Frontier AI models are increasingly being used by researchers to identify software vulnerabilities across browsers, operating systems, and open-source platforms. Zcash developers disclosed this week that Claude Opus 4.8 helped discover a critical vulnerability that could have enabled an attacker to mint unlimited ZEC, with the flaw present from Orchard's activation in May 2022 until an emergency fix deployed on June 1, 2026. The technology's expanding role in vulnerability research is raising concerns about widespread access to these capabilities, particularly as crypto and DeFi projects face mounting security challenges with more than $840 million stolen in the first five months of 2026.
AI Models Transition from Coding Assistants to Security Tools
Early AI models were professionally used as coding assistants, helping developers write, explain, and debug software. The transition from coding assistant to security tool coincided with a broader shift following the launch of Claude Code in 2025, when Anthropic reported a sharp increase in AI-generated code across its engineering teams.
"AI is far better at reviewing code than most people and finding potential vulnerabilities in it," Danny Jenkins, CEO and co-founder of ThreatLocker, told Decrypt. Jenkins said current AI systems are already accelerating vulnerability discovery, while newer models such as Mythos could significantly expand those capabilities.
Jenkins said AI is lowering the barriers to entry for vulnerability research, allowing more people to analyze code and identify weaknesses. "Pre-AI, cybersecurity threats and exploits were increasing every year," he said. "Post-AI, it's become even faster, and I think it's become faster for two reasons. One is that you can now use AI to help find vulnerabilities and exploits, and the number of people who have the ability to do this has massively grown."
Companies Deploy AI for Vulnerability Discovery Across Multiple Platforms
On Tuesday, Anthropic expanded access to Project Glasswing, giving 150 companies and institutions access to Claude Mythos to help identify and remediate software vulnerabilities before the model is released more broadly.
In April, Mozilla disclosed that Anthropic's models helped identify hundreds of vulnerabilities that it fixed in the Firefox web browser, while researchers at Calif used Mythos Preview during work that produced one of the first public exploits targeting Apple's M5 chips.
Stanislav Fort, a former researcher at Google DeepMind and Anthropic and now founder and chief scientist of security firm Aisle, told Decrypt that concerns about AI-powered vulnerability discovery are valid but often misunderstood. "The naive response is to try to gatekeep access to powerful models. I think this is essentially security by obscurity, and security by obscurity is one of the worst ideas in the field," Fort said.
In May, Microsoft introduced MDASH, an agentic vulnerability discovery system that the company said helped identify previously unknown Windows vulnerabilities.
Zcash Vulnerability Highlights AI Impact on Crypto Security
Independent security researcher Taylor Hornby disclosed the critical vulnerability in Zcash's Orchard privacy pool that he discovered with the assistance of Claude Opus 4.8. The flaw could have allowed an attacker to create unlimited counterfeit ZEC.
"The vulnerability was present from Orchard's activation in May 2022 until the emergency fix was deployed on June 1, 2026," Shielded Labs, the organization behind Zcash development, wrote in a disclosure post. "Due to the privacy properties of Orchard and the nature of the bug, there is no definitive way to determine, using only cryptography, whether such exploitation occurred."
More than $840 million was stolen from DeFi projects in the first five months of 2026, including more than $600 million in April alone across attacks on projects including KelpDAO and Drift Protocol.
Natalie Newson, senior blockchain investigator at Web3 security platform CertiK, said that while April was unusually severe for crypto exploits, the broader trend remains more stable. "April 2026 was a bad month for crypto exploits; there were only three days without an exploit in which at least $10,000 was taken," she said. "However, when we take a look at the wider picture, the number of incidents (excluding phishing) has arguably been fairly consistent and still lower than a peak in 2023."
Raz Niv, CTO of Blockaid, said the bigger risk is not AI replacing hackers but amplifying them, allowing attackers to focus on more sophisticated techniques while AI handles routine tasks. "The good news is defenders can use the same tools," he said. "AI-assisted monitoring and simulation is becoming essential for security teams trying to keep pace."
FAQ
What vulnerability did Claude Opus 4.8 help discover in Zcash?
Claude Opus 4.8 helped independent security researcher Taylor Hornby discover a critical vulnerability in Zcash's Orchard privacy pool that could have allowed an attacker to mint unlimited counterfeit ZEC. The vulnerability was present from Orchard's activation in May 2022 until an emergency fix was deployed on June 1, 2026.
How much money was stolen from DeFi projects in the first five months of 2026?
More than $840 million was stolen from DeFi projects in the first five months of 2026, including more than $600 million in April alone across attacks on projects including KelpDAO and Drift Protocol.
Which companies are deploying AI models for vulnerability discovery?
Anthropicexpanded access to Project Glasswing on Tuesday, giving 150 companies and institutions access to Claude Mythos. Mozilla disclosed in April that Anthropic's models helped identify hundreds of vulnerabilities fixed in Firefox. Microsoft introduced MDASH in May, an agentic vulnerability discovery system that helped identify previously unknown Windows vulnerabilities.
