Anthropic’s Mythos reportedly uncovered critical flaws in Palo Alto Networks products

Anthropic’s internal security tool, Mythos, has reportedly found critical vulnerabilities in Palo Alto Networks products, according to The Information. The finding underscores how AI systems are increasingly being used to assist with cybersecurity research and product testing.

The report portrays Mythos as a strong security capability inside Anthropic, while also suggesting that running such a system is expensive. That combination has made the tool notable not only for what it can detect, but also for the resources required to operate it.

Palo Alto Networks, one of the best-known names in enterprise cybersecurity, is the company cited in the report as having critical weaknesses identified by Anthropic’s system. The Information did not provide technical details about the flaws in the material available, and it was not immediately clear how long the vulnerabilities had existed or whether they had been fully remediated.

The report adds to a broader industry trend in which AI models are being deployed for security work, including code review, vulnerability discovery, and threat analysis. Companies are increasingly exploring whether large language models and related systems can help identify issues faster than traditional manual methods. Anthropic’s Mythos appears to be one example of that push.

At the same time, the report highlights a tension that is becoming common across AI development. The most advanced systems can offer significant capability, but they also demand substantial compute, infrastructure, and operational spending. In Anthropic’s case, Mythos is described as effective enough to be viewed as a security powerhouse, yet costly enough to raise concerns about budget impact.

For cybersecurity vendors, the episode is a reminder that even companies focused on defense are not immune to scrutiny from automated testing tools. For AI developers, it shows that models are moving beyond general-purpose chat and into specialized enterprise functions where accuracy and depth matter more than broad consumer appeal.

The Information’s report did not say whether Anthropic plans to commercialize Mythos or how widely the tool is used internally. It also did not indicate whether the vulnerabilities it found at Palo Alto Networks were disclosed publicly or through private channels.

Still, the report suggests that AI-assisted security research is becoming more mature and potentially more consequential. As systems like Mythos get stronger, they may surface more serious flaws in widely used software and hardware products. That could make them valuable to defenders, but it also raises questions about cost, oversight, and how companies balance automation with human review.

In the short term, the attention around Mythos appears to center on two points: its ability to identify critical security problems, and the high price of keeping such a system running. Those two facts may shape how other AI companies think about building similar tools for enterprise security work.