Anthropic's Mythos AI finds no serious bugs in Zcash after forgery fix

The Vulnerability and Response

On June 3, Zcash developers temporarily suspended Orchard transactions after discovering a vulnerability in the shielded pool. Functionality was restored later that day through an emergency upgrade.

The issue stemmed from a four-year-old forgery bug in the Orchard shielded pool discovered by security researcher Taylor Hornby with help from Anthropic's Claude Opus 4.8 model. The Zcash Foundation said there was no evidence the vulnerability was exploited and no unauthorized value creation was detected. User privacy remained unaffected.

Anthropic's Mythos Release and Suspension

Anthropic released the first public version of its Claude Mythos model, Fable 5, on Tuesday. The company said Fable 5 was made safe for general use and includes safeguards that reroute some topics, such as cybersecurity, to a different model, Claude Opus 4.8.

During its brief public availability, the Mythos model uncovered more than 10,000 high or critical-severity vulnerabilities in systemically important software. On Friday, Anthropic suspended access to Fable 5 and Mythos 5 due to a US government export control directive citing national security concerns.

Cybersecurity Implications

Mitchell Amador, CEO of bug bounty platform Immunefi, characterized the proliferation of new AI models as a "vulnerability apocalypse" that has shifted the cybersecurity playing field in favor of threat actors. Crypto hacks surged to $634 million in April, the highest monthly value since the Bybit hack in February 2025.

The timing of Mythos's public release and the subsequent April surge in hacks underscores the dual-edged nature of AI-powered security tools. While they enable defenders to identify vulnerabilities faster, they also equip attackers with similar detection capabilities—a dynamic that's reshaping how the industry approaches threat prevention.