> One of the vulnerabilities Claude found, the company said, was a 27-year-old bug in OpenBSD, an open-source operating system that was designed to be difficult to hack. Many internet routers and secure firewalls incorporate OpenBSD’s technology. Another was a longstanding issue in a piece of popular video software that automated testing tools had scanned five million times, without finding any problems.

“This model is good at finding vulnerabilities that would be well understood and findable by security researchers,” Mr. Graham said. “At the same time, it has found vulnerabilities, and in some cases crafted exploits, sophisticated enough that they were both missed by literally decades of security researchers, as well as all the automated tools designed to find them.”