Anthropic’s Claude Mythos Found Zcash Flaw in Hours That Auditors Missed for Years

Published by James Harris on June 24, 2026June 24, 2026

Anthropic’s Claude Mythos found exploitable weaknesses in classified US government systems within hours, not the weeks that security teams had anticipated, according to reporting by the Associated Press citing an unnamed official. The model did not fully exploit those vulnerabilities in the same timeframe, but the distinction between “found” and “exploited” is narrowing faster than most defensive frameworks were built to handle.

The more useful comparison here is not to quantum computing threats, which have dominated the theoretical risk conversation around crypto for years, but to what Mythos already demonstrated in practice. In early June, the model uncovered a critical vulnerability in Zcash’s Orchard shielded pool that had gone undetected for four years, and ZEC dropped 53% before the patch was confirmed. OpenBSD, an operating system built around the premise that relentless adversarial review produces secure code, still yielded a 27-year-old flaw to Mythos. Bitcoin operates under a similar philosophy of deliberate, conservative code review, and that confidence now deserves a harder look. The UK’s AI Security Institute separately found Mythos breached target systems 73% of the time in its own testing, according to the BBC.

Q2 2026 is already tracking toward a record quarter for hacks, and the proliferation of capable AI tools is not incidental to that trend.

For crypto projects, the practical implication is that audit timelines and methodologies built around human review cycles are structurally mismatched to the threat. A model that can scan FFmpeg’s video processing library after five million prior human test passes and still surface a 16-year-old bug is not incrementally better than existing tooling. Projects relying on the absence of a known exploit as a proxy for security are operating on borrowed time, and the restricted deployment of Mythos to a narrow set of government and institutional partners means offensive and defensive access to this capability are not symmetrically distributed.

Washington’s posture on Mythos remains incoherent in ways that matter. The Commerce Department ordered export suspensions on June 12, the Pentagon designated Anthropic a supply chain risk in March, Anthropic sued, a federal judge blocked enforcement, and then President Trump said on June 19 he no longer considers the company a national security threat, two days after meeting CEO Dario Amodei at the G7. The export controls and Pentagon designation both remain active regardless. A government simultaneously deploying a model as a critical defensive asset through Project Glasswing while treating it as an uncontrollable offensive weapon is not running a coherent policy, and that incoherence directly shapes which organizations get access and which do not.

Anthropic sought to expand Mythos availability from roughly 50 organizations to 120. The White House blocked the expansion, citing both national security concerns and compute capacity constraints. Until that access question resolves, the gap between institutions that can use Mythos defensively and those that cannot is the actual risk surface.