Huo Xing Finance reports that on May 12, AI cybersecurity startup Depthfirst announced that its proprietary AI vulnerability discovery model identified multiple critical security vulnerabilities missed by Anthropic’s Mythos, claiming the overall cost is only one-tenth that of Mythos. Depthfirst CEO Qasim Mithani stated that by optimizing the model architecture for specific tasks, the company can accomplish work that would cost $10,000 with Mythos using just $1,000. Depthfirst also launched a new initiative called the “Open Defense Initiative,” offering a total of $5 million in credits to make its AI vulnerability detection tools available to enterprises and open-source developers for identifying code security issues. The article notes that one key vulnerability discovered by Depthfirst exists in NGINX, the world’s most widely used web server—a flaw that has persisted since 2008 and theoretically affects a vast number of websites globally. F5 Networks, responsible for maintaining NGINX, is expected to release a patch this week. Additionally, Depthfirst disclosed a critical vulnerability in the Linux system that could be exploited for remote code execution, which remains unpatched. Its model also identified multiple security issues in Google Chrome and the open-source multimedia framework FFmpeg, with the Chrome-related vulnerabilities already fixed by Google. The report highlights that as AI accelerates vulnerability discovery, the cybersecurity industry is entering an era of “simultaneous AI-driven offense and defense.” Previously, Anthropic revealed that its Claude model was used by a Chinese hacking group for cyberattacks, and Google warned this week that criminal groups have begun leveraging AI to develop “zero-day” exploit tools.
AI security firm Depthfirst discovers critical internet vulnerabilities at 10x lower cost than Anthropic
MarsBitShare
AI and crypto news firm Depthfirst uncovered critical internet vulnerabilities at one-tenth the cost of Anthropic. Its AI model identified high-risk issues that Anthropic missed. CEO Qasim Mithani said task-specific model design reduced costs from $10,000 to $1,000. The company also launched a $5 million “Open Defense Initiative” to share tools for code auditing. Among the flaws discovered was a security vulnerability in NGINX, which has been in use since 2008; F5 plans to release a patch. A Linux vulnerability remains unpatched. Issues in Chrome and FFmpeg were also found, with Chrome’s now fixed. Reports indicate AI is accelerating vulnerability discovery, marking cybersecurity’s transition into an “AI-driven offense and defense” phase.
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.

