The AI giant also announced that Project Glasswing partners are being given access to the upgraded Mythos 5.
Anthropic’s Mythos is accelerating vulnerability discovery to machine speed, forcing the bug bounty industry and offensive security teams to adapt to a future where finding flaws is no longer the hard part.
The vulnerability is tracked as CVE-2026-11645 and it was reported in late April by an anonymous researcher.
AI-driven development is not something organizations can or should block. But it must be governed.
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose.
Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.
RegisterExplore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks.
Register
SecurityWeek’s CISO Forum 2026 Mid-Year Review is a virtual roundtable to evaluate the year’s most pressing challenges and share critical updates shaping the 2026 security landscape.
[June 10, 2026 | Virtual]
SecurityWeek’s 2026 Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
[July 15, 2026 | Virtual]
SecurityWeek’s AI Risk Summit is the leading conference where technology, security, and risk leaders converge with AI researchers, developers, and policy makers shaping the future of enterprise AI.
[August 11-12, 2026 | In-Person]
SecurityWeek’s CodeSecCon 2026 will bring together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
[August 19, 2026 | Virtual]
-
Three of the vulnerabilities fixed with the latest Patch Tuesday updates were publicly disclosed before Microsoft addressed them. (June 9, 2026)
-
Nearly half of the security holes, most allowing arbitrary code execution, have been fixed in Adobe’s Experience Manager product. (June 9, 2026)
-
A total of 18 vulnerabilities have been patched in the latest OpenSSL releases, including many that were potentially discovered by AI. (June 9, 2026)
-
Public LLM models with safeguards turned off can also build working exploits, increasing patch gap risks. (June 9, 2026)
-
Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities. (June 4, 2026)
-
Law enforcement and tech companies disrupted infrastructure linked to scammers operating across Southeast Asia. (June 4, 2026)
-
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. (June 2, 2026)
-
Dashlane’s security systems automatically locked accounts to protect them against the hacking attempts. (June 2, 2026)
