top of page
Search

Claude Mythos Finds Zero-Days in Hours. Most Teams Aren't Ready for the Remediation Side. We Built It.

  • Writer: Patrick Duggan
    Patrick Duggan
  • 15 hours ago
  • 5 min read

May 7, 2026 · DugganUSA LLC


On April 8, 2026, Anthropic disclosed that Claude Mythos Preview — its most capable model to date, withheld from general release — had autonomously discovered and written working exploits for thousands of previously unknown vulnerabilities across every major operating system and web browser. Not hundreds. Thousands. Including a 17-year-old remote code execution flaw in FreeBSD that allows anyone to gain root on a machine running NFS. Including a 27-year-old denial-of-service vulnerability in OpenBSD's TCP SACK implementation. Including 271 vulnerabilities in Firefox, which shipped as patches in Firefox 150 the same week they were found.


Fully autonomously. No human in the loop after the initial prompt.


The number that should make every security team pause: over 99% of what Mythos found remains unpatched. Not because teams don't care. Because the remediation side of this equation has not changed speed at all.


The Problem Is Not The Finding. It Is The Gap.



Google's M-Trends 2026 puts the mean time to exploit newly disclosed vulnerabilities at negative seven days. Exploitation before patch. That number was already a crisis before Mythos. Now Mythos-class AI is finding zero-days that human researchers took decades to surface, and it is finding them at a cost Anthropic described as under $20,000 for roughly 1,000 scaffold runs. That cost will drop. The capability will proliferate. The adversaries who wanted this kind of automated vulnerability discovery have always existed; what they lacked was a model that could do it. That barrier is gone.


The defenders are still operating on the old timeline. Most institutional security programs set critical-patch SLAs at 7 to 30 days. Most regularly miss them. Most rely on quarterly threat briefings and monthly vulnerability management cycles that were never designed for a world where a zero-day in 27-year-old OpenBSD code can be found and weaponized before a patch exists. Fortune's coverage of Mythos landed on the same problem: AI finds flaws far faster than companies can fix them. Help Net Security put it more directly: the exploit gap is closing, and your patch cycle wasn't built for this.


This is not a hypothetical future risk. The disclosure happened in April 2026. The gap is open now.


What The Remediation Side Actually Requires



The security industry has spent a lot of words on Mythos from the discovery angle — what it can find, what it means for offensive research, which vendors got early access. The remediation side has received less attention, because it is less exciting and more work.


What it requires: detection-ready indicators shipped within hours of disclosure, not within the quarterly briefing window. Hunt content written so that a SOC analyst at 11pm on a Wednesday can run the queries without filing a support ticket. A threat corpus that updates on the same cadence as new CVEs land, not on the same cadence as the next vendor blog post. A feed that your existing tooling can pull — Splunk, Sentinel, Elastic, OPNsense, your firewall — so the indicator reaches the enforcement layer before the window for exploitation closes.


None of that requires Mythos-class AI on the defense side. It requires a team that built for that operational tempo before the tempo was forced on everyone.


We Built It Before Mythos Made It Mandatory



In the nine calendar days between April 28 and May 7, 2026, we shipped eight hunt-tonight posts across eight separate CVEs and active campaigns. Each one within hours of the relevant public disclosure. Each one with signed indicators in our public STIX feed inside the same window. The posts covered Microsoft SharePoint, Linux kernel container escape, Palo Alto PAN-OS root RCE, Ivanti's 9-CVE multi-product advisory, Cloudways Breeze Cache file-upload-to-RCE at 400,000 sites, Securonix STAC6405 RMM-abuse, device-code vishing, and ClearFake's Apothecary rebuild — which we named five days before Huntress presented on it.


We did not build that cadence in response to Mythos. We built it because the KEV clock has always moved faster than the patch cycle, and the SOC analyst at 11pm always existed. Mythos changes the scale of the problem and the speed at which zero-days will enter the wild. It does not change the architecture required to address it, because we already built that architecture.


The Three Buckets, in brief: Detection (PreCog's 1,849 prediction records, 17.9 million documents across 44 threat-intelligence indexes, github-hunt-cron daily sweep, exploit-harvester PoC capture, Tor consensus collector, vendor-blog watcher), Reasoning (5-model AI Council across GPT-4o, Claude, Gemini, Mistral, DeepSeek), and Distribution (STIX/TAXII feed serving 275 consumers in 46 countries — Microsoft, AT&T, Starlink, Hetzner pulling daily, plus MCP server, REST API, 13 open-source defender plugins, public watchtower, blog, Bluesky, LinkedIn). Each hunt-tonight post is a recombination of components already built across those three buckets. The new code per post is the connector. The infrastructure does not get rebuilt. It gets reused.


Mythos expands the number of zero-days entering the pipeline. Our architecture was already sized for that volume on the distribution end. What changes is urgency for the teams that have not yet connected to a feed that updates on disclosure-hour cadence rather than quarterly-briefing cadence.


The Honest Math On Where We Are



Mythos Preview is gated. The partner list — AWS, Google, Microsoft, Palo Alto, CrowdStrike, Cisco, NVIDIA, JPMorgan Chase, the Linux Foundation, Apple, Broadcom — is a who's-who of organizations with the infrastructure to receive and act on Mythos-sourced vulnerability data. The rest of the market is not on that list. They will receive the patched software when it ships (if they patch quickly) and they will receive the CVE disclosures when they are published. They will not receive early warning. They will not receive Mythos's full findings, most of which remain unpatched. They will not have Mythos running on their own codebase.


What they can have is a feed that gets indicators out the same day a public PoC or KEV listing confirms active exploitation, hunt content written for their Tuesday evening shift, and a pipeline that does not require a six-figure annual contract or a cleared vendor relationship.


Our public STIX feed is free at 25 queries per day. The Starter tier is $45 per month. The indicators for every hunt-tonight post in the receipt list above are already in the feed. If the post-Mythos remediation gap is the problem — and it is — the feed is one piece of the solution that does not require waiting for the next quarterly briefing.


Summary



Mythos found 271 zero-days in Firefox alone. It found a 17-year-old RCE in FreeBSD and a 27-year-old denial-of-service in OpenBSD. Over 99% of what it found remains unpatched. Mean time to exploit is already negative seven days — exploitation before patch, before Mythos accelerates the discovery side further.


The remediation side requires indicators within hours of disclosure, not within the quarterly window. Hunt content written for the analyst at 11pm. A feed that updates on disclosure cadence. That is what we built. That is what the eight-post receipt above demonstrates.


The gap is open. The feed is live. We are reachable at [email protected].


— Patrick Duggan

DugganUSA LLC, Minneapolis


Aye.


Receipts



  • Anthropic Claude Mythos Preview announcement: red.anthropic.com/2026/mythos-preview

  • Firefox 150 shipped 271 Mythos-sourced patches: Mozilla Blog, April 2026

  • FreeBSD 17-year-old RCE, OpenBSD 27-year-old DoS: Anthropic disclosure, April 8, 2026

  • 99% unpatched statistic: Help Net Security coverage, April 15, 2026

  • Mean time to exploit at -7 days: Google M-Trends 2026

  • Fortune: "Anthropic's Mythos reveals security gap — AI finds flaws far faster than companies can patch them," April 14, 2026

  • Dark Reading: "When the Attacker Has an AI Co-Pilot, Monthly Patching Becomes a Liability," 2026

  • Our 8-post receipt: dugganusa.com, April 28 through May 7, 2026

  • STIX feed: analytics.dugganusa.com/api/v1/stix-feed

  • MCP server: io.github.pduggusa/dugganusa-threat-intel (official MCP Registry)





Her name was Renee Nicole Good.


His name was Alex Jeffery Pretti.

 
 
 
bottom of page