- Anthropic releases Claude Opus 4.6, claiming major improvements in detecting high-severity vulnerabilities
- Model found 500+ flaws by reasoning about code like a human researcher, outperforming fuzzing techniques
- Focused on securing open-source software, with patches already landing; company urges rapid action while AI can still deliver at scale
Anthropic has released Claude Opus 4.6, the latest version of its most powerful large language model (LLM), and claims it is “notably better” at finding high-severity vulnerabilities compared to previous models. In fact, Opus 4.6 has so far managed to find more than 500 such flaws.
Anthropic said Opus 4.6 stood out with the way it found vulnerabilities “out of the box without task-specific tooling, custom scaffolding, or specialized prompting.”
It also added unlike fuzzing, which is a standard vulnerability hunting technique, Opus works by reasoning about the code “the way a human researcher would”, meaning it was looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that tend to cause problems, and was understanding logic “well enough to know exactly what input would break it.”
Fixing open-source software
Even using it on some of the most well-tested codebases, projects that had fuzzers running against them for years, Opus still managed to find high-severity flaws that were flying under the radar for “decades”.
Anthropic said it started using Claude to help fix flaws in open-source software, mostly because it runs “everywhere, from enterprise systems to critical infrastructure”, and because vulnerabilities in this software are felt across the internet. Furthermore, much of the popular open-source software in use today is maintained by a small team of volunteers, meaning resources are more than limited.
The results have been notable, the company says: “So far, we’ve found and validated more than 500 high-severity vulnerabilities. We’ve begun reporting them and are seeing our initial patches land, and we’re continuing to work with maintainers to patch the others.”
It concludes that AI models can now find high-severity vulnerabilities at scale, but stressed that it might not be the case in the near future. “This is a moment to move quickly to empower defenders and secure as much code as possible while the window exists.”
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/g4rSJo2KyoM42vGic5MGrn-1920-80.png
Source link
