Claude Opus 4.8 finds a $4.5 billion bug—hackers are being mass-produced in the AI era

Original Title: Claude Opus 4.8 Finds a $4.5 Billion Bug, AI Era Is Mass Producing Hackers

Original Author: Dongcha Beating

Original Source:

Repost: Mars Finance

Text | Sleepy

Someone used Claude Opus 4.8 to find a bug that caused the market value of a cryptocurrency to evaporate by $4.5 billion.

The story begins with a security audit. Zcash is an established privacy network that uses zero-knowledge proofs to protect transaction information, with Orchard being its core component for private transactions.

On May 29, security researcher Taylor Hornby discovered a serious vulnerability in the protocol audit commissioned by Shielded Labs, which found that Orchard had a critical flaw that could allow attackers to create tokens out of thin air—essentially "infinite minting."

Zcash quickly completed an emergency upgrade within a few days, and the official confirmed the vulnerability's existence but could not verify whether anyone had exploited it to mint tokens. After the official statement was released on June 5, Zcash plummeted 50%.

Anthropic's Opus 4.8 was released on May 28, and the very next day, this vulnerability was discovered.

Not Mythos, but Opus

The incident with Zcash is terrifying, not because AI is strong, but because this time, it was too ordinary.

Before this, the security industry’s real fear was Anthropic’s Claude Mythos Preview. In April 2026, Anthropic published an assessment of cybersecurity capabilities, stating that Mythos Preview could identify and exploit zero-day vulnerabilities in mainstream operating systems and browsers during testing. Some of these vulnerabilities were very covert, lurking for over a decade, with one bug in OpenBSD dating back 27 years.

The assessment also said that an engineer without a security background could have Mythos Preview work overnight to find remote code execution vulnerabilities, and by morning, see a complete set of usable attack code.

This means a capability once possessed by only a few people for long-term mastery is now becoming a service anyone can call on at any time. This capability itself has no stance; the difference lies in who is using it and for what purpose.

Anthropic also understands this. So they created Project Glasswing, initially giving Mythos Preview to a select few organizations for defensive security work. They also admit that such a level of model requires stronger protections and stricter usage constraints before being opened to everyone.

But in the case of Zcash, the tool used by technicians was not the still-locked Mythos, but the already released, available, and integrated into ordinary workflows—Opus 4.8.

AI entering the security field enables small teams to have the auditing power of large teams. It helps maintainers find bugs faster, but also allows attackers to understand systems more quickly.

Moreover, the most dangerous models may not be the strongest, but those that are sufficiently powerful, cheap, and widespread.

The more ordinary the model, the more people can wield it. So the question is no longer whether AI can find vulnerabilities, but: when everyone can find them, what will happen?

When Bug Hunting Becomes a Mass Movement

As AI makes vulnerability discovery cheaper, two things will emerge.

One is fake—large quantities of seemingly credible but actually unverifiable security reports. The other is real—vulnerabilities that once lurked deep in systems, requiring experts weeks or months to find, are now being uncovered more quickly.

The former will overwhelm maintainers, the latter will breach systems. And worse, they will arrive simultaneously.

Cybersecurity has an ideal narrative: white hats discover vulnerabilities, responsibly disclose them, vendors fix them, and users benefit.

In many cases, the world has indeed operated according to this narrative. But when AI lowers the threshold for "discovery," and everyone can use open models to find bugs, what floods in are many people seeking bounties or reputation. Many of them just copy prompts, let the model generate a report that looks decent. The report may not be real.

But regardless of authenticity, maintainers must take it seriously.

OpenSSF held a discussion in February 2026 on "AI Junk Reports," focusing on how open-source maintainers should handle low-quality, AI-generated vulnerability reports. Curl reported that by mid-2025, only about 5% of bounty submissions were genuine vulnerabilities, and around 20% appeared to be low-quality AI-generated content. OpenSSF said these reports are like DDoS attacks—attacking human attention.

Open-source maintainers are not customer service centers. Many have no salaries, no security teams, no shift schedules. Large companies can buy these resources, but even they rely on a long chain of human collaboration to keep anomalies below the threshold of normal users’ perception.

This long and fragile chain was already operating at full capacity before AI's large-scale involvement. Now, with exponentially more vulnerabilities and reports pouring in, are the defenders enough?

Who Fixes the Vulnerabilities Once Found

ISC2’s 2024 cybersecurity workforce report estimates that about 5.5 million cybersecurity professionals are actually employed worldwide, with a talent gap of 4.8 million—up 19% year-over-year. It clarifies that this "gap" isn’t just about job postings but the difference between the number of people organizations believe they need for full protection and the number actually available.

The simple message: there are many vulnerabilities, and not enough people.

And it’s not just a matter of headcount; there aren’t enough capable people to handle complex tasks. ISC2 also noted that 67% of respondents said their organizations face cybersecurity staffing shortages, and 58% believe this poses significant risks. 31% said their security teams lack entry-level staff, and 15% said they have no junior staff with 1–3 years of experience. Many organizations not only lack personnel but also lack pipelines to cultivate the next generation.

This is more troublesome than just not being able to hire. Not being able to hire is a problem today; lacking junior staff means it will be a problem tomorrow as well.

The domestic "AI Era Cybersecurity Industry Talent Development Report" also provides data: by 2025, 46.2% of surveyed practitioners earn pre-tax annual salaries between 200k and 300k yuan. The market is willing to pay for core talent because those who can handle complex threats and make judgments during incidents are extremely scarce. The report also shows that 56.5% of practitioners say AI has allowed them to focus more on analyzing complex threats, and 33.0% are shifting from execution to strategy.

This is critical.

What we most lack now are those who can understand a vulnerability at midnight, judge its impact, coordinate with upstream and downstream, and write patches. Security has never been a glamorous job; it’s dirty work. Breaking down "cybersecurity," it’s full of false positives, blame-shifting, endless patches, endless meetings, and that call at 3 a.m. waking you up.

Yersinia pestis has never disappeared

Camus wrote a novel called "The Plague."

The story takes place in a small North African town. Suddenly, an outbreak of plague occurs, the city gates close, and everyone is trapped inside. Daily life shatters overnight. People are first panicked, then numb, then accustomed. Until the plague finally recedes, the gates reopen, and the streets are filled with laughter again.

At the end of the novel, Camus says: "According to medical records, Yersinia pestis will never die out or disappear. They can survive for decades in furniture, clothes, and bedding; patiently waiting in rooms, cellars, suitcases, handkerchiefs, and waste paper. Perhaps one day, the plague will awaken its rats again, burying them in some happy city, causing people to suffer again and learn their lesson."

I’ve always thought this description fits well with network vulnerabilities.

They are not born only on the day they are discovered. They have long been lying in the code, unheard, and we mistake silence for safety.

We’ve grown so used to daily routines that we no longer doubt—they all run on code. Old debts in code are not paid off quickly because there are few debt collectors. After AI arrived, the debt collectors suddenly increased.

What’s terrifying is not just that hackers will multiply. On the other side of the system, the number of people handling issues has not proportionally increased.

This is the greatest struggle of the AI security era. Capabilities will spread on their own; responsibility will not. Finding a vulnerability becomes cheaper and easier, but fixing it remains as costly as before. Destruction can be copied endlessly by scripts, trust can only be rebuilt slowly, system by system, team by team.

AI will not destroy the internet overnight. It’s more like turning on the lights. We finally see that digital life has never been an automatic natural order; it’s a group of people continuously lowering risks to levels we can’t perceive.

In the future, the truly expensive part will not be finding vulnerabilities, but whether there are enough people willing to fix them one by one.