What Has Changed with Mythos? Ricerca Security Releases White Paper Explaining the Reality of AI Vulnerability Diagnosis and Criteria for In-house Implementation
Ricerca Security Inc. has released a white paper detailing the latest trends in AI-powered vulnerability diagnosis and the design requirements for in-house implementation. This publication addresses the paradigm shift in vulnerability discovery brought about by "Claude Mythos," emphasizing that vulnerabilities are now found faster, and outlines the practicalities, limitations, and decision criteria for companies considering AI diagnosis.
📋 Article Processing Timeline
- 📰 Published: April 29, 2026 at 00:00
- 🔍 Collected: April 28, 2026 at 15:31
- 🤖 AI Analyzed: April 28, 2026 at 16:09 (37 min after Collected)
Ricerca Security Inc. has released a white paper that organizes the latest trends in AI-powered vulnerability diagnosis and the design requirements necessary for in-house implementation.
"Claude Mythos," announced in April 2026, has reported that AI autonomously discovered thousands of high-severity vulnerabilities, fundamentally changing the premise of vulnerability discovery itself. Vulnerabilities are beginning to transform from "things that are hard to find" to "things that are found more quickly."
This document systematically organizes the structural shift implied by this change, the reality and limitations of AI-powered vulnerability diagnosis, and the criteria for companies to consider when implementing it in-house. Furthermore, based on the knowledge verified through our practical operations, it also explains practical issues such as "will it function if introduced?" and "where will it fail?".
This content serves as decision-making material for companies considering the introduction or in-house implementation of AI diagnosis, as well as those looking to review their current security systems.
Free White Paper Download
What Happened with Mythos? The Structure of Vulnerability Discovery is Beginning to Change
In April 2026, Anthropic announced "Claude Mythos Preview."
This announcement reported that AI autonomously explored vulnerabilities in widely used software such as OpenBSD and FreeBSD, discovering thousands of high-severity vulnerabilities.
What is noteworthy is that it included bugs that had not been found for many years and issues that had slipped through existing fuzzing and human review.
This is not merely an improvement in accuracy.
Until now, vulnerability discovery was something that a limited number of specialized personnel performed over time, but that premise is collapsing.
Vulnerabilities are beginning to transform from "things that are hard to find" to "things that are found more quickly."
This change affects not only the defense side but also the attack side simultaneously.
Since attackers can also accelerate their exploration,
Security is shifting from a competition of "can it be prevented?" to "how quickly can it be found and how quickly can it be responded to?".
Why We Handle This Theme
Our company is an offensive security team specializing in vulnerability discovery.
In addition to discovering zero-day vulnerabilities and advanced diagnostics, we have also been actively engaged in practical operations using generative AI for vulnerability detection since early stages.
In 2025, we discovered and reported 13 vulnerabilities in one week in a diagnostic project utilizing generative AI.
Based on such practical experience, we have verified both the possibilities and limitations of AI-driven vulnerability discovery.
This white paper evaluates the significance of Mythos based on these demonstrations and analyses.
Content Organized in This Document
This white paper systematically explains the following contents:
- What has changed since Mythos
- The reality and limitations of AI-driven vulnerability discovery
- Commonalities seen from industry verifications (AISLE, Xint)
- Direction of response companies should take
- Criteria for considering in-house implementation
- Design requirements for establishing in-house implementation
Free White Paper Download
AI Can Find Vulnerabilities—But That Alone Is Not Enough
Since Mythos, one thing has become clear.
AI can indeed find vulnerabilities.
On the other hand, many of the vulnerability candidates output by AI are not practical diagnostic results as they are.
For practical use, the following steps are indispensable:
- Exclusion of false positives
- Verification of exploitability
- Evaluation of impact scope
- Judgment of priority
The actual functionality of AI diagnosis depends on how these processes are designed.
In other words, what makes the difference is not the performance of the model, but the system design built around the model.
In this document, this design is organized as "Harness Engineering."
What is Harness Engineering?
Harness Engineering is a concept of designing the entire process—where to explore, how to verify, and how to evaluate results—before and after the AI model, rather than relying solely on the AI model's capabilities.
In vulnerability discovery, identifying attack surfaces, verifying candidates, and excluding false positives are indispensable steps. If AI is applied without designing these, a large number of candidates may be output, but the results are often unmanageable in practice.
In fact, in cases where the entire code is scanned without prior targeting, false positives increase, and the triage burden can become greater than before AI was introduced.
Therefore, in AI vulnerability diagnosis, the question is not "which model to use" but
"Claude Mythos," announced in April 2026, has reported that AI autonomously discovered thousands of high-severity vulnerabilities, fundamentally changing the premise of vulnerability discovery itself. Vulnerabilities are beginning to transform from "things that are hard to find" to "things that are found more quickly."
This document systematically organizes the structural shift implied by this change, the reality and limitations of AI-powered vulnerability diagnosis, and the criteria for companies to consider when implementing it in-house. Furthermore, based on the knowledge verified through our practical operations, it also explains practical issues such as "will it function if introduced?" and "where will it fail?".
This content serves as decision-making material for companies considering the introduction or in-house implementation of AI diagnosis, as well as those looking to review their current security systems.
Free White Paper Download
What Happened with Mythos? The Structure of Vulnerability Discovery is Beginning to Change
In April 2026, Anthropic announced "Claude Mythos Preview."
This announcement reported that AI autonomously explored vulnerabilities in widely used software such as OpenBSD and FreeBSD, discovering thousands of high-severity vulnerabilities.
What is noteworthy is that it included bugs that had not been found for many years and issues that had slipped through existing fuzzing and human review.
This is not merely an improvement in accuracy.
Until now, vulnerability discovery was something that a limited number of specialized personnel performed over time, but that premise is collapsing.
Vulnerabilities are beginning to transform from "things that are hard to find" to "things that are found more quickly."
This change affects not only the defense side but also the attack side simultaneously.
Since attackers can also accelerate their exploration,
Security is shifting from a competition of "can it be prevented?" to "how quickly can it be found and how quickly can it be responded to?".
Why We Handle This Theme
Our company is an offensive security team specializing in vulnerability discovery.
In addition to discovering zero-day vulnerabilities and advanced diagnostics, we have also been actively engaged in practical operations using generative AI for vulnerability detection since early stages.
In 2025, we discovered and reported 13 vulnerabilities in one week in a diagnostic project utilizing generative AI.
Based on such practical experience, we have verified both the possibilities and limitations of AI-driven vulnerability discovery.
This white paper evaluates the significance of Mythos based on these demonstrations and analyses.
Content Organized in This Document
This white paper systematically explains the following contents:
- What has changed since Mythos
- The reality and limitations of AI-driven vulnerability discovery
- Commonalities seen from industry verifications (AISLE, Xint)
- Direction of response companies should take
- Criteria for considering in-house implementation
- Design requirements for establishing in-house implementation
Free White Paper Download
AI Can Find Vulnerabilities—But That Alone Is Not Enough
Since Mythos, one thing has become clear.
AI can indeed find vulnerabilities.
On the other hand, many of the vulnerability candidates output by AI are not practical diagnostic results as they are.
For practical use, the following steps are indispensable:
- Exclusion of false positives
- Verification of exploitability
- Evaluation of impact scope
- Judgment of priority
The actual functionality of AI diagnosis depends on how these processes are designed.
In other words, what makes the difference is not the performance of the model, but the system design built around the model.
In this document, this design is organized as "Harness Engineering."
What is Harness Engineering?
Harness Engineering is a concept of designing the entire process—where to explore, how to verify, and how to evaluate results—before and after the AI model, rather than relying solely on the AI model's capabilities.
In vulnerability discovery, identifying attack surfaces, verifying candidates, and excluding false positives are indispensable steps. If AI is applied without designing these, a large number of candidates may be output, but the results are often unmanageable in practice.
In fact, in cases where the entire code is scanned without prior targeting, false positives increase, and the triage burden can become greater than before AI was introduced.
Therefore, in AI vulnerability diagnosis, the question is not "which model to use" but