A few months ago I had this realization that agents have become really good at identifying bugs in code, especially security vulnerabilities. They are …

Embrace the Red's resource offers insights, tutorials, and resources for developers and enthusiasts interested in game development and game design. Readers can learn about game design principles, storytelling techniques, and game development tools. With articles, tutorials, and game reviews, Embrace the Red provides  guidance and expertise for creating immersive and engaging gaming experiences.

Embrace The Red

AI agents are becoming highly capable at finding and exploiting security vulnerabilities, a trend highlighted by Anthropic's announcement of 'Mythos Preview' — a gated model that dramatically outperforms previous models in identifying real-world bugs. Mythos found a 27-year-old OpenBSD bug, a FreeBSD NFS RCE, and succeeded at exploiting Firefox JS engine vulnerabilities 181 times versus twice for the prior model. Anthropic also launched Project Glasswing, a multi-company initiative backed by AWS, Microsoft, Cisco, and others, donating $100M in credits to secure critical open source software. Key concerns include the democratization of offensive security (non-security engineers waking up to working exploits), the narrowing window between patch disclosure and exploitation, and the eventual availability of comparable capabilities in open-weight models within 12-18 months. The biggest organizational challenge remains patch deployment speed — monthly patch cycles may soon be insufficient.

Given Enough Agents, All Bugs Become Shallow · Embrace The Red

Building Exploits for Newly Patched Vulnerabilities

Deploying Patches Remains the Big Challenge