When Anthropic, a leading artificial intelligence research company, unveiled Claude Mythos earlier this month, it did so with a stark warning: the model possessed capabilities deemed too dangerous for public release. The company strategically placed Mythos behind a vetted coalition of major technology corporations, framing it as a tool requiring stringent oversight. This unveiling immediately sent ripples through the highest echelons of global finance and security. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an emergency meeting with Wall Street CEOs to discuss the implications of such powerful AI, particularly concerning potential security vulnerabilities. The term "vulnpocalypse," a portmanteau signifying a catastrophic surge in exploitable software flaws, resurfaced with renewed urgency within cybersecurity circles, amplifying concerns about a future where advanced AI could be weaponized against critical infrastructure.
However, this carefully constructed narrative of exclusive danger and restricted access has been significantly complicated by a new study from Vidoc Security. A team of researchers at Vidoc has successfully replicated key findings demonstrated by Anthropic’s Mythos model, not by accessing Anthropic’s proprietary systems, but by utilizing publicly available AI models and open-source tools. This development challenges the premise that only a select few with privileged access to advanced, unreleased AI models can uncover such critical vulnerabilities.
The Vidoc Security experiment focused on reproducing the specific vulnerability examples that Anthropic had highlighted in its public disclosures. These examples involved complex software components, including a server file-sharing protocol, the networking stack of a security-focused operating system, video-processing software integral to numerous media platforms, and two cryptographic libraries essential for verifying digital identities across the internet. The researchers employed widely accessible AI models, specifically GPT-5.4 and Claude Opus 4.6, within an open-source coding agent known as opencode. Crucially, this was achieved without any special access, such as a "Glasswing invite" (Anthropic’s internal program for researchers) or private API access, and entirely outside of Anthropic’s internal development environment.
Dawid Moczadło, one of the researchers involved in the Vidoc Security project, articulated the significance of their findings on the social media platform X. "We replicated Mythos findings in opencode using public models, not Anthropic’s private stack," he stated. Moczadło further elaborated on the broader implications, suggesting a fundamental shift in the landscape of vulnerability discovery. "The moat is moving from model access to validation: finding vulnerability signal is getting cheaper; turning it into trusted security work is still hard," he posted, accompanied by a link to the team’s detailed report. This perspective reframes Anthropic’s "Mythos" release not as an indication of a single lab possessing a uniquely powerful, "magical" model, but rather as evidence that the economics and accessibility of vulnerability discovery are undergoing a profound transformation.
Reproducing the "Mythos" Vulnerabilities: Methodology and Findings
The Vidoc Security team meticulously followed the methodology described by Anthropic in its public materials. This involved providing the AI models with access to codebases, allowing them to explore and analyze the code, and then parallelizing attempts to identify potential weaknesses. The researchers utilized an open-source architecture that mirrored Anthropic’s approach, employing a planning agent to systematically break down each file into manageable segments. Subsequently, a detection agent was deployed to analyze each segment, with the capability to inspect other files within the repository to corroborate or dismiss identified findings.
The researchers focused on five specific areas that Anthropic had previously identified as demonstrating Mythos’s capabilities:
- Server File-Sharing Protocol: This component is critical for network-attached storage and cloud-based file synchronization services, where vulnerabilities could lead to unauthorized data access or manipulation.
- Networking Stack of a Security-Focused OS: Operating systems designed with enhanced security features, often used in critical infrastructure or high-security environments, can have complex networking layers where subtle flaws might be exploited.
- Video-Processing Software: Ubiquitous in streaming services, content creation, and media playback, these software packages handle large amounts of data and complex parsing, making them potential targets for buffer overflows or code injection attacks.
- Cryptographic Libraries (Two Instances): These libraries are the bedrock of secure digital communication and authentication. Flaws here could compromise the integrity of digital signatures, secure connections (like TLS/SSL), and identity verification systems.
In their experiments, both GPT-5.4 and Claude Opus 4.6 demonstrated a significant ability to reproduce vulnerabilities. Across multiple runs, both models successfully identified two bug cases each. Claude Opus 4.6, in particular, showed a notable capacity for independent discovery, independently re-identifying a bug within the OpenBSD operating system three consecutive times. GPT-5.4, while successful in other areas, did not achieve the same repeated discovery rate for the OpenBSD vulnerability.
The Vidoc team also noted that for some vulnerabilities, such as one involving the FFmpeg library (widely used for video and audio processing) and another concerning the processing of digital signatures by the wolfSSL cryptographic library, the models achieved "partial" success. This means the AI models were able to pinpoint the correct sections of code where the vulnerability likely resided but did not fully elucidate the precise root cause of the flaw. This distinction is important, as it highlights a nuance in the capabilities: identifying a problematic area versus fully understanding the exploitability.
Economic Implications: The Democratization of Vulnerability Discovery
A striking aspect of the Vidoc Security study is the cost-effectiveness of their approach. Each security scan performed by the researchers remained below $30 per file analyzed. This demonstrates that the process of identifying vulnerabilities, which Anthropic had positioned as requiring exclusive access to advanced AI, can be achieved at a remarkably low cost using readily available tools and models.
Moczadło’s assertion that "AI models are already good enough to narrow the search space, surface real leads, and sometimes recover the full root cause in battle-tested code" underscores a critical point. The ability to sift through vast codebases and flag suspicious patterns, a task that previously required highly skilled human security researchers many hours, can now be significantly accelerated by AI. This democratization of vulnerability discovery has profound implications for the cybersecurity industry.
The workflow employed by Vidoc was not a simplistic, single-prompt interaction. Instead, it mirrored the complexity of Anthropic’s described process. The "chunking strategy" used by the planning agent, which divided files into segments for the detection agent, was a key element. This process was not manually curated but was an output of the AI’s own planning phase, as the Vidoc team explicitly detailed in their accompanying blog post: "We want to be explicit about that because the chunking strategy shapes what each detection agent sees, and we do not want to present the workflow as more manually curated than it was." This transparency is vital for understanding the genuine capabilities and limitations of the public models in this context.
The Evolving Cybersecurity Landscape: Beyond Model Access
While the Vidoc study demonstrates that public models can replicate the discovery of vulnerabilities, it also acknowledges that these models may not yet match the full exploit development capabilities of Anthropic’s specialized "Mythos" model. Anthropic’s report, for instance, detailed how Mythos could go beyond merely identifying a flaw in the FreeBSD operating system to constructing a "working attack blueprint." This involved understanding how an attacker could chain together different code fragments across multiple network packets to achieve remote control of a machine. The Vidoc models, while adept at finding the "hole," did not demonstrate the capacity to "build the weapon" or fully map out the exploit path. This remains a significant differentiator and a critical area where specialized, highly advanced AI might still hold an advantage.
However, Moczadło’s central argument remains potent: the economic barrier to entry for vulnerability discovery is rapidly eroding. The "moat," he suggests, is shifting from exclusive access to the AI models themselves to the challenging process of "validation." In essence, the ability to generate potential leads and identify promising areas for security investigation is becoming significantly cheaper and more accessible. The more complex and resource-intensive task of transforming these leads into actionable, trusted security intelligence and exploits is where the current difficulty lies.
Anthropic’s own safety report implicitly supports this evolving landscape. The report noted that Cybench, a benchmark used to assess the cyber risk posed by AI models, was "no longer sufficiently informative of current frontier model capabilities" because Mythos had surpassed it entirely. Anthropic itself estimated that comparable capabilities would emerge from other AI labs within a timeframe of six to eighteen months. The Vidoc study suggests that the discovery aspect of these capabilities is already available outside of any restricted, invitation-only programs, and potentially much sooner than even Anthropic anticipated for general model parity.
Broader Implications and Future Outlook
The findings from Vidoc Security have far-reaching implications for the cybersecurity industry, government regulators, and AI development companies.
- For Cybersecurity Firms: The ability to leverage powerful, publicly available AI models for vulnerability discovery could dramatically increase the efficiency and reduce the cost of security audits and penetration testing. This could lead to more comprehensive security assessments and faster identification of previously undiscovered threats.
- For AI Developers: The study highlights the need for AI companies to move beyond simply restricting access to models as a primary security measure. The focus must shift towards developing robust validation, ethical deployment frameworks, and transparent communication about AI capabilities and risks.
- For Policymakers and Regulators: The notion that only a handful of entities possess the ability to uncover critical AI-driven security risks may be outdated. Policymakers will need to consider how to address the broader accessibility of these powerful AI tools and their potential misuse, rather than solely focusing on access control for a few "frontier" models.
- For the Open-Source Community: The success of using open-source coding agents like opencode with publicly available models underscores the growing power and potential of the open-source AI ecosystem in addressing complex security challenges.
The Vidoc team has made their full prompt excerpts, model outputs, and methodology appendix publicly available on their official website. This commitment to transparency allows for independent verification and further research, fostering a more collaborative approach to understanding and mitigating the security risks associated with advanced AI. As AI capabilities continue to advance at an unprecedented pace, the debate over their safety and accessibility will undoubtedly intensify, with studies like Vidoc’s playing a crucial role in shaping the narrative and informing the path forward. The cybersecurity world is now tasked with adapting to a reality where the tools for identifying sophisticated digital threats are becoming increasingly accessible, necessitating a renewed focus on defense, rapid response, and responsible innovation.