I hope you’ve already read it. If you haven’t, remedy that immediately.

I’m referring to the announcement with which Anthropic revealed, last April, Claude Mythos Preview: a model so capable of finding - and exploiting on its own - software flaws that the company decided not to release it to the public for two months, reserving it for a working group called Project Glasswing alongside Apple, Google, Microsoft, NVIDIA, the Linux Foundation, and a dozen other names that manage pieces of the world’s critical infrastructure.

Mythos dug up a bug in OpenBSD that had been sitting there, undisturbed, for 27 years. One in FFmpeg - the library that decodes practically every video you watch - 16 years old, having survived every fuzzer and every human being who had laid eyes on that code. One in FreeBSD that allowed remote takeover of a machine, there for 17 years. And a flaw in wolfSSL (CVE-2026-5194), one of the most widely used cryptographic libraries, which made it possible to forge certificates.

Software that generations of engineers had considered solid. Open code, inspected, re-read thousands of times. And a model passes over it and finds in a few days what no one had seen in a quarter of a century.

The conclusion that several cybersecurity experts are reaching is simple: today very few things can be considered truly secure. Maybe Bitcoin. And perhaps IPv4 - the old protocol that for 40 years we’ve kept declaring dead and that continues, unfazed, to make the Internet work. The only things that hold up seem to be those that are old, simple, and battle-tested to the point of boredom.

Everything else is an attack surface just waiting for the right model.

The case that made the most noise arrived in the first days of June and concerns Zcash.

A security engineer, Taylor Hornby, hired by the nonprofit Shielded Labs, was reviewing the Orchard circuit - the zk-SNARK core that makes Zcash transactions “shielded,” meaning private. To do so he used Claude Opus 4.8. Together they found what no cryptographer had noticed in four years: a circuit element not properly constrained, which allowed false inputs to pass through a cryptographic verification and mint counterfeit ZEC inside the shielded pool. Without leaving any on-chain trace.

In plain terms: the ability to create money out of thin air. Hornby built a working proof of concept that minted fake ZEC in a test environment.

The developers rushed to fix it with an emergency fork that disabled Orchard. But one skin-crawling detail remains: no one can cryptographically prove that the bug was never exploited during the four years it remained open. Supply integrity simply cannot be verified retroactively. The market did its math fast: ZEC lost about 38% in a single day.

The Orchard case is the loudest, but it’s also just the latest in a series. It’s not even the first time this has happened to Zcash this year: two months earlier, in March, another researcher - Alex Sol, again with AI assistance - had found a separate flaw in the old Sprout pool, which allowed nodes to skip proof verification entirely, putting roughly 25,000 ZEC (just over $6 million) at risk. Same shitcoin, two holes in three months.

In February Octane, a company that does AI-powered auditing, flagged a high-severity bug in Nethermind, one of the clients that runs approximately 40% of Ethereum’s validators: a malformed transaction was enough to bring them down. The Ethereum Foundation paid a $50,000 bounty.

Then there’s the front of actual smart contracts. In a red teaming study published in May, Anthropic’s agents - powered by Claude Sonnet 4.5 and GPT-5 - combed through thousands of smart contracts deployed on BNB Chain. Among them they found a token launch service that didn’t validate the address to which fees were sent: in practice, anyone could drain them. Roughly four days later a human attacker independently found and exploited the exact same flaw.

For now the hauls from these experiments are small - a few hundred or thousand dollars. But today’s figure matters little; what matters is the direction. The founder of OpenZeppelin, one of the leading audit firms in the industry, said it without mincing words at the end of May: agents that write code are «superhuman at finding vulnerabilities». Every protocol that packages complex logic - abstruse consensus rules, layered cryptographic circuits, smart contracts with thousands of lines of state - is an expanse of code that a model can explore tirelessly, twenty-four hours a day, without getting bored and without any marginal cost worth mentioning.

At this point the question asks itself. If AI is cracking shitcoins open like tin cans, why is Bitcoin’s base layer still there, untouched?

The answer is almost embarrassingly simple: because Bitcoin, at its foundational layer, is intentionally dumb software.

Its scripting language - in jargon - is Forth-like, stack-based and, above all, not Turing-complete. Every script terminates in a limited and predictable amount of time. An entire family of opcodes - those that allowed multiplications, concatenations, bit manipulations - was disabled in 2010, in Satoshi’s era, out of fear they might contain bugs. The philosophy was clear: the fewer things the language can do, the fewer ways there are to break it.

This doesn’t mean Bitcoin was born perfect. There was one serious bug, and it’s instructive. On August 15, 2010, someone generated a transaction that created 184 billion bitcoin out of thin air. The difference from Zcash lies in how it ended: the flaw was identified and a patch published within five hours, the “good” chain overtook the inflated one within a few dozen blocks, and nothing remained of those phantom billions. Since then, nothing comparable.

For years this frugality was critics’ favorite target. Bitcoin’s language is too limited, they said. You can’t build anything interesting on it - no DeFi, no complex contracts. Digital gold, fine, but programmable money, no. Ethereum was born explicitly to overcome that limit, with a Turing-complete virtual machine capable of running anything.

And anything, indeed, they ran on it. Including the mistakes. The DAO, in 2016, lost 3.6 million ETH and forced Ethereum into a hard fork that split the community into two chains. Since then the world of smart contracts has been an open-air shooting range: according to Chainalysis, between 2021 and 2025 exploits siphoned off something like $12-15 billion, almost entirely from programmable platforms and DeFi protocols.

The complexity that was supposed to be the competitive advantage turned out to be the debt. Every additional function is one more line that can go wrong, every additional opcode is one more move an adversary can play, every additional contract is one more door to guard. The more things a system can do, the more ways there are to bring it down.

Until now this bill was presented by human hackers - slow, expensive, able to afford studying one target at a time. Now the auditor doesn’t get tired, doesn’t sleep, works in parallel on ten thousand contracts, and improves with every version.

“Once version 0.1 was released, the core design was set in stone for the rest of its lifetime,” Satoshi wrote in 2010. At the time, to some it might have sounded like a limitation; today, stone is exactly the place under which you’d want to hide your savings.