Anthropic just ran a security scanner across open source infrastructure and found enough holes to keep every dev team awake for a year—then a government decided to test whether the scanner itself could be weaponized.
The Summary
- Anthropic's Mythos AI model detected 23,000 vulnerabilities across 1,000 open source projects, exposing the scale of unpatched security debt in critical infrastructure
- India's government immediately began testing the AI model itself for vulnerabilities, treating the security tool as a potential threat vector
- The rollout has triggered dual-use concerns—the same AI that finds bugs can teach bad actors where to look
- What gets found faster: the vulnerabilities or the exploits?
The Signal
Mythos found 23,000 security holes hiding in the plumbing of the internet. These aren't theoretical weaknesses in niche libraries. We're talking about vulnerabilities across 1,000 open source projects—the kind of code that runs everything from crypto wallets to hospital systems to the apps you forgot were even installed.
The scale alone is the story. Twenty-three thousand. That's not a security problem, that's a security ecosystem. Most of these flaws have been sitting there for months or years, waiting for someone with the right tools to notice them. Anthropic just gave everyone those tools.
"The detection of numerous vulnerabilities by AI highlights the urgent need for improved cybersecurity measures and faster patching processes."
But here's where it gets interesting. India's government didn't celebrate the find—they started probing Mythos itself. The logic is sound: if an AI can identify 23,000 exploits, what stops someone from reverse engineering the AI to generate attack vectors? The tool that protects you can teach your adversary exactly where to strike.
This is the dual-use dilemma at scale. Anthropic built a model that makes security teams more effective. It also makes attack planning more efficient. Release it widely and you accelerate patching. Restrict it and you create an information asymmetry where only well-funded actors get the advantage. There's no clean answer.
Key tensions emerging:
- AI security tools create attack surface while solving for it
- Government testing of commercial AI reflects zero-trust posture on third-party models
- The patching speed of human dev teams versus AI-assisted exploit discovery creates a dangerous gap
The growing need for global cooperation and regulatory frameworks isn't just diplomatic language. When one AI model can map the vulnerability landscape of the open source commons in hours, the old model of responsible disclosure and staggered patches breaks down. You need coordination at the speed of the AI, not the speed of committees.
The Implication
If you're building on open source infrastructure—and unless you wrote every line yourself, you are—assume some percentage of your stack just made Mythos's list. The responsible move is to treat this as a countdown clock. Those 23,000 vulnerabilities are now known quantities. Some will be patched this week. Others will be exploited before the maintainers even see the report.
For anyone shipping agents or handling tokenized assets, this matters more than most headlines. Your security posture just became a race between your dependencies getting patched and someone else finding the same holes Mythos found. India's testing approach is the template: trust nothing, verify everything, and assume the tools meant to help you could be turned against you. Start asking what vulnerabilities your own models or agents might be inadvertently teaching the next person in line.