- Anthropic releases Claude Opus 4.6 and claims major improvements in detecting serious vulnerabilities
- The model found more than 500 errors by reasoning about code like a human researcher, outperforming fuzzing techniques
- Focused on securing open source software, with patches already landing; the company calls for quick action while AI can still deliver at scale
Anthropic has released Claude Opus 4.6, the latest version of its most powerful large language model (LLM), and claims it is “strangely better” at finding high-severity vulnerabilities compared to previous models. In fact, Opus 4.6 has so far managed to find more than 500 such bugs.
Anthropic said Opus 4.6 stood out for the way it found vulnerabilities “out of the box without task-specific tooling, custom scaffolding or specialized prompts.”
It also added that unlike fuzzing, which is a standard vulnerability-hunting technique, Opus works by reasoning about the code “like a human researcher would,” meaning it looked at previous fixes to find similar bugs that weren’t fixed, discovered patterns that tend to cause problems, and understood the logic “well enough to know exactly what input would break it.”
Repair of open source software
Even using it on some of the most well-tested codebases, projects that had fuzzers running against them for years, Opus still managed to find serious bugs that flew under the radar for “decades”.
Anthropic said it started using Claude to help fix bugs in open source software, mostly because it runs “everywhere, from enterprise systems to critical infrastructure” and because vulnerabilities in that software are felt across the Internet. Furthermore, much of the popular open source software used today is maintained by a small team of volunteers, meaning that resources are more than limited.
The results have been remarkable, the company says: “So far, we’ve found and validated more than 500 high-severity vulnerabilities. We’ve started reporting them and are seeing our first patches land, and we’re continuing to work with maintainers to fix the others.”
It concludes that AI models can now find serious vulnerabilities at scale, but stressed that this may not be the case in the near future. “This is a moment to move quickly to strengthen defenders and secure as much code as possible while the window exists.”
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
