Claude Opus 4.8 finds a $4.5 billion bug—hacker attacks are being mass-produced in the AI era

Text | Sleepy

Someone used Claude Opus 4.8 to find a bug that caused the market capitalization of a cryptocurrency to evaporate by $4.5 billion.

The incident started with a security audit. Zcash is an established privacy network that uses zero-knowledge proofs to protect transaction information. Orchard is its core venue for private transactions.

On May 29, security researcher Taylor Hornby discovered a serious vulnerability in the protocol audit commissioned by Shielded Labs. It could allow an attacker to create tokens out of thin air—what’s called "infinite minting."

Zcash quickly completed an emergency upgrade within days, confirming the vulnerability existed but unable to verify if anyone had exploited it to mint tokens. After the official statement on June 5, Zcash plummeted 50%.

Anthropic’s Opus 4.8 was released on May 28, and the very next day, this vulnerability was discovered.

Not Mythos, but Opus

The Zcash incident is terrifying, not because AI is stronger, but because this time, it was too ordinary in its strength.

Previously, what the security industry truly feared was Anthropic’s Claude Mythos Preview. In April 2026, Anthropic released a cybersecurity capability assessment stating Mythos Preview could identify and exploit zero-day vulnerabilities in mainstream operating systems and browsers during testing. Some vulnerabilities were highly covert, lurking for over a decade, including a bug in OpenBSD dating back 27 years.

The assessment also said that an engineer without a security background could have Mythos Preview work overnight to find remote code execution vulnerabilities, and by morning, see a complete set of usable attack code.

This means a capability once possessed by only a few for long-term mastery is now becoming a service anyone can call upon at any time. This capability itself has no stance; the difference lies in who uses it and for what purpose.

Anthropic understands this well. So it launched Project Glasswing, initially giving Mythos Preview to a select few organizations for defensive security work. It also admits that such a model requires stronger protections and stricter usage constraints before being open to everyone.

But in the Zcash case, the tools used by technicians are not the locked Mythos, but the already released, available, and integrated Opus 4.8 into everyday workflows.

AI entering the security field enables small teams to have the auditing power of large teams. It helps maintainers find bugs faster, but also allows attackers to read systems more quickly.

Moreover, the most dangerous models may not be the strongest, but those that are sufficiently powerful, cheap, and widespread.

The more ordinary the model, the more people can wield it. So the question is no longer whether AI can find vulnerabilities, but: what happens when everyone can find them?

When Bug Hunting Becomes a Mass Movement

After AI makes vulnerability discovery cheaper, two things will emerge.

One is fake—many seemingly professional, but actually unverifiable security reports. The other is real—vulnerabilities that once lurked deep in systems, requiring experts weeks or months to find, are now being uncovered more quickly.

The former will overwhelm maintainers, the latter will breach systems. And worse, they often arrive together.

Cybersecurity traditionally follows an ideal narrative: white hats discover vulnerabilities, responsibly disclose, vendors fix, users benefit.

For a long time, the world operated according to this story. But as AI lowers the threshold for "discovery," and everyone can use public models to find bugs, what floods in are many who seek bounties or reputation. Many just copy prompts, let the model generate a report that looks plausible. The report may not be real.

But regardless of authenticity, maintainers must take it seriously.

In February 2026, OpenSSF held a discussion on "AI Junk Reports," focusing on how open-source maintainers should handle low-quality, AI-generated vulnerability reports. Curl reported that by mid-2025, only about 5% of bounty submissions were real vulnerabilities, and around 20% looked like low-quality AI-generated content. OpenSSF said these reports are like DDoS attacks—attacking human attention.

Open-source maintainers are not customer service. Many have no salaries, no security teams, no shift schedules. But a project might support countless commercial systems worldwide. Companies saving huge costs through open source may not pay maintainers at all; yet, when issues arise, they’ll come back asking why it wasn’t fixed sooner.

Curl later shut down its bug bounty program because it couldn’t handle the pressure. Security reports are supposed to be part of the defense line, but when flooded with junk, that line becomes a drain on those defending behind it.

AI gives more people the ability to submit vulnerability reports, but not the ability to judge their authenticity. Generating a report with a model doesn’t mean understanding it; running verification code doesn’t mean knowing how impactful it is.

Even more dangerously, we are already living in a world where AI can find countless vulnerabilities.

Our past safety was just luck

The biggest illusion of the internet is that what works must be reliable.

You can pay with your phone, scan codes on the subway, book appointments at hospitals; even a photo from ten years ago stored in the cloud. You’ve forgotten about it, but it hasn’t forgotten you. These systems work daily, so we assume they’re problem-free. Trust in technology is often not trust, but laziness to doubt.

But code is like an old building constantly being added onto, with outdated protocols and libraries underneath, temporary demands and "ship it first" mentality on top, and inherited legacy code nobody dares delete. The lights are on, elevators run, property management says everything’s normal. But no one knows if there are cracks inside the walls.

Heartbleed is a classic example. A vulnerability in OpenSSL allowed attackers to read private keys and passwords from server memory until it was discovered and fixed in 2014. Before that, it had lurked for over two years, and at the time, over 60% of active websites ran on affected servers. Two years, most of the internet was essentially exposed, with no one aware.

Another example is sudo’s Baron Samedit. In 2021, Qualys disclosed that this vulnerability had existed in sudo for nearly a decade, and sudo is one of the most used privilege tools in Unix/Linux.

Many similar cases exist. Looking at them together, we realize that we’ve been quite lucky to surf the internet safely until today.

Why have these vulnerabilities gone unnoticed for so long?

The answer is simple: the cost of finding vulnerabilities is too high.

It’s not just money, but also time and patience. Reading code, setting up environments, understanding protocols, reproducing edge cases, writing verification scripts, assessing impact—all require effort. Sometimes, a whole night’s testing yields no results; a path hits a dead end. Security researchers and hackers often torment themselves with broken details.

Many vulnerabilities can hide for so long not because they are mysterious, but because there are too few willing, capable, and persistent enough to find them.

AI is changing this cost structure.

In the past, many corners and little tools made security work slow. Now, tools are being mass-produced.

But the same tool that can spot cracks can also be used to strike. When discovery becomes cheap, so does attack. Someone might submit a low-quality report to an open-source project today, and tomorrow, use the same method to scan a corporate system; today, chasing bug bounties, tomorrow, targeting on-chain funds.

Behind normal internet use

Before a real incident occurs, we can’t feel the presence of "internet security."

You open Alipay, scan, pay, receive funds—all in under three seconds. You don’t think about the risk controls, device fingerprints, behavior analysis, black market countermeasures, vulnerability responses, or emergency plans behind it.

In May 2026, AntSRC launched a "Hunter Operation" bug bounty event, covering Alipay, Huabei, Jiebei, Ant Fortune, MyBank, Digital Science, and Ant International. High-risk and severe vulnerabilities in payment, fund, and billing products could earn rewards up to five times, reaching 71,500 yuan.

Big companies also know they can’t rely solely on internal teams to find all issues. They must incorporate external white-hat organizations into formal processes. Security is like a long chain of collaboration: some find attacks, others verify, classify, fix, release, and monitor to prevent harming normal users. Any broken link risks failure.

In October 2025, Alibaba Cloud’s security report stated that the platform defends against 6.25B attacks daily, blocking 27.5k malicious IPs; in that month, it detected and intercepted 102.8k DDoS attacks, with a peak of 2,100 Gbps.

Our so-called "normal internet browsing" is actually a narrow path carved out by security engineers from a sea of anomalies. The internet has never been quiet.

Open-source maintainers lack budgets, shift schedules, or emergency teams; big companies can buy these. But even they rely on long chains of human effort, keeping anomalies below the threshold that normal users notice.

And this long, fragile chain was already operating at full capacity before AI’s large-scale involvement. Now, with exponentially more vulnerabilities and reports, can the defenders keep up?

Who fixes vulnerabilities after discovery

The ISC2 2024 Cybersecurity Workforce Report estimates about 5.5 million cybersecurity professionals worldwide, with a shortage of 4.8 million—up 19% year-over-year. It clarifies that this "shortage" isn’t just about job postings, but the gap between the number of qualified personnel organizations believe they need and those actually available.

The message is simple: vulnerabilities are plentiful, and people are scarce.

And it’s not just about headcount; there’s a shortage of capable hands for complex tasks. ISC2 also reports that 67% of respondents say their organizations face cybersecurity staffing shortages, 58% see significant risks from this, 31% say their security teams lack entry-level staff, and 15% have no junior staff with 1–3 years of experience. Many organizations not only lack personnel but also pipelines to train the next generation.

That’s more troublesome than just not hiring. Not hiring today means no one to fill roles tomorrow.

The domestic "AI Era Cybersecurity Talent Development Report" provides data: by 2025, 46.2% of respondents earn pre-tax annual salaries between 200k and 300k yuan. The market is willing to pay for core talent because those capable of handling complex threats and making judgments during incidents are extremely scarce. The report also shows that 56.5% of practitioners say AI has allowed them to focus more on analyzing complex threats, and 33% are shifting from execution to strategy.

This is crucial.

What we most lack now are those who can understand a vulnerability at midnight, judge its impact, coordinate upstream and downstream, and write patches. Security is never about flashes of insight; it’s dirty, exhausting work. Breaking down "cybersecurity" reveals endless false alarms, scapegoats, unending patches, endless meetings, and that call at 3 a.m. that wakes you up.

The plague bacteria never disappeared

Camus wrote a novel called "The Plague."

Set in a small North African town, a plague suddenly erupts, the city gates close, and everyone is trapped inside. Daily life shatters overnight. People panic, then become numb, then get used to it. Until the plague subsides, the gates reopen, and the streets are filled with laughter again.

Camus concludes: "According to medical records, the plague bacillus will never die out or disappear. They can survive for decades in furniture, clothes, and bedding; patiently waiting in rooms, cellars, suitcases, handkerchiefs, and waste paper. Perhaps one day, the plague will awaken its rats again, burying them in some happy city, causing people to suffer anew and learn their lessons."

I’ve always thought this description fits network vulnerabilities perfectly.

They aren’t born only on the day they’re discovered. They’ve long been in the code, silent and undetected, and we mistake silence for safety.

We’ve grown used to a routine where nothing is doubted. All rely on code. Old debts in code aren’t paid because there are few to demand payment. After AI arrives, the debt collectors suddenly increase.

What’s terrifying isn’t just more hackers. It’s that the number of people handling issues on the other side of the system hasn’t grown proportionally.

This is the greatest struggle of the AI security era. Capabilities spread on their own; responsibility does not. Finding a vulnerability becomes cheaper, but fixing it remains as costly as before. Destruction can be copied endlessly by scripts, trust can only be rebuilt slowly, system by system, team by team.

AI won’t destroy the internet overnight. It’s more like turning on the lights. We finally see that digital life has never been an automatic natural order, but a group of people working day after day to lower risks to levels we don’t notice.

In the future, the real cost won’t be finding vulnerabilities, but whether there are enough people willing to fix them one by one. https://t.me/theblockbeats https://t.me/BlockBeats_App https://twitter.com/BlockBeatsAsia