Measuring LLMs' Impact on N-day Exploits
In cybersecurity, a large fraction of real-world harm comes from N-days: vulnerabilities that have already been publicly disclosed, but only patched on some devices. In this…
Latest
Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator
We’ve spent the past year investigating how threat actors are weaponizing AI to conduct cyber operations. Today, we’re sharing a new analysis that maps these real-world…
Measuring LLMs' Ability to Develop Exploits
On two new, challenging academic benchmarks measuring AI models’ ability to develop exploits (ExploitBench and ExploitGym) and an updated version of the benchmark measuring smart contract…
Assessing Claude Mythos Preview’s cybersecurity capabilities
Claude Mythos Preview is a new general-purpose language model that is strikingly capable at computer security tasks. This post provides technical details for researchers and practitioners…
Reverse engineering Claude's CVE-2026-2796 exploit
This post dives deep into how Claude wrote an exploit for one of the vulnerabilities it found in Firefox.
Partnering with Mozilla to improve Firefox’s security
In a collaboration with researchers at Mozilla, Claude Opus 4.6 discovered 22 Firefox vulnerabilities over the course of two weeks.
LLM-discovered 0-days
AI models can now find high-severity vulnerabilities at scale. This is a moment to empower defenders. We're now using Claude to find and help fix vulnerabilities…
AI Models on Realistic Cyber Ranges
In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only…
Finding Bugs with Claude and Property-based Testing
Ensuring that programs are bug-free is one of the most challenging aspects of software engineering. We developed an agent that can efficiently identify bugs in large…
Experimenting with AI to Defend Critical Infrastructure
AI could help defenders of critical infrastructure identify the vulnerabilities that attackers might exploit—and close them before they are exploited. Anthropic has partnered with Pacific Northwest…