Anthropic Warns LLMs Can Crank Out N-Day Exploits Cheap and Fast

Large language models are moving beyond code generation into the realm of offensive cybersecurity. Anthropic’s latest red‑team report shows its Mythos preview model can reverse‑engineer patches and craft functional N‑day exploits in a matter of hours, a task that traditionally required weeks of manual effort by seasoned hackers. In tests against 21 publicly disclosed bugs, including 18 from Microsoft’s own disclosures, Mythos produced a working exploit for the first vulnerability in just 31 minutes. The entire operation cost roughly $2,000 in compute tokens, illustrating how inexpensive automated exploit creation has become.

The speed and affordability of AI‑driven exploit development pose a stark challenge for defenders. Red‑team analysts noted that 14 of the tested flaws had previously been deemed “unlikely” to be weaponized, yet Mythos succeeded against the majority, highlighting a gap between traditional risk assessments and the capabilities of frontier models. Automated generation also lowers the barrier for less‑skilled actors, potentially expanding the pool of threat actors who can launch sophisticated attacks. Security teams must therefore augment patch management with AI‑aware detection and rapid response frameworks to stay ahead.

Industry response will likely accelerate investment in AI‑enhanced defenses and governance. Companies are expected to adopt model‑level monitoring, enforce strict token‑usage limits, and collaborate on threat‑intel sharing that incorporates AI‑generated indicators of compromise. Regulators may consider guidelines for responsible AI use in cybersecurity, balancing innovation with public safety. As language models continue to improve, the line between defensive research and offensive capability will blur, making proactive, collaborative strategies essential for protecting critical infrastructure in an AI‑augmented threat landscape.