Claude nabs 23-year-old Linux bug, $3.7M exploits

Anthropic’s Nicolas Carlini revealed that Claude Opus 4.6 (and the upcoming "Mythos" model) has demonstrated superhuman vulnerability discovery, identifying a 23-year-old Linux kernel heap overflow that survived two decades of human audits. Beyond identifying ancient kernel bugs, Claude agents autonomously exploited real-world smart contracts worth $3.7 million and discovered a Ghost CMS zero-day within 90 minutes. This shift from code assistant to autonomous security researcher highlights a significant leap in AI-driven offensive and defensive capabilities, potentially outpacing human defenders in critical software infrastructure.