Anthropic's Claude Opus 4.6 finds 500+ security flaws, sparking dual-use concerns

Anthropic says its new Opus 4.6 platform found over 500 previously unknown high-severity security flaws in open-source libraries during testing

Focused on securing open-source software, with patches already landing; company urges rapid action while AI can still deliver at scale Anthropic has released Claude Opus 4.6, the latest version of its most powerful large language model (LLM), and claims it is "notably better" at finding high-severity vulnerabilities compared to previous models. In fact, Opus 4.6 has so far managed to find more than 500 such flaws. Anthropic said Opus 4.6 stood out with the way it found vulnerabilities "out of the box without task-specific tooling, custom scaffolding, or specialized prompting." It also added unlike fuzzing, which is a standard vulnerability hunting technique, Opus works by reasoning about the code "the way a human researcher would", meaning it was looking at past fixes to find similar bugs that weren't addressed, spotting patterns that tend to cause problems, and was understanding logic "well enough to know exactly what input would break it." Even using it on some of the most well-tested codebases, projects that had fuzzers running against them for years, Opus still managed to find high-severity flaws that were flying under the radar for "decades". Anthropic said it started using Claude to help fix flaws in open-source software, mostly because it runs "everywhere, from enterprise systems to critical infrastructure", and because vulnerabilities in this software are felt across the internet. Furthermore, much of the popular open-source software in use today is maintained by a small team of volunteers, meaning resources are more than limited. The results have been notable, the company says: "So far, we've found and validated more than 500 high-severity vulnerabilities. We've begun reporting them and are seeing our initial patches land, and we're continuing to work with maintainers to patch the others." It concludes that AI models can now find high-severity vulnerabilities at scale, but stressed that it might not be the case in the near future. "This is a moment to move quickly to empower defenders and secure as much code as possible while the window exists."

Anthropic's newest model excels at finding security vulnerabilities, but raises cybersecurity risks | Fortune

Frontier AI models are no longer merely helping engineers write code faster or automate routine tasks. They are increasingly capable of spotting their mistakes. Anthropic says its newest model, Claude Opus 4.6, excels at discovering the kinds of software weaknesses that underpin major cyberattacks. According to a report from the company's Frontier Red Team, during testing, Opus 4.6 identified over 500 previously unknown zero-day vulnerabilities -- flaws that are unknown to people who wrote the software, or the party responsible for patching or fixing it -- across open-source software libraries. Notably, the model was not explicitly told to search for the security flaws, but rather it detected and flagged the issues on its own. Anthropic says the "results show that language models can add real value on top of existing discovery tools," but acknowledged that the capabilities are also inherently "dual use." The same capabilities that help companies find and fix security flaws can just as easily be weaponized by attackers to discover and exploit the vulnerabilities before defenders can find them. An AI model that can autonomously identify zero-day exploits in widely used software could accelerate both sides of the cybersecurity arms race -- potentially tipping the advantage toward whoever acts fastest. Representatives for Antropic did not immediately respond to a request for comment on the cybersecurity risks. However, Logan Graham, head of Anthropic's frontier red team, told Axios that the company views cybersecurity as a competition between offense and defense, and wants to ensure defenders get access to these tools first. To manage some of the risk, Anthropic is deploying new detection systems that monitor Claude's internal activity as it generates responses, using what the company calls "probes" to flag potential misuse in real time. The company says it's also expanding its enforcement capabilities, including the ability to block traffic identified as malicious. Anthropic acknowledges this approach will create friction for legitimate security researchers and defensive work, and has committed to collaborating with the security community to address those challenges. The safeguards, the company says, represent "a meaningful step forward" in detecting and responding to misuse quickly, though the work is ongoing. OpenAI, in contrast, has taken a more cautious approach with its new coding model, GPT-5.3-Codex, also released on Thursday. The company has emphasized that while the model was a bump up in coding performance, serious cybersecurity risks come with those gains. OpenAI CEO Sam Altman said in a post on X that GPT-5.3-Codex is the first model to be rated "high" for cybersecurity risk under the company's internal preparedness framework. As a result, OpenAI is rolling out GPT-5.3-Codex with tighter controls. While the model is available to paid ChatGPT users for everyday development tasks, the company is delaying full API access and restricting high-risk use cases that could enable automation at scale. More sensitive applications are being gated behind additional safeguards, including a trusted-access program for vetted security professionals. OpenAI said in a blog post accompanying the launch that it does not yet have "definitive evidence" the model can fully automate cyberattacks but is taking a precautionary approach, deploying what it described as its most comprehensive cybersecurity safety stack to date, including enhanced monitoring, safety training, and enforcement mechanisms informed by threat intelligence.