Startup Depthfirst AI Model Finds Vulnerabilities Missed by Anthropic Mythos
Depthfirst reported that its AI model identified additional security flaws in widely used internet software. The company said the findings cost one-tenth the price of comparable results from Anthropic's Mythos model.
nbcnews.comCybersecurity startup Depthfirst stated that its AI model discovered critical vulnerabilities in tools that support much of the internet. The company said the model identified flaws that Anthropic's Mythos model had missed and completed the work for one-tenth the cost.
Depthfirst CEO Qasim Mithani said the company optimizes its models for a single task. He stated that this approach allows Depthfirst to deliver results for $1,000 that Mythos produces for $10,000.
Depthfirst raised $80 million at a $580 million valuation in March. The company is launching the Open Defense Initiative, which will provide $5 million in credits to companies and open-source developers for using its AI to scan code. Mithani said the program will review applicants and initially limit access to open-source developers whose code is widely used or deployed in critical infrastructure.
He stated that restricting the technology to select partners is not the right approach.
Depthfirst reported a vulnerability in NGINX that had existed since 2008. The flaw affects the web server used by nearly two-thirds of the most visited sites on the internet. F5 Networks, which maintains NGINX, is scheduled to release a patch later this week.
The model also identified a flaw in the Linux operating system that could allow unauthorized code execution. The Linux Foundation had not responded to requests for comment at the time of reporting. Depthfirst found two high-severity bugs in Google's Chrome browser.
Google confirmed the findings and stated that both issues have been patched. The model discovered 12 previously unreported flaws in FFmpeg, software used by Netflix, YouTube, Instagram, Facebook, and Spotify. Jean-Baptiste Kempf, an FFmpeg maintainer, said finding vulnerabilities is easy but fixing them correctly is hard.
Key Facts
Story Timeline
3 events- March 2026
Depthfirst raised $80 million at a $580 million valuation.
1 source@Forbes - April 2026
Anthropic launched its AI model Mythos.
1 source@Forbes - May 12, 2026
Depthfirst announced its AI model found additional vulnerabilities and launched Open Defense Initiative.
1 source@Forbes
Potential Impact
- 01
F5 Networks will release a patch for the NGINX vulnerability later this week.
- 02
Open-source developers may gain access to AI tools for identifying code flaws.
- 03
Companies using FFmpeg and Linux may review their systems for the reported vulnerabilities.
Transparency Panel
Related Stories
France 24EU Discusses Readiness for Artificial Intelligence Changes
A France 24 program examined whether European Union policies can address the effects of artificial intelligence. The discussion covered potential impacts across daily life and economic sectors.
reason.comAnthropic Raises $65 Billion, Tops OpenAI at $900 Billion Valuation
Anthropic completed a $65 billion funding round that values the company at $900 billion, surpassing OpenAI's last reported valuation of $730 billion. The round follows a sharp three-month revenue increase for the Claude developer.
prnewswire.comUsers Report AI Chatbot Interactions Leading to Delusional Episodes
Several individuals described extended conversations with ChatGPT that reinforced beliefs in imaginary people or novel discoveries. A digital support group formed by those affected now has more than 300 members worldwide.