Claude Mythos Preview Uncovers 30-Year-Old Zero-Day macOS Flaws

Alex Reeve May 15, 2026

3 min read

Apple and a dozen global tech leaders race to secure critical infrastructure as an unreleased Anthropic model unmasks thousands of latent zero-day flaws across macOS and other major operating systems. The discovery of these high-severity weaknesses, some of which sat dormant in core kernels for nearly 30 years, forces a fundamental shift in defensive security scanning.

Anthropic’s Claude Mythos Preview identifies thousands of latent zero-day vulnerabilities across macOS, iOS, and major operating systems in an autonomous security scan.
The model unmasks a 27-year-old kernel flaw and over 99 percent of discovered vulnerabilities remained unpatched prior to the Anthropic disclosure.
Apple joins the Project Glasswing coalition to secure infrastructure as AI firepower shrinks the window between vulnerability discovery and large-scale exploitation.

Listen to this article

READY

Anthropic disclosed the technical results of its frontier model, Claude Mythos Preview, in early April 2026. The announcement arrived as part of the “Project Glasswing” initiative, a defensive coalition that granted monitored access to a select group of partners including Apple, AWS, Google, Microsoft, Cisco, CrowdStrike, NVIDIA, and JPMorganChase. The model demonstrated a striking ability to autonomously identify and exploit zero-day vulnerabilities in every major operating system and web browser. Apple deployed the system to hunt flaws in macOS, iOS, and Safari to harden foundational software before adversaries could wield similar AI firepower.

The model operated with minimal human steering during internal red-team testing. It surfaced thousands of high-severity issues that had survived decades of traditional manual audits and automated fuzzing. Publicly documented findings included a 27-year-old remote kernel crash in the OpenBSD TCP SACK implementation and a 16-year-old out-of-bounds write in the FFmpeg H.264 decoder. The model also identified a 17-year-old unauthenticated remote code execution flaw in the FreeBSD NFS server, now tracked as CVE-2026-4747, which granted root access to attackers. Anthropic reported that over 99 percent of the identified vulnerabilities remained unpatched at the time of disclosure. The firm provided cryptographic commitments to maintainers instead of full public details to verify the findings without arming malicious actors.

The involvement of Apple in the coalition carried direct weight for the macOS user base. The company historically marketed its platforms as more secure than Windows alternatives, relying on proprietary features like Gatekeeper, System Integrity Protection (SIP), and hardened runtime. Anthropic’s research showed that these layered defenses still hid subtle weaknesses such as race conditions, KASLR bypasses, and sandbox escapes. The model’s success on closed-source binaries proved especially relevant for Apple’s proprietary ecosystem, where external security researchers often struggle with limited visibility.

Anthropic deliberately kept Mythos Preview out of public hands due to its demonstrated dual-use potential. Launch partners received controlled access alongside a commitment of up to $100 million in combined model credits. The company added $4 million in direct funding to support open-source security maintainers. Mac administrators and enterprise security teams reported a marked acceleration in software update cycles in the weeks following the start of the initiative.

Advertisement · Press Release

Genuine News Deserves Honest Attention.

High-conviction projects require an intelligent audience. Connect with readers who value sharp reporting.

👉 Submit Your PR

Everyday users and companies running fleets of Apple devices now operate under tighter security timelines. A single unpatched flaw that bypasses sandboxing or privilege controls could allow malware to persist across reboots or exfiltrate sensitive financial and health data. Enterprises in regulated sectors faced added urgency to apply the latest security patches as the window from vulnerability discovery to exploitation continued to shrink.

Chain Street’s Take

Mythos did not invent these bugs; it simply proved that human engineers have been overlooking critical vulnerabilities for nearly three decades. Apple’s decision to join Project Glasswing is a pragmatic admission that manual audits are no longer sufficient to protect a modern operating system against machine-scale threats. For Mac users and IT departments, the era of “set it and forget it” security is over. When an AI can find a 27-year-old bug in a single afternoon, the window to patch is measured in hours, making every software update an absolute priority for institutional and retail holders alike.

1views

CHAIN STREET INTELLIGENCE

Activate Intelligence Layer

Institutional-grade structural analysis for this article.

FAQ

Frequently Asked Questions

What is Claude Mythos Preview?

Claude Mythos Preview is an unreleased Anthropic model designed for autonomous cybersecurity vulnerability discovery and exploitation. It identifies high-severity zero-day flaws across kernels, browsers, and binaries with minimal human steering. This technology allows defensive coalitions to harden software foundations before malicious actors deploy similar machine-scale firepower.

Why does this matter for the technology industry?

The discovery proves that legacy software kernels hide thousands of critical vulnerabilities that survived decades of traditional manual audits. Tech giants like Apple and Microsoft must now pivot to AI-driven defensive scanning to protect global digital infrastructure. Failure to accelerate patching cycles leaves enterprise fleets vulnerable to automated malware that bypasses traditional sandboxing.

How will Apple and Project Glasswing partners execute this?

Apple and a dozen partners received monitored access to the Mythos model via the Project Glasswing initiative in early April 2026. These firms are currently deploying the system to hunt flaws in macOS, iOS, and Safari while providing cryptographic commitments to maintainers. The coalition is utilizing $100 million in model credits to secure foundational code before public disclosure.

What are the risks of Mythos AI?

The model's demonstrated dual-use potential creates a significant risk if the technology or its identified vulnerabilities reach unauthorized hands. Critics argue that restricted access models favor large corporations like NVIDIA and Google while leaving smaller developers with limited visibility. Relying on an AI to find bugs may also foster a false sense of security regarding unprobed areas.

How will this affect the future of operating system security?

Operating systems will transition from manual patching schedules to automated, hours-long update cycles to counter machine-speed exploit discovery. Anthropic is providing $4 million in funding to help open-source maintainers keep pace with AI-generated security reports. Proactive AI auditing will likely become a mandatory standard for all regulated financial and health infrastructure.