AI Exploit Generation: From Patch to Weapon in Minutes
AI exploit generation is the use of advanced AI systems to analyse public software patches, identify the underlying vulnerabilities, and automatically produce working exploits in a time frame measured in minutes or hours instead of weeks or months. Anthropic’s recent research on its Claude Mythos Preview model shows how dangerous this has become. Their red team took patched vulnerabilities in Mozilla Firefox and the Microsoft Windows kernel and, without prior training on those specific bugs, steered the model from public patch information to functioning proof-of-concept exploits. One Windows kernel exploit was produced in 31 minutes, and several Firefox exploits were created in under an hour. This means software patch vulnerabilities no longer enjoy the traditional grace period before attackers catch up: the gap between disclosure and automated exploit creation is collapsing toward zero.
How AI Collapses the Patch Gap and Speeds N‑Day Attacks
For years, defenders relied on a practical delay between a vendor releasing a fix and attackers turning it into a reliable exploit. Anthropic’s work shows that delay eroding fast. Their tests focused on N‑day vulnerabilities, where the flaw is patched but many systems remain unpatched. By comparing vulnerable and fixed versions of Windows kernel binaries with tools like Ghidra and public debug symbols, Claude Mythos Preview automated key steps of patch diffing and exploit crafting. The model generated proof‑of‑concept crashes for 18 of 21 Windows kernel bugs, all within six hours, and produced eight full exploit chains that escalated a low‑privilege user to SYSTEM‑level control, with an average API cost of about USD 2,000 (approx. RM9,200) per exploit. Anthropic notes that Microsoft had rated most of these vulnerabilities as unlikely to be exploited by human researchers.
Patch Management in an Era of Near‑Instant Exploits
These results mean security teams must assume that the release of a public patch effectively signals the existence of an exploit, even if none has appeared on underground markets yet. In Firefox testing, Mythos Preview took public code diffs and two SpiderMonkey builds and converted 14 of 18 patches into proof‑of‑concept crashes, then eight into full arbitrary code execution exploits. The first Firefox exploit was completed in under an hour, while the relevant stable browser release remained 18 days away. Anthropic compared this against typical deployment timelines such as Windows Autopatch, where about 90 percent of enrolled devices receive updates around day seven, with forced reboots at day eleven. When automated exploit creation completes in hours and patch rollouts take days, any exposed browser, operating system component, or widely used library becomes a high‑risk target during that window.
Project Glasswing: Defensive AI on a Knife Edge
Anthropic’s Project Glasswing shows both the promise and danger of frontier AI in security. The program, now involving around 200 partners, gives selected organisations controlled access to Claude Mythos Preview for defensive work such as bug hunting and exploit analysis. Cisco reports that using Mythos Preview and GPT 5.5‑Cyber, it scanned 1.8 billion lines of code in more than 25 languages over eight weeks, work that would have taken its security team about eight years. With a human‑guided harness, Cisco says it kept false positives under 3 percent and delivered actionable findings instead of noise. At the same time, Anthropic warns that models capable of this level of automated exploit creation are dual‑use by nature. The same techniques that help defenders find and fix flaws can be weaponised by threat actors to scale automated exploit creation and zero‑day attack acceleration.
What Security Teams Should Do Now
Security leaders need to update assumptions, tooling, and playbooks around software patch vulnerabilities. First, treat public patches and advisories as signals that an exploit may already exist, driven by AI exploit generation. Compress internal patch testing where possible, prioritise exposed services, browsers, and OS components, and use staged rollouts that move fastest on internet‑facing systems. Second, invest in continuous code scanning and bug discovery, including carefully governed AI tools similar to those in Project Glasswing, so more vulnerabilities are identified and fixed before disclosure. Third, update risk models: vendor exploitability ratings calibrated to human effort may no longer match what automated exploit creation can achieve. Finally, prepare incident response plans that assume rapid N‑day exploitation, with monitoring tuned to detect exploit chains that appear within hours of patch release, not weeks later.
