AI security company Depthfirst discovers multiple critical internet vulnerabilities, claiming the cost is only one-tenth of Anthropic Mythos.

BlockBeats News, May 12 — AI cybersecurity startup Depthfirst announced that its self-developed AI vulnerability discovery model has identified multiple high-risk security flaws missed by Anthropic Mythos, claiming that the overall cost is only one-tenth of the latter’s. Depthfirst CEO Qasim Mithani stated that by optimizing the model architecture for a single task, they can achieve “completing work that Mythos would spend $10k on for just $1,000.”

Depthfirst also launched a new initiative called the “Open Defense Initiative,” which will provide a total of $5 million in funding to open its AI vulnerability detection tools to enterprises and open-source developers for discovering code security issues.

The article mentioned that a critical vulnerability discovered by Depthfirst exists in NGINX, the most widely used web server globally, and has been present since 2008, potentially affecting a large number of internet websites worldwide. F5 Networks, responsible for maintaining NGINX, is expected to release a patch this week.

Additionally, Depthfirst disclosed that it found high-risk vulnerabilities in Linux systems that could be used for remote malicious code execution, which have not yet been patched. Its models also detected multiple security issues in Google Chrome and the open-source multimedia framework FFmpeg, with Chrome-related vulnerabilities already fixed by Google.

The report pointed out that with AI accelerating vulnerability discovery capabilities, the cybersecurity industry is entering a phase of “AI-powered attack and defense.” Previously, Anthropic revealed that its Claude model was used by Chinese hacker organizations for cyberattacks, and Google warned this week that criminal groups have begun using AI to develop “zero-day” exploit tools.