on a set of expert-level CTF tasks.

  • It also completed a 32-step network attack simulation in 3 out of 10 attempts.

  • In a Patrowl sample of 23,000 findings, 93% were classified as false positives or non-exploitable in their real-world context.

  • The central issue is no longer detection. It is the ability to qualify, prioritise and remediate.

The real cost is not detection. It is verification.

AI has sharply reduced the cost of producing a security report. An agent can read code, formulate a vulnerability hypothesis, write a report and repeat the process. At scale.

But the cost of verification has not followed the same curve.

To know whether an alert deserves action, teams still need to understand the environment, reproduce the behaviour, assess the impact and decide whether remediation is a priority. That work remains scarce, contextual and often human-led.

This is exactly what overwhelmed curl. It is also what many security teams already experience with their scanners.

Patrowl observed the same phenomenon in an export of 23,000 findings from a commercial scanner. After analysis, 93% were classified as false positives or findings that were not exploitable in their real-world context.

That figure should not be generalised across the entire market. It describes a specific sample. But it illustrates a reality familiar to many CISOs: a raw alert is not yet a priority risk.

93%

Share of alerts classified as false or non-exploitable in a Patrowl analysis of 23,000 findings from a commercial scanner.

The danger is not simply wasted time. It is that a genuinely critical vulnerability may sit among thousands of tickets and wait too long for remediation.

Claude Mythos changes the nature of the problem

The curl case tells the story of exploding noise. Claude Mythos tells the other half.

In April 2026, Anthropic introduced Claude Mythos Preview through Project Glasswing. The stated aim was to give selected partners controlled access to advanced cyber capabilities, helping them identify and fix vulnerabilities in critical software.

Anthropic says Mythos Preview found old and complex vulnerabilities in major projects, including OpenBSD and FFmpeg. These results should remain attributed to Anthropic.

But the strongest evidence comes from an independent third party: the UK AI Security Institute.

The Institute evaluated Claude Mythos Preview in controlled environments. On expert-level Capture the Flag tasks that no model tested by the AISI could solve before April 2025, Mythos Preview achieved a 73% success rate.

That figure does not mean Mythos can compromise 73% of companies. It applies to a specific set of tests. But it marks a clear jump.

The AISI also tested the model on “The Last Ones”, a 32-step network attack simulation. The scenario runs from initial reconnaissance through to full network takeover. The Institute estimates that a human expert would need around 20 hours to complete it.

Mythos Preview became the first model evaluated by the AISI to complete the scenario end to end. It succeeded in 3 out of 10 attempts, completing an average of 22 out of 32 steps.

The distinction matters: a cyber range is not a real company. A controlled test is not a production environment. But for a CISO, the signal is strong enough to change the conversation.

AI is no longer used only to generate poor-quality tickets. It is also beginning to shift the frontier of offensive research.

Patching is becoming a prioritisation problem

When a vulnerability affects an operating system, browser or open-source library, publishing a fix is only the beginning.

The organisation still has to answer several questions: which versions are we running? Which assets are exposed? Is the service reachable from the Internet? Could the patch break a dependency? What risk are we accepting if we wait?

If models such as Claude Mythos accelerate vulnerability discovery, the number of fixes requiring assessment may rise as well.

The issue will not be limited to third-party components. These capabilities can also be applied to internal applications, APIs and business systems. In those cases, no vendor is necessarily preparing the patch for you.

Claude Mythos 5 extends this trajectory. Anthropic presents it as the evolution of Mythos Preview, with access restricted to selected partners. Claude Fable 5 belongs to the same generation but targets broader use, while Claude Opus remains associated with complex general-purpose tasks.

The distinction is more than a product detail. It shows that the most sensitive cyber capabilities are not being deployed like a general-purpose assistant. They are being treated as capabilities that require control.

For security teams, the right question becomes less:

“Have we applied every patch?”

And more:

“Are we exposed, where, and what needs to come first?”

The cyber security market must move beyond the race for volume

For years, many tools have been sold on a simple promise: detect more.

More CVEs. More scans. More coverage. More tickets.

But as AI increases volume, that promise loses value. A tool that detects everything but overwhelms teams does not necessarily reduce risk. It may simply move the problem from infrastructure to decision-making capacity.

Three elements become decisive.

Context. A vulnerability does not carry the same priority if the asset is exposed to the Internet, protected by effective controls or isolated inside an internal environment.

Evidence. A CVSS score or signature is not always enough. Teams need to know whether the impact is real in their environment.

Decision. A useful alert should support an operational choice: remediate now, monitor, accept temporarily or escalate.

This is where traditional approaches reach their limits. A raw scanner produces a signal. It does not always produce an actionable decision.

The Patrowl approach: reduce noise before remediation

Patrowl starts from a simple conviction: remediation teams should not have to repeat the entire qualification process downstream.

The platform maintains a continuous map of the external attack surface, detects new exposures and focuses technical validation on priority risks.

A traditional scanner may produce large volumes of results from software versions, signatures or theoretical scores. Patrowl adds exposure context: is the asset visible from the Internet? Is the service actually reachable? Is the risk critical? Is there technical evidence?

The goal is not to add thousands of lines to a ticketing system. It is to provide qualified risks, together with the information needed to make a decision.

In a world where Claude Mythos accelerates vulnerability discovery and curl illustrates the saturation of reporting channels, this filtering becomes strategic.

Less noise for teams. More capacity to address the exposures that genuinely matter.

The next cyber problem will not be a lack of alerts

There is already no shortage of alerts. There will be even more.

Some will be poor. Others will be real. The hardest part will be telling them apart quickly enough.

The curl case shows what happens when producing a report becomes almost free. The UK AI Security Institute’s evaluation of Claude Mythos shows that advanced models are also progressing on genuinely complex cyber tasks.

These two curves are going to cross.

More noise. More real vulnerabilities. More patches. Teams that will not grow at the same rate.

Mature organisations will therefore stop looking only for the tool that detects the most. They will look for the one that helps them understand what deserves action, on which asset, with what urgency and based on what evidence.

The future of cyber security does not lack signals.

It lacks triage.

Want to identify your real priority exposures? Discover how Patrowl combines continuous external attack surface mapping, detection and technical validation to focus remediation on the risks that matter.

FAQ

What is Claude Mythos?

Claude Mythos is a family of Anthropic models geared towards advanced cyber capabilities. Claude Mythos Preview was introduced in April 2026, before Claude Mythos 5.

How capable is Claude Mythos in cyber security?

The UK AI Security Institute reports that Claude Mythos Preview achieved a 73% success rate on a set of expert-level CTF tasks. The model also completed a 32-step network attack simulation in 3 out of 10 attempts.

What is the difference between Claude Mythos, Claude Opus and Claude Fable?

Claude Mythos targets advanced cyber capabilities with controlled access. Claude Fable 5 focuses on long and complex tasks with broader availability. Claude Opus remains an advanced general-purpose model for complex tasks.

Does AI only produce more false positives?

No. AI can increase the volume of weak reports, but advanced models can also discover genuine vulnerabilities. Security teams therefore need to filter more noise while handling more real signals.

How can security teams reduce alert noise?

Raw findings should not automatically be sent to remediation teams. A stronger approach combines continuous discovery, exposure context, technical validation and prioritisation.

Sources

  • curl — official project change history

  • Anthropic — Project Glasswing and controlled access to Claude Mythos Preview

  • UK AI Security Institute — evaluation of Claude Mythos Preview’s cyber capabilities

  • Anthropic — Claude Fable 5 and Claude Mythos 5

  • Patrowl — internal data from the analysis of a 23,000-finding sample exported from a commercial scanner