Vulnerability Research in the Age of AI: Deconstructing Mythos

ArticleRidhi Mahajan

Deconstructing the AI Cybersecurity Mythos

On April 23, 2026, the Shiba AI Team hosted security researcher Thanh Do at the Adegawa Theatre for a seminar exploring the shifting boundary lines between modern machine learning and core information security tradecraft. Titled “Vulnerability Research in the Age of AI: Deconstructing Mythos,” the session evaluated the real-world utility of frontier intelligence systems in automating exploit pipelines, cutting through prevailing industry marketing hype to outline the baseline constraints of autonomous network exploration.

Event Poster Figure 1: Featured speaker Thanh Do presenting his latest findings on hypervisor and OS-level vulnerability research.

The State of Play: Tradecraft & Economics

Thanh opened the talk by explaining the basic economics of finding software vulnerabilities. In an industry where a single major, highly dangerous exploit can be worth anywhere from $5M to $7M USD (on platforms like iOS or Android), expert human attention is incredibly scarce.

Historically, tracking down these security flaws meant choosing between two slow paths: searching through code line-by-line by hand, or using brute-force automated testing tools that often slow down because they generate too many false alarms. Thanh also challenged a common belief in open-source software, the idea that if enough people look at code, all bugs become easy to find. In reality, modern critical systems are heavily reviewed, meaning the easy bugs are already gone. What is left are highly hidden flaws that can stay buried for decades, such as a 27-year-old bug recently patched in OpenBSD.

Shifting into the AI Era: Entering "Mythos"

The core of the seminar focused on what happens when you run advanced large language models against real software codebases. Thanh highlighted recent tests involving Anthropic's unreleased Mythos Preview model, an AI system that is remarkably good at finding and exploiting vulnerabilities across major operating systems and web browsers when told to do so. Interestingly, the developers did not explicitly train Mythos to have these hacking skills. Instead, these abilities naturally emerged as a side effect of making the AI better at general coding, deep reasoning, and working independently. Testing pipelines using these model frameworks are already delivering real results. For instance, a recent update to Firefox 150 fixed 271 vulnerabilities that were flagged during collaborative evaluation with this AI.

Presentation Placeholder Figure 2: Group photoraph taken at the Adegawa Theatre at Shibaura Institute of Technology, Japan

Defining the Boundaries of Autonomy

Despite these impressive results, Thanh made it clear that AI is not going to replace human security teams anytime soon. When forced to work against tightly locked-down systems that have all the latest security updates, Mythos completely failed to find or create new exploits.

Another big challenge is that AI agents easily get confused over long tasks. Thanh shared real chat transcripts showing that human researchers constantly have to step in, correct the AI, and steer it back on track to stop it from breaking the system. Ultimately, the takeaway was that AI is a great assistant for taking care of repetitive, brute-force tasks, but discovering entirely new kinds of security flaws still requires human creativity and ingenuity.

Community, Networking, and Next Steps

The seminar brought together a lively crowd of students, systems engineers, and AI safety researchers from the Shibaura Institute of Technology community and across Tokyo.

After the presentation, the energy carried over into a relaxed networking mixer. Over snacks and drinks, participants from different backgrounds spent the evening swapping ideas, talking about the safety of autonomous software, and connecting over how to build better security tools for the future. The mixer closed out a highly successful and eye-opening event for the lab.

Networking Session Placeholder Figure 3: Event attendees and members of the Shiba AI Lab collaborating during the post-event networking mixer.

We extend a massive thank you to Thanh Do for sharing his field expertise, and to our community oranizers for turning this seminar into a phenomenal success.

If you missed this event but want to join our future technical seminars or get involved with our safety alignment work, check out our research or visit Shiba AI Lab Contact.