Summary
- Advanced AI models are being utilized to find software vulnerabilities.
- Systems like Claude Mythos, Claude Opus, and GPT-5.5 are being employed in research across various software platforms.
- AI's impact is now reaching the crypto sector, with Claude Opus 4.8 playing a role in identifying a significant vulnerability in Zcash.
The most recent AI advancements are not limited to generating text or images; they are increasingly being harnessed to detect software vulnerabilities. Tools such as Anthropic’s Claude Mythos and Claude Opus 4.8, along with OpenAI’s GPT-5.5, are becoming integral in vulnerability research, raising important questions regarding their widespread availability.
This week, crypto investors were alerted to the potential dangers posed by advanced AI when Zcash developers revealed that Claude Opus 4.8 was instrumental in identifying a serious vulnerability that could have allowed an attacker to create an unlimited amount of ZEC. The inherent design of the network means it is currently impossible to definitively ascertain if any counterfeit ZEC was minted, contributing to a significant drop in ZEC's market value late this week.
Experts caution that as AI tools continue to evolve and become more accessible, additional vulnerabilities are likely to be uncovered in the near future. Here’s an exploration of the escalating risks and their current effects on the crypto landscape.
Initially, AI models served as coding assistants, aiding developers in writing, explaining, and debugging code. As technology advanced, these systems began to be utilized for code reviews, software audits, and vulnerability assessments.
This evolution coincided with a broader trend in AI application within software development. Following the introduction of Claude Code in 2025, Anthropic noted a significant rise in AI-generated code within its engineering teams, marking a shift from merely suggesting code to the ability to write and execute it.
Security experts believe the implications of this shift extend far beyond aiding developers. Danny Jenkins, CEO and co-founder of ThreatLocker, stated to Decrypt, "AI is much more proficient at reviewing code compared to most individuals and can effectively identify potential vulnerabilities." He added that present AI systems are already speeding up the discovery of vulnerabilities, and newer models like Mythos could greatly enhance these capabilities, which he describes as an imminent “big problem.”
“It’s only a matter of time before a malicious actor gets access to it,” he warned.
Jenkins noted that AI is also making vulnerability research more accessible, enabling a greater number of individuals to analyze code, spot weaknesses, and create exploits. With the availability of more sophisticated systems, he anticipates an uptick in the rate of vulnerability discoveries.
"Prior to the advent of AI, cybersecurity threats and exploits increased annually," he explained. "With AI, the pace has accelerated even more, and this is due to two reasons: the use of AI in finding vulnerabilities and the growing number of individuals capable of doing so. You no longer need to be an expert to participate."
As AI tools have advanced, companies have begun incorporating them into their cybersecurity strategies. Recently, Anthropic expanded access to Project Glasswing, allowing 150 companies and institutions to utilize Claude Mythos in identifying and addressing software vulnerabilities before a broader release of the model.
Earlier this year, Mozilla reported that Anthropic's models had assisted in identifying hundreds of vulnerabilities, which were subsequently addressed in the Firefox browser. Researchers at Calif also utilized Mythos Preview in creating one of the initial public exploits targeting Apple’s M5 chips.
Stanislav Fort, a former researcher at Google DeepMind and Anthropic, now leading security firm Aisle, acknowledged the validity of concerns surrounding AI-driven vulnerability discovery but emphasized that they are often misunderstood.
“The naive approach is to restrict access to powerful models, which amounts to security by obscurity—one of the worst strategies in this field,” Fort shared with Decrypt. "The potential for zero-day discoveries is already widely available across models that cannot be restricted. Merely trying to confine it doesn't mitigate the risk; it postpones it while hindering defenders who most need these tools."
Fort highlighted that the real danger lies in defenders—particularly those maintaining open-source projects—lacking access to the advanced AI tools that attackers can utilize.
“This imbalance poses the greatest threat,” he stated. “The solution lies not in restrictions but in democratizing the defensive tools available."
Anthropic is not the only organization focusing on AI models for cybersecurity. In May, Microsoft launched MDASH, a vulnerability discovery system that reportedly identified previously unknown flaws in Windows.
Impact on Crypto
The influence of AI-driven vulnerability detection is beginning to manifest in the crypto and DeFi sectors. Blockchain initiatives are particularly appealing targets due to the significant financial stakes involved and the open-source nature of much of their code. Jenkins noted that as AI improves in locating software flaws, open-source crypto projects may become more susceptible to scrutiny from both security researchers and malicious actors.
A clear instance of AI's capacity to assist researchers in uncovering previously overlooked vulnerabilities is demonstrated by independent security researcher Taylor Hornby, who disclosed a critical flaw in Zcash's Orchard privacy pool, aided by Claude Opus 4.8.
This vulnerability could have permitted an attacker to generate unlimited counterfeit ZEC and had remained undetected for years until it was addressed. The current status of whether the exploit was utilized remains uncertain.
"The vulnerability existed from Orchard's launch in May 2022 until the emergency fix was applied on June 1, 2026," stated Shielded Labs, the organization responsible for Zcash’s development, in their disclosure. "Due to Orchard's privacy features and the nature of the bug, it is impossible to determine through cryptography alone if exploitation occurred."
This incident occurs as DeFi protocols are experiencing one of their most challenging years regarding exploits. Over $840 million was reported stolen from DeFi projects during the first five months of 2026, with more than $600 million lost in April alone due to attacks on platforms like KelpDAO and Drift Protocol.
The emergence of 'vibe hacking,’ where attackers leverage AI coding agents for tasks such as reconnaissance, credential theft, and malware development, has raised alarms about AI lowering the barriers for executing sophisticated cyberattacks.
Natalie Newson, a senior blockchain investigator at Web3 security platform CertiK, noted that while April was particularly harsh for crypto exploits, the overall trend remains relatively stable and below the peak figures previously observed.
“April 2026 was indeed a difficult month for crypto exploits; there were only three days without an exploit resulting in at least $10,000 being stolen,” she noted. “However, in a broader context, the number of incidents—excluding phishing—has been fairly consistent and still lower than the peak levels seen in 2023.”
While AI is facilitating DeFi exploits, Blockaid CTO Raz Niv suggested that the greater risk is not AI replacing hackers but rather enhancing their capabilities, enabling attackers to concentrate on more advanced techniques while AI manages routine tasks.
“The silver lining is that defenders can utilize the same tools,” he remarked. “AI-assisted monitoring and simulation are becoming essential for security teams attempting to keep pace with these developments.”