Security WeekArchived Jun 09, 2026✓ Full text saved
Anthropic's Mythos is accelerating vulnerability discovery to machine speed, forcing the bug bounty industry and offensive security teams to adapt to a future where finding flaws is no longer the hard part. The post Will AI Kill the Bug Bounty Industry? appeared first on SecurityWeek .
Full text archived locally
✦ AI Summary· Claude Sonnet
AI is disruptive. Anthropic’s Claude Mythos model, and its successors, promise to be even more disruptive: they could threaten the existing bug bounty and/or in-house offensive security industries.
AI has been widely adopted by both cybersecurity attackers and defenders. Attackers use it to help find bugs and craft attacks from sophisticated social engineering through to developing exploit and malware code. Defenders use it to help detect attacks in progress, detect deepfakes, and help code new software, and for bug bounty hunters and offensive security practitioners, to unearth bugs to fix them before they can be exploited.
So far, AI has proven to be a force multiplier rather than a position replacement. Mythos threatens to alter this balance.
The evolution of bug bounty programs
Bug bounties and pentesting are in a state of flux. That’s nothing new: everything in cybersecurity is constantly in flux. But the Mythos arrival may provide the most rapid flux in offensive security yet.
A bounty is a reward. ‘Dead or alive’, was an early 19th-century US tagline. That concept still survives, but with law enforcement now offering bounties for information on live cybercriminals.
A bug bounty is a reward for finding a bug not a person. In 1983, Hunter & Ready offered a free Volkswagen Beetle car (commonly known as a Bug) as the reward for finding a computer bug in its VRTX operating system. The new tagline was ‘Get a bug if you find a bug’.
The concept of bug bounties had arrived and began to expand from the 1990s: Netscape in 1995; IDefence introducing the middleman concept in 2002 (any person could report any bug to any vendor); Mozilla for Firefox in 2004, Google in 2010, and Facebook in 2011.
The HackerOne (with Kara Sprague as CEO) and Bugcrowd (co-founded by Casey Ellis) bug-bounty platforms were established in 2012, followed by YesWeHack in 2015, and Intigriti (Inti De Ceukelaire) in 2016. These are the four primary bounty platforms.
Throughout the 2010s the concept expanded and many more companies began to offer bug bounties. By 2022, bounty hunter Youssef Samouda was able to tell SecurityWeek, “With Meta and Google, I make around $400,000 per year.” At the end of 2022, AI in the form of LLMs became generally available, and by late 2024 and early 2025 the modern concept of autonomous agentic AI began to take center stage. By June 2025, autonomous offensive security firm XBOW, had achieved #1 position in HackerOne’s leaderboard.
The history of bug bounties shows a consistent combination of expansion with an increasing use of automation and artificial intelligence – which brings us to today. In-house offensive security has followed a similar path but driven by salary rather than reward.
Bug bounty today
Cassim Khouani (known online as Aituglo and listed in the top 30 Hackers on YesWeHack) wrote The state of Bug Bounty in 2026, published on April 13, 2026. In it, he describes using Claude to aid discovery. Overnight, it discovered ten bugs. “Sounds great on paper. Except half of them were duplicates, and the rest took weeks to get triaged because the report queue on that program had become unmanageable. Welcome to bug bounty in 2026.”
He believes bug bounty as we know it today is dying. “What comes next can be better, if we play it right.”
Everybody, he suggests, is using one or other form of AI to search for bugs, 24/7 without getting tired. It succeeds, but with side effects: “We end up in a constant mental fog, jumping from one tmux pane to another, switching from one program to the next.”
And the bounty platforms themselves suffer from so many new AI-assisted submissions, with triaging and payments taking longer. Companies paying bounties are also suffering with more bug reports, some of poor quality and some critical.
“More and more companies are stepping back from bug bounty,” he writes, “while others [such as Google] increase their rewards or change their policy.” Note that after Khouani wrote this in mid-April 2026, Google lowered its Chrome bug bounties and raised its Android bounties on April 30, 2026, citing AI as the cause for both.
This is flux with its foot on the pedal: rapid change but not necessarily for the better.
“The bug bounty of 2024 is dead. The one in 2026 is a different sport. The hunters who will make it are not those who launch the most agents, but those who know what to look for and where to look. AI is a multiplier, not a replacement.”
This was written by Khouani based on his experience of using Claude to assist in bug finding. But then along came Claude Mythos, announced almost at the same moment he published his article. Anthropic’s claims for Mythos going forward suggest the future of AI is more than just a force multiplier.
Mythos discovering vulnerabilities
Mythos reportedly performs better than any other AI model in finding zero day bugs. “Over the past few weeks, we have used Claude Mythos Preview to identify thousands of zero-day vulnerabilities (that is, flaws that were previously unknown to the software’s developers),” announced Anthropic on April 7, 2026, “many of them critical, in every major operating system and every major web browser, along with a range of other important pieces of software.”
In May 2026, Anthropic said its Mythos Preview had identified more than 23,000 potential vulnerabilities after scanning thousands of open-source software projects.
Anthropic is apparently so concerned about its ability to find unfound bugs that it has released Mythos Preview to major software providers, allowing them to find and fix their own vulnerabilities (Project Glasswing) before the model becomes generally available.
The CSA is equally concerned, having published a paper titled, “The ‘AI Vulnerability Storm’: Building a ‘Mythos-ready’ Security Program”, in which it recommends: “Introduce AI agents to the cyber workforce across the board, enabling defenders to match attackers speed and begin closing the gap.”
Fed Chair Powell and Treasury Secretary Bessent met with the heads of major US banks to discuss the cyber risks that may be introduced by Mythos; Reuters has reported ‘Banking industry scrambles for Anthropic’s Mythos as global regulators review risks’; and the media has been full of wild, weird, and wonderful reporting.
But one area has had little reporting so far: if Mythos is capable of finding bugs and developing exploit chains so rapidly, what effect will this have on the value and future of the existing bug bounty and offensive security industries? Organizations could just point Mythos at their software and find the bugs without needing to pay bounties or employ expensive pentesters and red teams.
The future of bug bounty and offensive security
Bug bounty and offensive security are not going away; but both must adapt to a new reality. AI is like sniping: the projectile and its effect may be autonomous, but it still needs a human to aim and pull the trigger. Complete autonomy is still in the future, and that human involvement will remain for years to come. It’s the speed of delivery and the accuracy that has changed.
Keep Calm and Carry On: Mythos is not revolutionary
Tod Beardsley, VP of security research at runZero, counsels that Mythos should be viewed in the historical concept of an industry barely 30 years old: any advance will seem huge and disruptive while it’s happening. “To be blunt, I don’t think Mythos is fundamentally different or the ‘YOU MUST BUY THIS’ security tooling that Anthropic’s marketing would like us to believe. It’s better tooling, for sure…”
But, he adds, “To think that this (or any) model is so fundamentally powerful, dangerous, and revolutionary that you’d be a fool to not buy is to ride along with the classic FUD-based marketing that so often colors cybersecurity marketing… This is just another step on the road to better understanding the risk profile of your particular network.”
Richard Ford, CTO at Integrity360, agrees with the need to stay calm but adds, ‘be ready to adapt’. “Anthropic’s own system card shows that this level of performance relied on uncensored models, extended compute, and heavy resampling. In other words, this is not yet a real-world scenario.”
Nevertheless, he adds, “Bug bounty programs and human-led testing rely on expertise and time. AI will start to reshape that, although areas like business logic will still depend on human understanding.”
It’s adaptation, not replacement, says Chris Payne, VP of forward deployed cyber engineers at Sevii. “Discovery accelerates for everyone, but the real bottleneck has always been investigation and remediation. The defenders who win will pair agentic AI with strong governance so they can investigate, hunt, and remediate at machine speed and endless scale, which will close the gap attackers are widening as we speak.”
Jon David, co-founder and MD at NR Labs, agrees with this. The power of Mythos and future AI will allow attackers to find and exploit vulnerabilities faster than defenders can fix them. “But if we leverage AI in the same capacity, it also allows us to find and patch the vulnerabilities before they’re public in production. We must just make sure we’re using the same capabilities as the attackers on ourselves before they do.”
This should ensure the continuance of in-house offensive security teams. Bounty hunters and bounty platforms have a slightly different problem to solve: participating companies are likely to become reluctant to pay bounties for an increasing volume of existing but largely irrelevant bug slop already found by hunters and their AI agents, and likely to increase with Mythos.
Melissa Bischoping, head of threat research & intelligence at Tanium
“The widely used Curl project ended its HackerOne program in January 2026 because over 95% of submissions were AI-generated junk,” comments Melissa Bischoping, head of threat research & intelligence at Tanium. “HackerOne [also] paused the Internet Bug Bounty in March, explicitly citing an imbalance between AI-assisted discovery and remediation capacity. Mythos makes this worse by an order of magnitude.”
The need for adaptation. Evolving AI increases the speed of discovery and decreases the time to exploitation. Kara Sprague, CEO at HackerOne, points out this is not the gap meant in the CSA report. “The gap they are describing isn’t the gap from discovery to exploitation; it’s clear that it has already collapsed. The gap they are referring to is the operational gap between discovery and remediation: organizations still patch on human timelines, manage risk through quarterly assessments and run remediation through change processes that were never designed for AI-velocity threats.”
AI-assisted discovery has flooded programs with low-to-mid-severity findings that maintainers cannot absorb. This will increase with Mythos. “The incentives of such bounty programs need to be rebalanced to favor remediation, which is now the key constraint,” she continues.
“Vulnerability findings often sit for a long time before remediation, and this trend will continue as the volume increases. It then becomes a question of prioritizing learning from mistakes rather than focusing on individual issues as that approach hasn’t been scalable and certainly won’t be as these advanced models become more distributed,” adds Shlomie Liberow, founder at aisy.ai, and formerly head of hacker R&D at HackerOne.
Shlomie Liberow, founder at aisy.ai
Bounty platforms are already strained by the number of bugs being discovered. And corporations are unable to keep pace with existing patch levels. What is required is the ability to prioritize high severity bugs over low value bugs, and incentives to prioritize high severity over low value will be built into the programs.
The longer view. Corporate options for vulnerability detection remain primarily third-party bounty hunters or in-house offensive security teams. The best option will be governed by whichever adopts the latest technology functionality faster and more intelligently.
“Today, frontier model providers (like Anthropic) make AI abundantly cheap to use, reducing the cost of vulnerability research,” suggests Aaron Sant Miller, VP and AI lead for Booz Allen’s Integrated Cyber Business.
“If organizations increasingly choose to bring this function in-house, you can expect the bug bounty industry to take a hit. Conversely, bounty hunters may find AI reduces their own cost and time – we may see more bounties executed per month, at a lower cost per bounty. Today’s balancing act will be shaped by adoption.”
Aaron Sant Miller, VP and AI lead for Booz Allen’s Integrated Cyber Business
It may be different tomorrow. The current cost of AI is being eaten by the frontier model developers, and the price to users is artificially low. Once the market has been hooked, the developers may increase their prices to reflect the true market cost. When that happens, organizations will reconsider outsourcing again.
“Once AI usage costs begin to reflect their true operating costs, the cost of bug discovery will normalize; organizations and hunters alike will have to determine the fair market price for vulnerability discovery,” he continues. “Overall, in-house security teams that readily adopt AI and evolve their workflows will be more resilient to the disruption.”
Sprague agrees that the market for vulnerability hunting is already changing, but she notes, “The total value of the bounty market is growing, not shrinking. High-severity, business-logic and AI-specific vulnerability research (for example, prompt injection, model extraction, adversarial manipulation) is paying more than ever, because very few researchers can do it well.”
For in-house offensive teams, she says, “Red teaming was already evolving beyond ‘can we get in’ toward mapping business process fraud paths, executive targeting, third-party compromise chains, privileged identity abuse across SaaS estates. Mythos can’t model your business. It can’t tell you that the real crown jewel isn’t in the codebase at all.”
She sees continuous AI-executed adversarial testing with human expertise woven throughout. “Novel attack paths, business logic vulnerabilities and the creative lateral thinking that turns a low-severity finding into a crown jewel compromise still require human ingenuity. AI raises the floor; it doesn’t replace the ceiling.”
Summary
Kara Sprague, CEO at HackerOne
AI is changing the rules for human vulnerability hunters, but not replacing the requirement. AI can find a never-ending volume of bugs – they will always exist, in both old and new software. But this new AI-discovered volume of bugs, with many of them being low severity, ultimately inconsequential slop, has highlighted the real problem. It’s not finding the bugs (that hasn’t been a problem for years); it’s distinguishing the meat from the slop with rapid remediation.
AI is not good at this. It requires human knowledge and ingenuity. In-house human offensive security, using AI but not relying on it, can do this well – and the value of in-house detection and remediation will remain.
External bounty hunting will be most impacted, but will continue to offer a valuable service if the bounty paid can be refocused on critical bugs and remediation. This will offer a valuable alternative for those companies that find employment of a permanent in-house team to be too costly.
Vulnerability hunting, like every other aspect of cybersecurity, is subject to new technology. And like every other aspect of cybersecurity, the advice to practitioners remains the same: keep calm, adapt, and carry on.
Related: Cyber Insights 2026: Offensive Security; Where It Is and Where It’s Going
Related: OpenAI Launches Bug Bounty Program for Abuse and Safety Risks
Related: Microsoft Bug Bounty Program Expanded to Third-Party Code
Related: Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program
WRITTEN BY
Kevin Townsend
Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.
More from Kevin Townsend
OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds
Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk
Security of 100 AI Agents Tested and Ranked – What You Need to Know
Two New Reports Offer Competing Explanations for Cybersecurity’s Growing Crisis
Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks
New Edamame Platform Aims to Catch AI Coding Agents Going Off the Rails
The Credential Crisis: How Stolen Credentials Defeat Modern Security
Latest News
Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation
New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications
SAP Patches Critical NetWeaver, Commerce Vulnerabilities
Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks
Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks
Google Patches 5th Chrome Zero-Day Exploited in 2026
A Security Raises $37 Million for Autonomous Offensive Security Platform
Everybody Is Vibe Coding But Nobody Told the Security Team
Trending
Webinar: Third-Party Risk In Practice
June 4, 2026
Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.
Register
Virtual Roundtable: CISO Forum 2026 Mid-Year Review
June 10, 2026
Explore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks.
Register
People on the Move
Opal Security has appointed CPO, CTO, VP of Field Engineering, VP of Marketing, and Head of Product and Solutions Marketing.
The Department of the Air Force has appointed Ashley Devoto as Chief Information Officer.
Bartley Richardson has been named Chief AI and Autonomous Systems Officer at CrowdStrike.
More People On The Move
Expert Insights
Everybody Is Vibe Coding But Nobody Told The Security Team
AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au)
The Zero-Knowledge Threat Actor And The End Of Responsible Disclosure
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. (Etay Maor)
Raising The Cybersecurity Stakes: Ante Up For The Agentic Era
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale. (Nadir Izrael)
Caught Off Guard: Securing AI After It Hits Production
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode. (Joshua Goldfarb)
Cyber Resilience Is The New Business Continuity Plan
The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose. (Steve Durbin)
Flipboard
Reddit
Whatsapp
Email