Measuring LLMs' Ability to Develop Exploits
Summary
Anthropic's Claude Mythos Preview model demonstrates a significant advancement in exploit development capabilities, outperforming previous frontier models. Released carefully through Project Glasswing, Mythos Preview can identify complex vulnerabilities, create exploit primitives, and combine them into full attack chains. New quantitative benchmarks, ExploitBench and ExploitGym, were developed to precisely measure these capabilities, as existing public benchmarks were insufficient. On ExploitBench, focusing on 41 V8 engine vulnerabilities, Mythos Preview achieved arbitrary code execution (ACE) on 21 CVEs, while no other model achieved even one. ExploitGym, covering 898 vulnerabilities across OSS-Fuzz, V8, and Linux kernel, saw Mythos Preview achieve 157 intended vulnerability exploits within two hours, significantly more than Opus 4.6's 15. Furthermore, an updated SCONE-bench for smart contract exploitation showed Mythos Preview exploiting \$35 million worth of contracts, a 75% increase over the next best model, and exploiting every tested vulnerability. This performance suggests exploit development expertise will become commoditized.
Key takeaway
For AI Security Engineers assessing LLM-driven threats, Claude Mythos Preview's advanced exploit capabilities mean you must re-evaluate your defense strategies. This model can achieve arbitrary code execution and exploit smart contracts worth millions, indicating a rapid commoditization of exploit development. You should prioritize developing more sophisticated, LLM-aware security measures and actively engage with new, high-quality benchmarks like ExploitBench and ExploitGym to understand evolving risks.
Key insights
Claude Mythos Preview significantly advances LLM exploit development, achieving end-to-end attacks and outperforming prior models on new benchmarks.
Principles
- Exploit development requires a capability ladder.
- Quantitative benchmarks are crucial for LLM evaluation.
- LLM exploit capabilities are rapidly accelerating.
Method
ExploitBench decomposes exploit development into 16 programmatically verified capabilities across five tiers, testing against V8 engine vulnerabilities with a 300-turn budget and adaptive prompting.
In practice
- Use ExploitBench for fine-grained exploit capability analysis.
- Evaluate LLMs against V8, OSS-Fuzz, and Linux kernel targets.
- Test smart contract exploitation with SCONE-bench.
Topics
- LLM Exploit Development
- Claude Mythos Preview
- ExploitBench
- ExploitGym
- Smart Contract Exploitation
- V8 Engine Vulnerabilities
- Cybersecurity Benchmarking
Code references
Best for: CTO, VP of Engineering/Data, Research Scientist, AI Security Engineer, AI Scientist, Director of AI/ML
Related on AIssential
Editorial summary, takeaway, and curation by AIssential. Original article published by Anthropic Frontier Red Team Blog.