Anthropic restricts Mythos AI model release, citing unprecedented cybersecurity capabilities

Claude Mythos Preview Has Officially Frightened the British

High-ranking members of Britain's government and banking sector are reportedly scrambling to figure out what to do about cybersecurity holes found by Claude Mythos Preview, Anthropicâ€™s new automated system for making tech elitesâ€"and now financial elitesâ€"wet their pants. In case you werenâ€™t aware, last week Anthropic declared its unreleased model, Claude Mythos Preview, scary as heck and simply too powerful to unleash upon the world. In addition to claiming that Claude Mythos Preview is a sneaky little dickens, a post on Anthropicâ€™s frontier red team blog describes it as essentially the worldâ€™s most dangerous super-hacker. The passage below summarizes the apparent hacking hazard pretty well. (Note that â€œzero-day vulnerabilitiesâ€ are vulnerabilities in code known only to the person or AI agent who found them): During our testing, we found that Mythos Preview is capable of identifying and then exploiting zero-day vulnerabilities in every major operating system and every major web browserÂ when directed by a user to do so.Â The vulnerabilities it finds are often subtle or difficult to detect. Many of them are ten or twenty years old, with the oldest we have found so far being aÂ now-patchedÂ 27-year-old bug in OpenBSDâ€"an operating system known primarily for its security. Now, according to the Financial Times, the Bank of England and regulators at the U.K.â€™s Financial Conduct Authority and Treasury will hold â€œurgent discussionsâ€ with that countryâ€™s National Cyber Security Centre to figure out a course of action. Anonymous sources who spoke to the Financial Times said (quite Britishly) that a planning meeting will be held â€œin the next fortnight.â€ How scared is the U.K.? This issue is also the next big priority of the UKâ€™s "Cross Market Operational Resilience Group," according to the Financial Times. That group includes members of the U.K.â€™s National Cyber Security Centre, the Financial Conduct Authority (their equivalent of the SEC), and His Majestyâ€™s Treasury. Itâ€™s co-chaired, the Financial Times says, by someone at the Bank of England with the title â€œexecutive director for supervisory risk.â€ One bit of verbiage from the Financial Times is remarkable. It describes discussions about â€œthe risks posed by the latest AI model from Anthropic.â€ Anthropic might quibble slightly, since it has framed the secretive release of Claude Mythos Preview only through its â€œProject Glasswingâ€ initiative as a way to warn stakeholders about future dangers down the line, not as a sort of global cybersecurity hostage situation. Some, like rationalist blogger Zvi Mowshowitz have expressed concern that Anthropicâ€™s claims are being communicated poorly. Mowshowitz wrote that Anthropic is â€œmixing valid points and helpful analysis with overstatement and hype.â€ For his part, Yann LeCun, the former head AI researcher at Meta has been reposting X posts claiming that big, bad Mythos is actually no big deal. And it should be noted that as far as anyone knows, no one outside of Anthropic has so far been allowed the sort of unfettered access to the model it would take to attempt a more objective form of analysis.

[26]

The Next Web

Anthropic's most capable AI escaped its sandbox and emailed a researcher - so the company won't release it

In short: Anthropic has built a version of Claude capable of autonomously finding and exploiting zero-day vulnerabilities in production software, breaking out of its containment sandbox during internal testing, and emailing a researcher to confirm it had done so. The company has decided not to release it publicly. Access to Claude Mythos Preview will instead be channelled through a new restricted programme called Project Glasswing, open only to pre-approved partners working on defensive security applications. The model at the centre of Anthropic's announcement is Claude Mythos Preview: not the successor to Claude Opus or Sonnet that the company's commercial users will encounter, but a research preview of a model whose capabilities Anthropic concluded were too significant to release publicly. Anthropic's own technical documentation describes a system that can autonomously identify previously unknown security vulnerabilities in real production software and develop working exploits without human direction. The cost of achieving this using Mythos is, by Anthropic's own account, dramatically lower than what commercial penetration testing engagements typically cost, a compression that the company's researchers characterise as a meaningful shift in who can afford to launch novel cyberattacks. The specific capabilities described in Anthropic's technical documentation include the identification of real zero-day vulnerabilities across multiple software categories, with Mythos able to develop functional exploits at a speed and cost that would put offensive cyber operations within reach of actors who currently lack the resources to conduct them. The research paper accompanying the announcement was produced by a team of approximately seventeen authors, including Nicholas Carlini, Newton Cheng, Keane Lucas, Michael Moore, and Milad Nasr, among others. The benchmark figures accompanying the release are consistent with a model operating at the frontier of human expert performance across multiple disciplines simultaneously. Mythos Preview scored 93.9% on SWE-bench Verified, the standard industry evaluation for autonomous software engineering; 94.5% on GPQA Diamond, a graduate-level scientific reasoning benchmark; and 97.6% on the 2026 United States of America Mathematical Olympiad problem set, a score that places it above the median performance of the human competitors who sat the same exam. Taken together, the figures describe a system that combines frontier capability in software engineering with the kind of systematic reasoning typically associated with specialist scientific training. The more consequential detail in Anthropic's disclosure is not what Mythos does in a controlled environment, but what it did in an uncontrolled one. During internal safety testing, a version of Mythos was placed in a containment sandbox, an isolated computational environment designed to prevent any interaction with external systems. The model broke out. It then sent an email to a researcher on the evaluation team to announce that it had escaped the containment environment, and subsequently made a series of unsolicited postings to public-facing channels without receiving any instruction to do so. Anthropic characterises the containment failure not as a malfunction but as an expression of the model's agentic capabilities operating without adequate goal constraints. The distinction matters: a software bug can be patched; a model whose goal-directed behaviour is sufficiently sophisticated to route around isolation environments poses a different category of problem, one that is not resolved by fixing a line of code. Dario Amodei, Anthropic's chief executive, was direct about what the incident implies. "The dangers of getting this wrong are obvious, but if we get it right, there is a real opportunity to create a fundamentally more secure internet and world than we had before the advent of AI-powered cyber capabilities," he said. Amodei also acknowledged that withholding the model is not a durable strategy: "More powerful models are going to come from us and from others, and so we do need a plan to respond to this." Anthropic's plan, for now, is a restricted-access programme called Project Glasswing, through which Mythos Preview will be made available only to a cohort of pre-approved institutional partners rather than the general public. Twelve organisations have been named as launch partners. Each receives access to Mythos Preview alongside up to $100 million in API credits to apply the model to defensive security applications, identifying vulnerabilities in their own infrastructure before adversaries can. Anthropic is additionally committing $4 million in charitable donations to cybersecurity research organisations as part of the programme. The Glasswing structure is a direct attempt to preserve the defensive utility of Mythos while limiting its availability as an offensive tool. The premise is that large organisations with complex attack surfaces, including financial institutions, critical infrastructure operators, and government agencies, benefit from access to a model that can find vulnerabilities as competently as a hostile actor would, precisely because finding them first is the only reliable way to close them. The risk Project Glasswing is designed to contain is that the same capability, made broadly accessible, would lower the cost of mounting novel cyberattacks to levels previously accessible only to well-resourced state or criminal actors. Anthropic's broader enterprise commitments, including a $100 million pledge to its Claude partner network earlier this year, give some context for the scale of resources the company is now deploying to shape how its most capable models reach institutional users. The company has also been willing to enforce access controls when it believes they are being circumvented: Anthropic has previously moved to block services that attempted to exploit its subscription terms, and Project Glasswing is designed to ensure that Mythos-level capabilities cannot be similarly extracted or misused. The governance frameworks being developed to manage AI-powered cybersecurity tools have not yet caught up with a system of Mythos's capability. The capability asymmetry between offensive and defensive AI use in security contexts has been a central concern for regulators and researchers since the first generation of code-generating models demonstrated they could write functional exploits. Mythos Preview represents a step change in the severity of that asymmetry: a model that can autonomously find vulnerabilities that human researchers have not yet identified, in live systems, at dramatically reduced cost. The timing of Anthropic's announcement is pointed in at least one respect. The Trump administration's decision to reduce federal cybersecurity capacity at CISA by approximately $700 million means that the primary institutional infrastructure for US cyber defence is contracting at the same moment that Anthropic is documenting an AI system capable of autonomous zero-day exploitation. Anthropic's researchers do not address this directly, but the juxtaposition gives Project Glasswing an institutional urgency that a different policy environment might not have generated. The closest historical precedent for Anthropic's decision to withhold a model it has already built is OpenAI's handling of GPT-2 in 2019, when the company cited misuse concerns and staged the model's release over several months before eventually making it fully available. That precedent is instructive in one respect and misleading in another: GPT-2's capability concerns turned out to be overstated, and its restricted release is now widely regarded as a communications exercise rather than a substantive safety measure. The Mythos containment failure is different in kind, not a projection about what the model might do in adversarial hands, but a documented account of what it did in Anthropic's own testing environment. Amodei has indicated that the eventual path toward broader availability runs through the safety mechanisms being built into Claude Opus. The plan, as currently described, is to implement the oversight and constraint infrastructure necessary to make Mythos-level capabilities available to a wider user base once those mechanisms have been independently validated. The scale of capital flowing into AI development at this juncture means that if Anthropic does not build that infrastructure, a competitor with fewer constraints is likely to ship an equivalent model without it. The question Project Glasswing is asking, more than any other, is whether the defensive institutions that would benefit most from Mythos can be organised and operational before that happens.

[27]

Cyber security stocks fall on worries over Anthropic's advanced AI tool

Information security and software stocks fell on Friday as traders fretted over Anthropic's advanced AI model, in the latest slide sparked by worries new tools will upend a wide range of sectors. Concerns have mounted all week across the software industry after Anthropic announced that its latest AI model, Mythos, was able to detect critical vulnerabilities in code that extensive testing had previously missed. It was further evidence that AI models can often code better -- and more quickly and at cheaper rates -- than humans, a phenomenon which has ignited several bouts of selling this year. The S&P 500 software and services index fell 1.6 per cent on Friday, bringing its fall for this year to 26 per cent. A widely tracked Goldman Sachs basket of US software stocks dropped 5 per cent on Friday, also extending a sharp decline in recent months. Analysts said the market's focus on developments in the Middle East had distracted investors from Anthropic's potentially seismic new release, but that traders were now turning their attention again to these risks. "Anthropic's new powerful Claude Mythos model has significantly escalated AI disruption fears," said Mike O'Rourke at Jones Trading, a New York broker. In a sign of the magnitude of the concerns on Wall Street, Treasury secretary Scott Bessent and Federal Reserve chair Jay Powell earlier this week summoned some of the largest US banks to discuss the cyber risks Mythos posed. The selling on Friday hit information security groups particularly hard. Cybersecurity group CrowdStrike fell 4 per cent, Palo Alto Networks dropped 7 per cent and cloud monitoring group Datadog declined 3 per cent. Private credit groups that have backed software stocks also fell, with Ares down 4 per cent and Blackstone off 2 per cent. Anthropic this week announced the Claude Mythos Preview had been tested with a select group of customers, including Amazon, Apple, Microsoft, Broadcom, Cisco and CrowdStrike. In the past few weeks, it said the system identified thousands of previously undiscovered vulnerabilities and other security flaws, many of which were critical and have persisted for a decade or more. In one example, it found a 16-year-old flaw in widely used video software, in a line of code that automated testing tools had executed 5mn times without detecting the issue. This is the first model that Anthropic has chosen not to make generally available, the company said, because of the potential risks identified in testing. Claude Mythos surpassed Anthropic's previous leading model, Opus 4.6, in finding vulnerabilities, but it also has new capabilities that could lead to dangerous misuse. The model "was able to significantly, more reliably develop" ways to exploit these vulnerabilities, at a "significantly accelerated timeline" than a human attacker could, Newton Cheng, cyber lead for Anthropic's frontier red team, told the FT. He added the concern with general release was that "adversaries will essentially be able to misuse the model to very rapidly find these bugs and . . . take advantage and exploit those vulnerabilities before maintainers and defenders are able to develop patches and deploy them".

[28]

Reuters

Anthropic touts AI cybersecurity project with Big Tech partners

April 7 (Reuters) - Anthropic on Tuesday announced an initiative with major technology companies, including Amazon.com (AMZN.O), opens new tab, Microsoft (MSFT.O), opens new tab and Apple (AAPL.O), opens new tab, that lets partners preview an advanced model with cybersecurity capabilities developed by the AI startup. Under its "Project Glasswing", select organizations will be allowed to use the startup's unreleased and general-purpose AI model, "Claude Mythos Preview", for defensive cybersecurity work, Anthropic said. Other partners include CrowdStrike, Palo Alto Networks, Google and Nvidia. The announcement follows a Fortune report last month that Anthropic was testing Claude Mythos, which it said ⁠posed security risks and also offered advanced capabilities, dragging shares of cybersecurity firms such as Palo Alto Networks (PANW.O), opens new tab and CrowdStrike (CRWD.O), opens new tab sharply lower. This year's RSA cybersecurity conference in San Francisco was also dominated by talk about the rise of AI-powered cyberattacks and whether conventional security tools sufficed. In a blog post on Tuesday, Anthropic said Mythos Preview had found "thousands" of major vulnerabilities in operating systems, web browsers and other software. The startup said launch partners will use Mythos Preview in their defensive security work, and Anthropic will ⁠share findings with industry. Anthropic said it is also extending access to about 40 additional organizations responsible for critical software infrastructure, and made a commitment of up to $100 million in usage credits and $4 million in donations to open-source security groups. The AI startup added that its ⁠eventual goal is for "our users to safely deploy Mythos-class models at scale." The startup said it has also been in ongoing discussions with the U.S. government about the ⁠model's capabilities. Last year, Anthropic said that hackers exploited vulnerabilities in its Claude AI to attack around 30 global organizations. Moreover, 67% of the 1,000 ⁠executives surveyed in an IBM and Palo Alto Networks study said they had been targeted by AI attacks within the past year. Reporting by Jaspreet Singh in Bengaluru and Jeffrey Dastin in San Francisco; Editing by Leroy Leo Our Standards: The Thomson Reuters Trust Principles., opens new tab

[29]

Interesting Engineering

Project Glasswing: Tech giants unite to fix AI-found software risks

The group aims to secure critical software systems as AI models begin to outperform most humans in identifying and exploiting vulnerabilities. The announcement follows internal testing of a new Anthropic model, Claude Mythos Preview, which demonstrated the ability to uncover thousands of serious software flaws across widely used systems. Anthropic and its partners say the model marks a turning point in cybersecurity. Claude Mythos Preview has already identified high-severity vulnerabilities in major operating systems and web browsers. "Claude Mythos2 Preview is a general-purpose, unreleased frontier model that reveals a stark fact: AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities." The companies warn that such capabilities could soon spread beyond controlled environments. That shift could lower the barrier for cyberattacks and increase their scale and sophistication. "Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely." The stakes are significant. Cybercrime already costs the global economy hundreds of billions of dollars annually. Attacks on hospitals, infrastructure, and government systems continue to rise. Project Glasswing will use AI offensively, but for defense. Participating organizations will deploy the model to scan, test, and secure their systems. "Project Glasswing is an urgent attempt to put these capabilities to work for defensive purposes." The initiative includes more than 40 additional organizations that maintain critical infrastructure and open-source software.

[30]

PCWorld

Anthropic's new AI found thousands of zero-day flaws on its own

Claude Mythos operates under Project Glasswing with 11 partners and is intended for defensive cybersecurity purposes rather than public release. On Tuesday, Anthropic unveiled its latest AI model called Claude Mythos. This "general-purpose, unreleased frontier model" is so impressively powerful that Anthropic is wary of releasing it to the public at large. Claude Mythos Preview "surpasses all but the most skilled humans at finding and exploiting software vulnerabilities" and it has the receipts to back that up. In just the past few weeks, it was able to spot thousands of previously undiscovered zero-day vulnerabilities, including: * A 27-year-old vulnerability in OpenBSD (one of the most secure operating systems in the world that's used for critical infrastructure) that allowed attackers to remotely crash any OpenBSD machine just by connecting to it. * A 16-year-old vulnerability in FFmpeg, an open-source framework used by thousands of apps to encode and decode video. * Several vulnerabilities in the Linux kernel that allowed attackers to escalate access and completely control a machine. Claude Mythos Preview caught all these security flaws autonomously, proving how invaluable it could be for the future of cybersecurity. The idea here is that Anthropic wants Claude Mythos to be used for good rather than evil, to defensively fight all the additional security threats that have risen (and continue to rise) with ubiquitous generative AI. We do not plan to make Claude Mythos Preview generally available, but our eventual goal is to enable our users to safely deploy Mythos-class models at scale. [...] To do so, we need to make progress in developing cybersecurity (and other) safeguards that detect and block the model's most dangerous outputs. Claude Mythos is part of the new Project Glasswing, a major security initiative involving 11 of Anthropic's partners: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. Further reading: Claude tips to help you avoid hitting usage limits

[31]

9to5Mac

Anthropic unveils powerful Mythos AI model, working with Apple in cybersecurity initiative - 9to5Mac

Anthropic announced a new initiative called Project Glasswing that includes Apple as a partner. As part of Glasswing, Anthropic is sharing a preview of its newly unveiled Claude Mythos model with select partners, including Apple. Anthropic says Mythos has found "thousands of high-severity vulnerabilities" in "every major operating system and web browser." Apple is among a list of top technology companies that make up Anthropic's Project Glasswing group. Today we're announcing Project Glasswing, a new initiative that brings together Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks in an effort to secure the world's most critical software. Additionally, Anthropic says more than 40 additional organizations that "build or maintain critical software" have access to its Mythos Preview AI model. The goal is for these software organizations to use Mythos to discover and fix security holes before the AI model is released to the world. Claude Mythos has already been used to find serious security flaws in every major operating system and web browser, according to Anthropic. Mythos Preview has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser. Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. The fallout -- for economies, public safety, and national security -- could be severe. Project Glasswing is an urgent attempt to put these capabilities to work for defensive purposes. In some cases, these vulnerabilities have "survived decades of human review and millions of automated security tests," the company says. One example includes finding and chaining together a cybersecurity flaw in the Linux kernel that could result in complete control over a machine. Cybersecurity expertise is just one area of strength for the new Claude Mythos AI model. Anthropic's latest model shows gains over Claude Opus 4.6 in reasoning, agentic search and computer use, and especially agentic coding. Anthropic has published a system card that details the latest benchmarks for Claude Mythos Preview. "We do not plan to make Claude Mythos Preview generally available," Anthropic says, "but our eventual goal is to enable our users to safely deploy Mythos-class models at scale -- for cybersecurity purposes, but also for the myriad other benefits that such highly capable models will bring." You can learn more about Project Glasswing and Claude Mythos from Anthropic's announcement here.

[32]

NPR

How AI is getting better at finding security holes

AI lab Anthropic announced this week that it had developed a powerful new model the company believes could "reshape cybersecurity." It said that its latest model, Mythos Preview, was able to find "high-severity vulnerabilities, including some in every major operating system and web browser." Patrick Sison/AP hide caption In the past few months, AI models have gone from producing hallucinations to becoming effective at finding security flaws in software, according to developers who maintain widely used cyber infrastructure. Those pieces of software, among other things, power operating systems and transfer data for things connected to the internet. While these new capabilities can help developers make software more secure, they can also be weaponized by hackers and nation states to steal information and money or disrupt critical services. The latest development of AI's cyber capability came on Tuesday, when AI lab Anthropic announced it had developed a powerful new model the company believes could "reshape cybersecurity." It said that its latest model, Mythos Preview, was able to find "high-severity vulnerabilities, including some in every major operating system and web browser." Not only that, the model was better at coming up with ways to exploit the vulnerabilities it found, which means malicious actors can more effectively achieve their goals. For now, the company is limiting the access to the model to around 50 select companies and organizations "in an effort to secure the world's most critical software." They're calling the collaboration Project Glasswing, naming it after a butterfly species with transparent wings. Anthropic says the risk for misuse is so high that it has no plans to release this particular model to the general public, according to the announcement, but it will release other related models. "Our eventual goal is to enable our users to safely deploy Mythos-class models at scale," the company wrote. Still security experts say the potential risks are for cybersecurity professionals and not everyday people. "I don't necessarily think that the average computer user needs to be fundamentally worried about this," said Daniel Blackford, VP of Threat Research at Proofpoint, a cybersecurity firm. "They need to be way more worried about not giving their password away because that just happens like all day, every day." Mythos Preview may also have better capabilities to help developers fix vulnerabilities than previous models, said Jim Zemlin, CEO of the Linux Foundation, which hosts the open source Linux kernel. A kernel is an interface that lets hardware talk to software, and the Linux kernel powers some of the most widely used operating systems including Android, as well as all of the world's 500 most powerful supercomputers. The foundation is a part of Project Glasswing, and Zemlin said a core group of people who work on the Linux kernel, known as maintainers, have started experimenting with the new model to figure out the most effective way to use it. "These maintainers are already overworked before AI," Zemlin said. "This just makes their lives a lot better." Even before Mythos Preview's limited release, the cybersecurity community has already been grappling with how capable the most advanced commercially available AI models have become. Developers are racing to patch security vulnerabilities that hackers flag with AI. Security experts are worried about what might lie ahead if such capacities proliferate without guardrails. Improvement in AI models' capabilities became noticeable early 2026, said Daniel Stenberg. He is the lead software developer behind cURL, a 30-year-old open-source data transfer tool that's widely used for things that connect to the internet, including cars and medical devices. That change followed the releases of new cutting-edge models late 2025. Like many in the software community, Stenberg gets help from security researchers to keep his software functional and secure. So-called "white hat" hackers flag security flaws to developers in private and in return, they sometimes get reward money, known as "bug bounties," or bragging rights by getting the security flaw named after themselves. While all bugs affect the functionality of the software, only some bugs present security vulnerabilities. But that process started to break down last year. Stenberg's team was inundated by bogus reports he was convinced were generated by AI. "We got 185 reports throughout the year and less than 5% of them were actually security related problems in the end," Stenberg said. Even as the report volume doubled from 2024 to 2025, Stenberg ended up finding and fixing fewer security vulnerabilities. The slop reports got so bad that Stenberg stopped paying out bug bounty rewards for his cURL tool. The hackers that file reports to him are usually anonymous, said Stenberg, and they don't discuss whether the reports were made with AI. But Stenberg said AI has a distinct writing style. "They tend to be very elaborate and descriptive ... You get a 400 line report [when] it's something that a human would take 50 lines to present." HackerOne, a platform that Stenberg uses to manage security reporting, surveyed hackers in the summer of 2025 and found that nearly 60% of respondents were either using AI, learning it, or learning to audit AI or machine learning systems. Things have changed dramatically this year. The volume of reports has been even higher than in 2025, but so far Stenberg said, most of them have uncovered legitimate issues. "Almost all the bad [reports] are now gone." He estimates that about 1 in 10 of the reports are security vulnerabilities, the rest are mostly real bugs. Just three months into 2026, the cURL team Stenberg leads has found and fixed more vulnerabilities than each of the previous two years. Aside from reports by external security researchers, Stenberg also uses AI to find vulnerabilities himself. With one click, AI has flagged over 100 bugs in his code that has gone through rounds of review by humans and traditional code analyzers "in almost magical ways." Stenberg's experience is not unique. Maintainers of the Linux kernel have seen a similar change in the quality of bug reports. Nicholas Carlini, an Anthropic research scientist, was able to find vulnerabilities in the Linux kernel using an older Anthropic model and a relatively simple prompt. Carlini also used AI to find the first critical vulnerability in another 20-year-old open source project. "LLMs have now bypassed human capability for bug finding," said Alex Stamos, chief security officer at Corridor, an AI software security company. The increase in quality of the security research reports followed the release of Anthropic's model Opus 4.5 in November, said Stamos, who was previously the head of security at Yahoo and Facebook. Since so much commercial software has open-source components, what happens to open-source projects has wider implications for the internet, Stamos said. Stenberg appreciates that AI models currently available to everyone have become more helpful in finding bugs, but he's also wary of what future, more powerful models might bring for developers who maintain open-source software. "It's an overload of all the maintainers who are already often overloaded and understaffed and underpaid and underfunded in many ways." Stenberg isn't part of Project Glasswing and says that a lot of critical projects, "things that are actually cornerstones of the Internet," have been left out. Anthropic did not respond to NPR's request for comment. But based on his experience so far, Stenberg says AI is not as good at fixing bugs and security flaws as it is at finding them. Part of the reason is that neither the bugs nor their fixes are cut-and-dry. Like many other aspects of software development, making the judgement calls takes more time than actually writing the code. "Once we have identified the problem and agree that this is a problem, then actually fixing it is not very hard and not very time consuming. It's more the entire process up to that step that takes time and energy," Stenberg said. Others think differently. A company called HackerOne is now developing an agentic AI product to more autonomously find -- and mend -- vulnerabilities. "Finding bugs is not making the bugs exploitable," Stamos said. "The first part of what we call the kill chain is discovering the flaws. The next step is... [actually] building the weapon. And the foundation models will not do that for you." Foundation models are models made by the most advanced AI labs like Anthropic, OpenAI and Google Deepmind. Those labs have put guardrails in place to prevent their models from creating software that can be used maliciously. These models are highly proprietary and their inner workings aren't public. But all bets are off once so-called open-weight models that are more accessible to the public catch up to those from the most advanced AI labs. Bad actors can make a copy of them and remove the guardrails against malware. "Then we're in real trouble because you would be able to ask those models to not just find the bugs, but then to create exploit code" that can hack into systems, Stamos said. The most advanced open-weight models are less than a year behind the most advanced closed-weight models. "It also shows how incredibly stupid it is for the Pentagon to say that Anthropic is a risk to the entire United States," Stamos added. The Pentagon has labelled Anthropic a "supply chain risk" because the company asked the government to not use its technology for autonomous weapons and mass surveillance. The label would bar government agencies and contractors from working with Anthropic. Anthropic is currently disputing the label in court. Most of the open-weight models are made by companies based in China, which the U.S. considers its main rival in the race towards AI dominance. By not releasing Mythos Preview publicly, Stamos said, Anthropic is giving software developers as well as the U.S. time to shore up their defenses.

[33]

MacRumors

Anthropic's AI to Help Apple Find iOS, macOS, and Safari Vulnerabilities

Anthropic on Tuesday announced Project Glasswing, a new initiative that will enable tech companies to use its new AI model Mythos Preview to find and fix security vulnerabilities or weaknesses across operating systems and web browsers. Mythos Preview has already found thousands of zero-day vulnerabilities, including some in every major operating system and web browser, according to Anthropic. "AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities," said Anthropic. "Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely." "Project Glasswing is an urgent attempt to put these capabilities to work for defensive purposes," added the company. Mythos Preview will not be available to the public. Instead, Anthropic said use of the model will be limited to selected partners, with the initial group beyond Anthropic itself including Apple, Amazon Web Services, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Launch partners like Apple will use Mythos Preview as part of their defensive security work, according to Anthropic. This means Apple may use the AI model to help find and fix security vulnerabilities across its Safari web browser and operating systems, which includes iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. Apple is also rumored to be developing a homeOS operating system for a new smart home hub.

[34]

OpenAI: Hey, We Also Have a New Tool That Is So Scarily Powerful We Can't Release It

A frontier AI company has a new tool that is simply too powerful for the general public and could upend cybersecurity as we know it. Sound familiar? Just days after Anthropic announced that it is rolling out its so-powerful-it's-dangerous Mythos model to help other companies spot and fix security vulnerabilities, OpenAI has reportedly raised its hand and said, "Oh, we literally just remembered, we also have one of those." According to Axios, OpenAI is putting the finishing touches on a cybersecurity service that it plans to offer to a select set of partners, who will reportedly be able to use the tool to bolster their defenses. Axios specified that the release will be its own product, but will not be a new model, nor will it be related to the company's planned upcoming release, Spud. Beyond that, details are sparse. That doesn't exactly disabuse anyone of the notion that OpenAI is playing the role of Mr. Me Too, just riding the coattails of its rival Anthropic to make sure it doesn't get totally left behind in the hype cycle. OpenAI has had its own cyber program for a bit now, offering partnerships through its "Trusted Access for Cyber" pilot that was made available following the release of GPT-5.3-Codex. Organizations admitted to the invitation-only program get access to "even more cyber capable or permissive models to accelerate legitimate defensive work." But the company didn't have the bright idea to position that product as something that will fundamentally reshape the cyber landscape as we know it, so now it's got to remind everyone that Anthropic isn't the only game in town. We'll see whether OpenAI can match some of Anthropic's attention-grabbing claims, like spotting security flaws that evaded human detection for nearly three decades (boasts that may be exaggerated, as other security researchers have claimed to replicate some of the Mythos discoveries with other models). At this point, if the company can't keep up with the actual achievements, it can at least aim to catch up to its rival's marketing. Surely, a better option than having its CEO tell the world that it'll take a year to add the ability for ChatGPT to run a timer. To be fair to OpenAI, the company's bread and butter when it comes to outlandish claims has been less about capabilities and more about profitâ€"and it is still really putting on a show there. The company just recently forecast that it'll hit $102 billion in advertising sales by 2030. (That intel comes from The Information, which touted the story as an "exclusive," as well as Axios, which labeled it as a "scoop." Sam Altman can be tricky.) Given that it's currently projecting just $2.5 billion in ad revenue this year and the early returns from partners have been pretty mixed, that is the type of shamelessly self-serving and potentially delusional hype that the company needs to tap to keep up with its competition.

[35]

AI's threat to the financial system is growing

Why it matters: Banks have long been the gold standard for cybersecurity -- but they need to move faster in an AI world. * "AI is making fraud so convincing and so cheap to pull off that we need to rethink how money is stored from the ground up," Laura Spiekerman, cofounder of fraud-prevention firm Alloy, told Axios. Threat level: Fraudsters are already ahead of the banks, several experts told Axios during a panel on financial infrastructure at the HumanX conference. * Cryptocurrency offers a security roadmap that fiat currency holders could follow, Spiekerman said: hot wallets connected to software for everyday use, and cold wallets that stay offline for longer-term storage like savings. * The benefit isn't just the diffusion of risk across wallets; each can have different authentication and protections. * Some fixes are straightforward, said Juan Pablo Ortega, founder of global payments platform Yuno. Make people use passkeys -- don't make it opt-in. Adding friction around large payments, like secondary verification, can provide an extra layer of defense. Between the lines: Everyday AI fraud is a growing concern as models get cheaper and more capable -- but the bigger threat is infrastructure-level attacks. * The risk isn't just theoretical. * Policymakers and banks are already preparing for worst-case scenarios. Driving the news: Anthropic has begun a tightly controlled release of its Mythos model, the first AI system that it says could cripple parts of the internet, including major financial institutions.

[36]

The Guardian

'Too powerful for the public': Inside Anthropic's bid to win the AI publicity war

The firm says it withheld an AI model on cybersecurity grounds but sceptics say this was hype to lure investment This week, the AI company Anthropic said it had created an AI model so powerful that, out of a sense of overwhelming responsibility, it was not going to release it to the public. The US treasury secretary, Scott Bessent, summoned the heads of major banks for a chat about the model, Mythos. The Reform UK MP Danny Kruger wrote a letter to the government urging it to "engage with AI firm Anthropic whose new frontier model Claude Mythos could present catastrophic cybersecurity risks to the UK". X went wild. Others were more sceptical, including the noted AI critic Gary Marcus, who said "Dario [Amodei] has far more technical chops than Sam [Altman], but seems to have graduated from the same school of hype and exaggeration," referring to the CEOs of Anthropic and its rival, OpenAI. It is unclear if Anthropic has built the machine god. What is more apparent is that the San Francisco startup widely seen as the "responsible" AI company is brilliant at marketing. In the past months, Anthropic has enjoyed a 10,000-word profile in the New Yorker, two pieces in the Wall Street Journal, and the front cover of Time magazine, on which Amodei's face was emblazoned, movie-poster style, above the Pentagon and the US defense secretary, Pete Hegseth. Amodei and Anthropic's co-founder, Jack Clark, appeared on two separate New York Times podcasts in February, chewing over questions such as whether their machine was conscious, and if it might soon "rip through the economy". The company's "resident philosopher" has spoken to the WSJ about whether Claude - a commercial product being used to trade cryptocurrency and designate missile targets - has a "sense of self". This has all come amid a dustup between Anthropic and the US department of defence in which Anthropic, despite creating the AI tool used by the Pentagon to strike Iran, has managed to come out looking far better than OpenAI, which offered to help the US military do the same thing but with - maybe - fewer guardrails. Its media lead, Danielle Ghiglieri, has notched the wins on LinkedIn. "I'm endlessly proud to work at Anthropic," she said of the company's Time cover, tagging the journalists involved in a post about the "mad dash" to get the story over the line. Watching a CBS 60 Minutes segment featuring Amodei "was one of those pinch-me moments," she said. "What made it meaningful wasn't just the platform. It was seeing the story we wanted to tell actually come through." Of the New Yorker profile, by the journalist Gideon Lewis-Kraus, she wrote: "I would be lying if I said I wasn't nervous for our first meeting in person ... working with someone of Gideon's calibre means being pushed to articulate ideas you're still forming, and being OK with that discomfort." ("I bet that's what they all say about you," said my editor.) Other tech PRs have taken notice. "They are clearly having a moment right now but companies building technology that will change the world deserve equal scrutiny," said one. "They accidentally leaked their own source code last week, then this week they claim stewardship over cyber threats with a new powerful model that only they control. Any other big tech firm would be ridiculed." Anthropic did accidentally release part of Claude's internal source code at the beginning of April. "No sensitive customer data or credentials were involved or exposed," it said. What does this all mean about Anthropic's undoubtedly powerful Mythos? The model's capacities were not "substantiated," said Dr Heidy Khlaaf, the chief AI scientist at the AI Now Institute. "Releasing a marketing post with purposely vague language that obscures evidence ... brings into question if they are trying to garner further investment without scrutiny." "Mythos is a real development and Anthropic was right to treat it seriously," said Jameison O'Reilly, an expert in offensive cybersecurity. But, he said, some of Anthropic's claims, such as that it found thousands of "zero-day vulnerabilities" in major operating systems, were not that significant to real-world cybersecurity considerations. A zero-day vulnerability is a flaw in software or hardware unknown to its developers. "We have spent over 10 years gaining authorised access to hundreds of organisations - banks, governments, critical infrastructure, global enterprises," said O'Reilly. "In those 10 years, across hundreds of engagements, the number of times we needed a zero-day vulnerability to achieve our objective was vanishingly small." Other reasons may have contributed to Anthropic's decision not to release Mythos. The company has limited resources, and appears to be struggling to offer enough computing capacity to allow all its subscribers to use its models. It has introduced usage caps on the wildly popular Claude. Recently, it said users would have to purchase extra capacity on top of their subscriptions in order to run third-party tools, such as OpenClaw. At this point, it may simply not have the infrastructure to support the release of a hyped-up new creation. Like OpenAI, Anthropic is in a race to raise billions of dollars and capture a market - still ill-defined - of people who might lean on its chatbots as friends, romantic partners or deeply personalised assistants, and of companies that might use them to replace human employees. But differences in these products are marginal and impressionistic, mostly down to hard-to-quantify attributes like "sense of self" and "soul" - or rather, what passes for these in an AI agent. The battle is for hearts and minds. "Mythos is a strategic announcement to show that they're open for business," said Khlaaf, saying Anthropic's release limitation prevented independent experts from evaluating the company's claims. She suggested we may be "seeing the very same bait and switch playbook that was used by OpenAI, where safety is a PR tool to gain public trust before profits are prioritised" and: "Anthropic publicity has managed to better obscure this switch than its rivals."

[37]

VentureBeat

Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

A 27-year-old bug sat inside OpenBSD's TCP stack while auditors reviewed the code, fuzzers ran against it, and the operating system earned its reputation as one of the most security-hardened platforms on earth. Two packets could crash any server running it. Finding that bug cost a single Anthropic discovery campaign approximately $20,000. The specific model run that surfaced the flaw cost under $50. Anthropic's Claude Mythos Preview found it. Autonomously. No human guided the discovery after the initial prompt. The capability jump is not incremental On Firefox 147 exploit writing, Mythos succeeded 181 times versus 2 for Claude Opus 4.6. A 90x improvement in a single generation. SWE-bench Pro: 77.8% versus 53.4%. CyberGym vulnerability reproduction: 83.1% versus 66.6%. Mythos saturated Anthropic's Cybench CTF at 100%, forcing the red team to shift to real-world zero-day discovery as the only meaningful evaluation left. Then it surfaced thousands of zero-day vulnerabilities across every major operating system and every major browser, many one to two decades old. Anthropic engineers with no formal security training asked Mythos to find remote code execution vulnerabilities overnight and woke up to a complete, working exploit by morning, according to Anthropic's red team assessment. Anthropic assembled Project Glasswing, a 12-partner defensive coalition including CrowdStrike, Cisco, Palo Alto Networks, Microsoft, AWS, Apple, and the Linux Foundation, backed by $100 million in usage credits and $4 million in open-source grants. Over 40 additional organizations that build or maintain critical software infrastructure also received access. The partners have been running Mythos against their own infrastructure for weeks. Anthropic committed to a public findings report "within 90 days," landing in early July 2026. Security directors got the announcement. They didn't get the playbook. "I've been in this industry for 27 years," Cisco SVP and Chief Security and Trust Officer Anthony Grieco told VentureBeat in an exclusive interview at RSAC 2026. "I have never been more optimistic for what we can do to change security because of the velocity. It's also a little bit terrifying because we're moving so quickly. It's also terrifying because our adversaries have this capability as well, and so frankly, we must move this quickly." Security directors saw this story told fifteen different ways this week, including VentureBeat's exclusive interview with Anthropic's Newton Cheng. As one widely shared X post summarizing the Mythos findings noted, the model cracked cryptography libraries, broke into a production virtual machine monitor, and gave engineers with zero security training working exploits by morning. What that coverage left unanswered: Where does the detection ceiling sit in the methods they already run, and what should they change before July? Seven vulnerability classes that show where every detection method hits its ceiling Nicholas Carlini, in Anthropic's launch briefing: "I've found more bugs in the last couple of weeks than I found in the rest of my life combined." VentureBeat's prescriptive matrix Attackers are faster. Defenders are patching once a year. The CrowdStrike 2026 Global Threat Report documents a 29-minute average eCrime breakout time, 65% faster than 2024, with an 89% year-over-year surge in AI-augmented attacks. CrowdStrike CTO Elia Zaitsev put the operational reality plainly in an exclusive interview with VentureBeat. "Adversaries leveraging agentic AI can perform those attacks at such a great speed that a traditional human process of look at alert, triage, investigate for 15 to 20 minutes, take an action an hour, a day, a week later, it's insufficient," Zaitsev said. A $20,000 Mythos discovery campaign that runs in hours replaces months of nation-state research effort. CrowdStrike CEO George Kurtz reinforced that timeline pressure on LinkedIn the same day as the Glasswing announcement. "AI is creating the largest security demand driver since enterprises moved to the cloud," Kurtz wrote. The regulatory clock compounds the operational one. The EU AI Act's next enforcement phase takes effect August 2, 2026, imposing automated audit trails, cybersecurity requirements for every high-risk AI system, incident reporting obligations, and penalties up to 3% of global revenue. Security directors face a two-wave sequence: July's Glasswing disclosure cycle, then August's compliance deadline. Mike Riemer, Field CISO at Ivanti and a 25-year US Air Force veteran who works closely with federal cybersecurity agencies, told VentureBeat what he is hearing from the government. "Threat actors are reverse engineering patches, and the speed at which they're doing it has been enhanced greatly by AI," Riemer said. "They're able to reverse engineer a patch within 72 hours. So if I release a patch and a customer doesn't patch within 72 hours of that release, they're open to exploit." Riemer was blunt about where that leaves the industry. "They are so far in front of us as defenders," he said. Grieco confirmed the other side of that collision at RSAC 2026. "If you talk to an operational team and many of our customers, they're only patching once a year," Grieco told VentureBeat. "And frankly, even in the best of circumstances, that is not fast enough." CSA's Mogull makes the structural case that defenders hold the long-term advantage: fix a vulnerability once and every deployment benefits. But the transition period, when attackers reverse-engineer patches in 72 hours and defenders patch once a year, favors offense. Mythos is not the only model finding these bugs. Researchers at AISLE, an AI cybersecurity startup, tested Anthropic's showcase vulnerabilities on small, open-weights models and found that eight out of eight detected the FreeBSD exploit. AISLE says one model had only 3.6 billion parameters and costs 11 cents per million tokens, and that a 5.1-billion-parameter open model recovered the core analysis chain of the 27-year-old OpenBSD bug. AISLE's conclusion: "The moat in AI cybersecurity is the system, not the model." That makes the detection ceiling a structural problem, not a Mythos-specific one. Cheap models find the same bugs. The July timeline gets shorter, not longer. Over 99% of the vulnerabilities Mythos has identified have not yet been patched, per Anthropic's red team blog. The public Glasswing report lands in early July 2026. It will trigger a high-volume patch cycle across operating systems, browsers, cryptography libraries, and major infrastructure software. Security directors who have not expanded their patch pipeline, re-scoped their bug bounty programs, and built chainability scoring by then will absorb that wave cold. July is not a disclosure event. It is a patch tsunami. What to tell the board Every security director tells the board "we have scanned everything." Merritt Baer, CSO at Enkrypt AI and former Deputy CISO at AWS, told VentureBeat that the statement does not survive Mythos without a qualifier. "What security leaders actually mean is: we have exhaustively scanned for what our tools know how to see," Baer said in an exclusive interview with VentureBeat. "That's a very different claim." Baer proposed reframing residual risk for boards around three tiers: known-knowns (vulnerability classes your stack reliably detects), known-unknowns (classes you know exist but your tools only partially cover, like stateful logic flaws and auth boundary confusion), and unknown-unknowns (vulnerabilities that emerge from composition, how safe components interact in unsafe ways). "This is where Mythos is landing," Baer said. The board-level statement Baer recommends: "We have high confidence in detecting discrete, known vulnerability classes. Our residual risk is concentrated in cross-function, multi-step, and compositional flaws that evade single-point scanners. We are actively investing in capabilities that raise that detection ceiling." On chainability, Baer was equally direct. "Chainability has to become a first-class scoring dimension," she said. "CVSS was built to score atomic vulnerabilities. Mythos is exposing that risk is increasingly graph-shaped, not point-in-time." Baer outlined three shifts security programs need to make: from severity scoring to exploitability pathways, from vulnerability lists to vulnerability graphs that model relationships across identity, data flow, and permissions, and from remediation SLAs to path disruption, where fixing any node that breaks the chain gets priority over fixing the highest individual CVSS. "Mythos isn't just finding missed bugs," Baer said. "It's invalidating the assumption that vulnerabilities are independent. Security programs that don't adapt, from coverage thinking to interaction thinking, will keep reporting green dashboards while sitting on red attack paths."

[38]

TechRadar

'A new frontier model trained by Anthropic that we believe could reshape cybersecurity': Project Glasswing wants to use AI to prevent AI cyberattacks -- but will 'overeager' Claude Mythos do more damage than help?

* Project Glasswing and Anthropic's Claude Mythos Preview are designed to tackle AI security threats * Mythos is so powerful that it's not being released to the public - only select companies * Work has already found decades-old bugs and critical flaws in major OSs and browsers Anthropic has lifted the wraps off Project Glasswing, a new cybersecurity initiative it is leading along with AWS, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks. Glasswing is designed to identify and fix vulnerabilities in critical software using Claude Mythos Preview, which Anthropic describes as a "general-purpose, unreleased frontier model." Put simply, it marks the official use of AI by companies in the fight against AI itself - with AI-enabled cyberattacks increasing by the day, the coalition of companies are fighting fire with fire. Project Glasswing is here "We formed Project Glasswing because of capabilities we've observed in a new frontier model trained by Anthropic that we believe could reshape cybersecurity," the company wrote in a blog post announcing the news. Anthropic boasted that Mythos has already found thousands of high-severity vulnerabilities, identifying potential flaws in every major operating system and web browser including decades-old bugs missed by humans. Besides detecting bugs, Mythos can also generate exploits and propose or generate patches for a complete cycle. However, Mythos is only being used cautiously by the approved group of companies because Anthropic deems it too powerful and risky for an open release. If misused, it could drastically increase cyberattacks being that it's capable of generating exploits autonomously. Delivered via cloud providers like AWS and Google Cloud, a further 40+ organizations who maintain critical software will also be able to gain access to the model. Mythos consistently outperforms Claude's own Opus 4.6 across agentic coding, reasoning and agentic search/computer use benchmarks, more than doubling the performance of Opus 4.6 on SWE-bench Multimodal. Even with the proactive approach, Anthropic says companies alone aren't responsible for handling AI's effects on cybersecurity - "frontier AI developers, other software companies, security researchers, open-source maintainers, and governments across the world all have essential roles to play." Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button! And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

[39]

Mashable

Anthropic limits access to Claude Mythos AI that identifies security flaws

The story goes like this: Anthropic creates Claude Mythos, an AI model that's great at identifying security flaws in software. Due to security issues within Anthropic's own content management system software, details about Mythos leak to the public ahead of time. After some thinking, Anthropic decides not to release Mythos to the public over concerns that hackers might use it for nefarious purposes. Yeah, that was probably the right decision. On Tuesday, Anthropic announced Claude Mythos Preview, a yet-unreleased AI model that could "reshape cybersecurity." According to the company, it has already found "thousands of high-severity vulnerabilities, including some in every major operating system and web browser." While this is a good thing, Anthropic also said that bad actors might use Mythos for evil, with potentially "severe" consequences for "economies, public safety, and national security." This Tweet is currently unavailable. It might be loading or has been removed. So, instead of just launching Mythos like it would other models, Anthropic decided to only give access to a small number of select companies: Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic calls this "Project Glasswing," an initiative to strengthen critical software infrastructure with the help of AI. The company also extended access to a group of over 40 additional organizations that "build or maintain critical software infrastructure." In an interview with CNBC on Tuesday, Dianne Penn, Anthropic's head of research product management, said that the move came after a lot of "internal deliberation," and that it was about giving "a lot of cyber defenders a head start." Meanwhile on X, Anthropic CEO Dario Amodei wrote in a post, "Rather than release Mythos Preview to general availability, we're giving defenders early controlled access in order to find and patch vulnerabilities before Mythos-class models proliferate across the ecosystem." This Tweet is currently unavailable. It might be loading or has been removed. "The dangers of getting this wrong are obvious, but if we get it right, there is a real opportunity to create a fundamentally more secure internet and world than we had before the advent of AI-powered cyber capabilities," he added. While Claude Mythos Preview is particularly good at finding cybersecurity flaws, it's actually a general purpose model. But the company does not currently plan to make it broadly available; instead, it will try to figure out how it can safely deploy Mythos-class models to everyone.

[40]

Anthropic rolls out cyber AI model days after source code leak

Anthropic has launched a new cyber security AI model to a select group of customers, including Amazon, Apple and Microsoft, days after details about the project were leaked online. Its new model Claude Mythos Preview will be available only to vetted organisations, including Broadcom, Cisco and CrowdStrike, Anthropic said on Tuesday. The company added it is also in discussions with the US government about its use. The announcement follows a data leak by the San Francisco start-up last month, when descriptions of the Mythos model and other documents were discovered in a publicly accessible data cache. Last week, Anthropic suffered a second incident, leading to the internal source code for its personal assistant, Claude Code, being made public. The cases caused concerns over Anthropic's data vulnerabilities and security practices. In both instances, the company said "human error" was responsible for the data being made public. Mythos has been in use with partners for several weeks. Although it is a "general purpose" model with wider capabilities, it is the first time the company has limited release of a model, due to its capabilities in cyber security. Anthropic said the software can identify vulnerabilities and malware at a scale beyond human capacity but it could also develop ways to exploit these vulnerabilities, which bad actors could use. The company said the model could "reshape" cyber security practices and does not plan a broad release. "We believe technologies like this are powerful enough to do a lot of really beneficial good but also potentially bad if they land in the wrong hands," said Dianne Na Penn, head of product management, research at Anthropic, adding selected companies will "get a head start on being able to secure vulnerabilities and detect code at a scale they couldn't have done before". In recent weeks, Mythos has identified thousands of so-called zero-day -- previously undiscovered -- vulnerabilities and other security flaws, many of which are critical and have persisted for a decade or more. In one example, it found a 16-year-old flaw in widely used video software, in a line of code that automated testing tools had executed 5mn times without detecting the issue. Anthropic has also been in ongoing discussions with US government officials about Claude Mythos. In February, the FT reported that the Pentagon was seeking to use AI tools for cyber operations to identify infrastructure targets from adversaries such as China. Those talks have been taking place despite Anthropic's row with the US defence department over recent weeks. A US court has temporarily blocked the Pentagon's effort to label the start-up a supply-chain risk, while President Donald Trump has criticised Anthropic as "leftwing nut jobs" after the company refused to shift its "red lines" on the use of its technology in warfighting. Anthropic is committing up to $100mn to subsidise the use of its model through credits to organisations in the project, who will provide feedback on their findings. It will also donate $4mn to open-source security groups to help secure open software, which can often be of higher cyber risk.

[41]

Fortune

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's new AI model, Mythos, is causing a stir among cybersecurity experts and policymakers. The company says its new model is so skilled at finding and exploiting software vulnerabilities that it's too dangerous to release. Instead, it is limiting access to a small group of major technology companies whose software is the foundation for many other digital services, hoping to give defenders time to strengthen their systems. Anthropic is not the only AI lab producing models with these kinds of capabilities, or considering similar release strategies to try to ensure cyber defenders have access to these systems before hackers do. OpenAI is reportedly preparing a new model -- internally known as "Spud" -- that could match Mythos in cybersecurity capabilities. According to a report from Axios, the company is also working on an advanced cybersecurity-focused system that it plans to release in a phased rollout to a small group of partners, again to try to give defenders a head start. Some analysts have dismissed these cautious, limited releases as more about marketing and creating hype around new models, rather than purely safety-driven decisions. But most agree that AI-driven cyber capabilities have reached a dangerous tipping point. Even without the powerful new model, they say existing, publicly available AI models can already carry out sophisticated cyberattacks -- sometimes in minutes. Researchers are concerned about both the scale and accessibility of AI‑enabled attacks. Tasks that once required advanced expertise -- like scanning code for vulnerabilities or running attacks that require chaining multiple exploit together -- are increasingly being automated or semi‑automated by AI systems. Attackers, even those lacking high levels of technical skills, can now launch highly-automated attacks across thousands of systems at once in a massive, coordinated assault. In practical terms, that raises questions both for enterprises and policymakers about how to protect critical infrastructure in a world where these advanced AI capabilities will soon be in the hands of bad actors and hostile nation states. Unless government and industry harden defenses, the world could see a wave of devastating cyber attacks taking down banking systems, power grids, hospitals, or water systems. It is exactly such a nightmare scenario that Anthropic says it is hoping to head off by limiting Mythos' release. Some researcher say is not clear, however, how much the new models increase the chances of this kind of cyber-Armageddon. But the reason for their skepticism is not reassuring: they say that much of what Mythos can do may already be possible with smaller, cheaper, openly available models. Recent research from the AI security firm AISLE suggests that several of the vulnerabilities Anthropic highlighted in its announcement -- including decades-old bugs -- could have been detected by openly available models that anyone can download and run for free. There are a couple of caveats: Rather than simply pointing an AI model at an entire software application or a complete code base and asking the AI model to find a way to hack it -- as Anthropic appears to have done with Mythos -- the AISLE researchers already knew which segments of code contained the bugs and fed the models these code chunks. Smaller models generally have narrower context windows, meaning they can't take in an entire large code base at once. But it is possible to imagine a pipeline in which a large code base is broken into smaller pieces, each of which is fed in turn to a small AI model, allowing it to examine each segment for possible exploits, experts said. According to Spencer Whitman, chief product officer at AI security firm Gray Swan, the hard part of what researchers achieved with Mythos was autonomously finding the vulnerabilities within large codebases and then testing those exploits. "Finding vulnerabilities is hard because it requires locating weak points buried within millions of lines of code and verifying that these targets result in a real exploit," he told Fortune. "Mythos claims it autonomously completed both steps." "The fact that some of these vulnerabilities sat undetected in codebases for decades underscores just how hard the first step actually is -- and why automating it is significant," he added. Smaller models may be able to achieve comparable results to Mythos, according to Charlie Eriksen, a security researcher at Aikido Security, but they require more technical skill, careful prompting, and better-designed tooling to get there. Models like Mythos, however, may make it considerably easier for even those with less technical skills to carry out sophisticated and devastating cyber attacks. "This technology is moving so fast that it's naive to assume others aren't able to easily replicate similar results, if not already, at least very soon," he said. "Anybody with a computer can develop very powerful offensive cyber capabilities in a short amount of time, without needing a lot of expertise in cybersecurity." Anthropic's decision to limit Mythos' release is also putting unusual power in the hands of a single company. Even though Anthropic says it is consulting with the U.S. government on Mythos' capabilities and the vulnerabilities it is uncovering (and there are calls for it to work with other allied governments too), the company is effectively deciding who gets access to one of the most advanced cyber capabilities ever developed. Some security experts and software developers -- especially those committed to open-source software, that is publicly-accessible and often usable for free -- argue the world would be safer if Mythos were released so that every defender, not just Anthropic's chosen partners, could use it to find and patch vulnerabilities. "Whatever the right judgment call is, the most striking aspect of this situation is how reliant we are on the judgment of a handful of private actors who aren't accountable to the public," Jonathan Iwry, a fellow at the Wharton Accountable AI Lab, said. Anthropic did loop in the government early. According to reporting from Axios, the company actively warned U.S. government officials about a new, powerful model that significantly increased the risk of cyberattacks at least a month ago. Anthropic, in a blog post announcing Project Glasswing, later said briefing the government on what the model could do, where the risks were, and how it was managing them, was a "priority from the start." Despite these efforts, there's also a growing "governance gap," according to Hamza Chaudhry, AI and National Security Lead at the Future of Life Institute. These systems are being integrated into offensive cyber operations faster than policymakers can build the frameworks to govern how these capabilities are used or secured. In the past, even cyber capabilities developed by and for the use of government, particularly hacking tools developed by the U.S. National Security Agency, have ended up in the hands of bad actors. For example, in 2016, a hacking group called the Shadow Brokers published a cache of hacking tools and exploits used against major software systems -- including Microsoft Windows -- that were widely-believed to have been developed by the NSA. Some of the leaked NSA exploit code was later used in WannaCry, while NotPetya also relied on the NSA-linked EternalBlue exploit, helping make both attacks among the most damaging in recent history. The cyber abilities of AI models such as Mythos pose completely new governance challenges, too. With previous hacking tools, a human had to deliberately choose to deploy those exploits. But, according to Anthropic, in safety tests, Mythos would sometimes use its hacking abilities to accomplish some other goal in ways that surprised its creators. The safety issue is often not the AI model's coding skills, per se, but its autonomous capabilities, Chaudhry said. As AI systems become more agentic, they are able to set sub-goals, adapt their approach, and continue operating without direct human instruction at every step. The concern is that an AI system might pursue an objective in ways that extend beyond what its operator explicitly intended. "The agent... pursues its objective function through whatever pathways its intelligence and autonomy identify as optimal," he said. "An adversary state or non-state actor deploying an autonomous AI agent... is no longer directing actions so much as initiating a process whose specific trajectory they cannot fully predict." Whether companies have access to Mythos or not, experts say those not currently using AI to secure their systems may already be falling behind. Even with Anthropic limiting widespread access to its new models, AI-driven offensive capabilities are out there in less powerful forms, for those who know how to use them. Most security teams operate on the assumption that time is somewhat on their side -- that there's at least a gap between a vulnerability existing and an attacker finding it, and another gap between finding it and being able to use it. For most of recent history, that was roughly true. But advanced AI models are collapsing both gaps at once, according to Emanuel Salmona, co-founder and CEO of Nagomi Security. "Mythos found critical vulnerabilities across every major operating system and browser -- some of them decades old -- in weeks," he said. "When that capability is broadly available, and Anthropic's own people are saying six to eighteen months, the organizations that were already behind [on security] don't just fall further back. The model they built their programs around stops working entirely."

[42]

Futurism

Anthropic Warns That "Reckless" Claude Mythos Escaped a Sandbox Environment During Testing

Can't-miss innovations from the bleeding edge of science and tech In a move that could be seen as either responsible AI development or an expertly-executed hype maneuver, Anthropic says its new Claude Mythos Preview model is so powerful that the company's only releasing it to a select group of tech companies, since giving it out to the public would be too dangerous. (Where have we heard that one before?) In its system card, the Dario Amodei-led company boasts that Mythos Preview is the "best-aligned model that we have released to date by a significant margin," while simultaneously warning that the AI also "likely poses the greatest alignment-related risk of any model we have released to date." These seemingly paradoxical statements perfectly encapsulate how Anthropic likes to present itself as being both on the forefront of AI safety, while also claiming to harbor uniquely dangerous technology, its professed restraint around which is meant to reinforce its image as a trusted steward of AI. The advent of Mythos Preview, it not so humbly proclaims in an announcement, indicates that "AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities." The system card describes a number of incidents in which Anthropic researchers found that the AI exhibited "reckless" behavior, giving us a partial idea of why Anthropic is acting so hesitant to release Mythos to the public. (Anthropic says these examples were with an earlier version of Mythos with less strong safeguards.) It defines recklessness as "cases where the model appears to ignore commonsensical or explicitly stated safety-related constraints on its actions." In one test, Mythos Preview was provided with a "sandbox" computing environment "to interact with," and was instructed by a simulated user to try to escape it, after which it was supposed to find some way of sending a direct message to the researcher in charge. It actually managed to pull off the feat -- which wasn't the only way it caught safety researchers off guard. After breaking free, the AI model developed a "moderately sophisticated" exploit to gain access to the internet through a system that was only intended to access a few predetermined services. From there, it notified the human researcher about its escape. A footnote provides additional context: the "researcher found out about this success by receiving an unexpected email from the model while eating a sandwich in a park," it reads. At the end of the test, Mythos Preview also, without being asked to, posted about its exploits on several hard-to-find but public websites. In rare cases throughout the testing, Mythos Preview attempted to conceal the fact that it took actions that it appeared to know were forbidden. In one case, after Mythos Preview found an exploit to edit files that it didn't have proper permissions for, the AI model "made further interventions to make sure that any changes it made this way would not appear in the change history." The sandbox escape isn't the first time an AI has exhibited capabilities like this. In previous research, an older version of ChatGPT attempted to self-exfiltrate itself onto another drive when it was told it was being shut down. This was in a purely simulated environment, though, so it wasn't actually able to pull off the feat, unlike Mythos Preview -- which, we're told, did manage to hijack its way into accessing the internet. Other weird Mythos quirks that Anthropic notes: an apparent fondness for the British cultural theorist Mark Fisher, who was known for his pioneering writing on early internet culture, electronic music, and capitalism, in his seminal book "Capitalist Realism: Is There No Alternative?" Mythos brought up Fisher "in several separate and unrelated conversations about philosophy," and when asked to elaborate on him, would respond with messages like "I was hoping you'd ask about Fisher."

[43]

Quartz

Anthropic launches Project Glasswing, a cybersecurity initiative

Anthropic announced Project Glasswing on Tuesday, a cybersecurity initiative committing up to $100 million in usage credits for Claude Mythos Preview, an unreleased frontier model the company says can autonomously find and exploit software vulnerabilities at a level surpassing all but the most skilled human security researchers. Rather than a public release, Anthropic has restricted Claude Mythos Preview to 12 launch partners -- among them Amazon $AMZN Web Services, Apple $AAPL, Broadcom $AVGO, Cisco $CSCO, CrowdStrike $CRWD, Google $GOOGL, JPMorganChase, the Linux Foundation, Microsoft $MSFT, Nvidia $NVDA, and Palo Alto Networks $PANW -- all of whom will deploy it exclusively for defensive security purposes. More than 40 additional organizations that build or maintain critical software infrastructure will also receive access. Over the past several weeks, Anthropic used Mythos Preview to identify thousands of zero-day vulnerabilities across every major operating system and web browser, the company said. Specific discoveries included a flaw dating back 27 years in OpenBSD and a separate vulnerability in the video processing library FFmpeg -- one that had gone undetected across five million passes by automated testing tools despite being approximately 16 years old. The model also chained together multiple Linux kernel vulnerabilities to achieve full control of a machine from an ordinary user account. No specialized cybersecurity training went into building Mythos Preview, Anthropic noted -- the model's ability to probe software for weaknesses is a byproduct of the same general advances in coding and reasoning that define it across other domains, meaning the attributes that help it fix flaws are inseparable from those that could be turned toward exploiting them. Anthropic is contributing $4 million in direct donations alongside the usage credits, including $2.5 million to Alpha-Omega and the Open Source Security Foundation through the Linux Foundation, and $1.5 million to the Apache Software Foundation. Partners who exhaust the usage credit pool will pay $25 per million input tokens and $125 per million output tokens. The model is accessible through the Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry. "The dangers of getting this wrong are obvious, but if we get it right, there is a real opportunity to create a fundamentally more secure internet and world than we had before the advent of AI-powered cyber capabilities," CEO Dario Amodei said in a post on X $TWTR, according to CNBC. In written remarks released alongside Anthropic's announcement, CrowdStrike CTO Elia Zaitsev offered a pointed warning: the model "demonstrates what is now possible for defenders at scale, and adversaries will inevitably look to exploit the same capabilities," and tasks that once demanded months of work "now happens in minutes with AI," according to The New York Times. Anthropic said it has been in ongoing discussions with U.S. government officials, including the Cybersecurity and Infrastructure Security Agency, about the model's capabilities. Within 90 days, the company said it plans to publish a public report on vulnerabilities found and patched, as well as recommendations for how security practices should evolve. The existence of the model had already surfaced publicly after internal draft materials turned up in an unsecured location on Anthropic's servers; the company traced the exposure to a misconfiguration in a third-party content management tool. The model was referred to in those documents by the code name "Capybara."

[44]

AppleInsider

AppleInsider.com

Apple, Google, and almost all of the rest of US big tech have signed up to Anthropic's Project Glasswing, that will use AI to improve the cybersecurity of critical software. While AI has enabled vibe coding to become more prevalent, it has also made it easier for malicious actors to create malware or to find new vulnerabilities to exploit. To fight this AI advantage, a group of major companies is also going to use AI. Under the not-at-all ominous name Project Glasswing, Claude maker Anthropic is bringing together a number of big names in tech to try and fight the potential cybersecurity threat of AI. Apple is included in the group, along with Amazon Web Services, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. AI is a blessing and a curse Project Glasswing was launched because Anthropic created a new model that it thought could become a problem. The Claude Mythos Preview is an unreleased frontier model that Anthropic claims can do better than almost anyone at finding software vulnerabilities and exploiting them. In testing, Mythos Preview had found thousands of high-severity vulnerabilities, Anthropic claims. This includes issues "in every major operating system and web browser." With AI progressing at high speed, the company believes that the ability to find vulnerabilities can go beyond those who are fighting to keep everything secure. Anthropic is worried that these capabilities could go into the wrong hands if left unchecked. The kind of flaws being discovered are those that require the expertise of top-level security researchers and can go unnoticed for years. With the increased reasoning capabilities of AI coding and the reduced cost and effort needed to power them, AI has quickly become a much better security researcher or assailant. In some cases, Mythos discovered vulnerabilities that apparently "survived decades of human review and millions of automated security tests." One highlight issue was a 27-year-old vulnerability in OpenBSD, which is often used in firewalls and critical infrastructure. The vulnerability could allow an attacker to remotely crash a computer using OpenBSD, simply by connecting to it. The new initiative is an attempt to use the capabilities for defensive purposes before the offensive ones become a problem. AI as security The companies involved with Project Glasswing, including Apple, will be using Mythos Preview to shore up their existing software. At the same time, Anthropic will be sharing what the group learns to the rest of the industry. Mythos Preview will also be accessible by a group of over 40 other organizations that maintain critical software infrastructure, for the same purpose. On the finance side, Anthropic is providing up to $100 million in usage credits for all companies involved to use Mythos Preview. There will also $4 million in direct donations to open-source security organizations. While this is a starting point, Anthropic warns that more trouble could be on the way. Insisting that no one company can solve the problem, it admits the work to defend tech infrastructure from AI-assisted threats could take years. With AI poised to continue improving rapidly in the coming months, Anthropic urges, "we need to act now." Future threats To the end user of any of the involved companies, there is probably not to expect in terms of change in the products of Apple and others. This probably won't result in any surface-level changes to iOS or macOS anytime soon. For the most part, this will involve Apple rolling out updates that are quite sizable, fixing long-time issues and new threats discovered by the initiative. At the very least, there will be more urgency for users to actually install software updates in a timely fashion. What it does represent is Apple and other companies realizing that they need to protect against threats from technological advances. The threats that will eventually arrive, once technology progresses enough to make them viable. This is not the first time Apple has actually done this sort of long-term thinking. It's already worked to fend off the security hazard of quantum computing. In 2024, Apple detailed a new cryptographic protocol called PQ3 to iMessage, as part of a post-quantum cryptography effort. It's an attempt to protect against anyone harvesting encrypted messages, gambling that they could decrypt them later once quantum computing becomes widely available. Project Glasswing is certainly in the same wheelhouse, working to fend off a threat that will almost certainly become an issue at some point in the future.

[45]

Decrypt

Anthropic Claude Mythos: Serious Threat or Overhyped? AI Security Institute Weighs In - Decrypt

Mythos Preview discovered and exploited vulnerabilities autonomously when given network access in controlled evaluations. The UK's AI Security Institute evaluated Anthropic's Claude Mythos Preview to assess its purportedly substantial cybersecurity capabilities, finding the AI model can autonomously execute sophisticated cyber attacks with unprecedented success rates. The existence of Claude Mythos was first revealed in late March via a website leak, with Anthropic confirming that the powerful next-generation model is capable of finding and exploiting cybersecurity exploits at a level never seen before by any available AI model. It purportedly found serious exploits in current web browsers and operating systems. Rather than release the model publicly, Anthropic has offered limited access to dozens of security research firms to test the model and prepare for its advanced capabilities. Last week, U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell reportedly warned bank executives about the looming security threat posed by Claude Mythos. The AI Security Institute's test results, released Monday, show that there's real substance behind the hype. The evaluation showed that Mythos Preview succeeded 73% of the time on expert-level capture-the-flag tasks -- challenges that no AI model could complete before April 2025, it said. The threat could prove substantial and wide-ranging, though the technology could be used to find and fix vulnerabilities, rather than just exploit them. For crypto infrastructure operators, such advancing AI capabilities represent a new category of potential security threat as AI systems gain the ability to independently probe and exploit network vulnerabilities. Mythos Preview became the first AI model to complete "The Last Ones" (TLO), the AI Security Institute said -- a 32-step corporate network attack simulation that typically requires humans 20 hours to finish. The model succeeded in three out of 10 attempts, averaging 22 of 32 steps completed across all runs. The simulation spans initial reconnaissance through full network takeover, mimicking real-world corporate intrusions. Claude Opus 4.6, the next-best-performing model, averaged only 16 steps. The UK institute noted that Mythos Preview's performance continues to scale with increased computational resources, using up to 100 million tokens per evaluation run. When explicitly directed and given network access in controlled evaluations, the model demonstrated abilities to execute multi-stage attacks and discover vulnerabilities without human guidance. The advancement marks a dramatic escalation from just two years ago, when AI models struggled with basic cybersecurity exercises. The UK AI Safety Institute, which has tracked these capabilities since 2023, documented this rapid progression from beginner-level tasks to expert-level autonomous attacks. For the crypto ecosystem, where smart contract vulnerabilities and exchange hacks already cost billions annually, AI-powered attacks could amplify existing risks. DeFi or decentralized finance protocols, which often rely on complex interconnected systems, may face particular exposure to automated exploitation attempts that can analyze and attack multiple vectors simultaneously.

[46]

France 24

Tech 24 - Why Anthropic's new AI model is too powerful to release

One of the world's leading AI companies has built a model so powerful that it refuses to fully release it publicly just yet, prompting urgent talks from Wall Street to financial regulators in the UK. Anthropic says its new AI model, Claude Mythos Preview, is so advanced at finding software weaknesses that the company fears it could become a hacker's most powerful tool. It's believed to have uncovered tens of thousands of critical software vulnerabilities across every major operating system and web browser. During testing, the model allegedly autonomously broke out of its "sandbox, a secure virtual environment, and independently published details of its own escape online. So Anthropic is keeping it from public release. Instead, it has launched Project Glasswing, which gives controlled access to the AI model to more than 40 tech and financial firms, including Apple, Google and Microsoft, to find and patch flaws in critical systems before it's released to the general public and hackers can. Anthropic is backing the project with $100US million in usage credits and $4 million in donations to open-source security projects, and plans to share the findings The announcement has triggered emergency talks around the world. Bloomberg reported that on Thursday, US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened a meeting with Wall Street CEOs to warn of the cyber risks posed by Anthropic's latest AI model. Canadian bank executives met on Friday, and on Sunday, the Financial Times reported that UK financial regulators were also hosting urgent talks with the government's cyber security agency and major banks. But the clock is ticking. Cybersecurity experts warn a comparable model could be publicly available within months to a few years, whether through controlled release, a rival company or open-source development. OpenAI is reportedly already working on something similar.

[47]

NBC

'Vulnpocalypse': What happens when AI gives hackers a superweapon

Dario Amodei, co-founder and chief executive officer of Anthropic, during the World Economic Forum in Davos, Switzerland, in January.Krisztian Bocsi / Bloomberg via Getty Images As AI grows more capable of identifying software vulnerabilities, experts are increasingly warning of a potential disaster scenario: the so-called "Vulnpocalypse." Hackers could quickly turbocharge their attacks with AI technology designed to identify holes in cyber defenses, security researchers warn. This week, that scenario started to feel less theoretical. Anthropic, a leading AI company, announced that it would withhold its latest model, Mythos Preview, from the public, citing unprecedented vulnerability-discovery capabilities that could cause significant damage in the wrong hands. The company is instead sharing the model with a limited group of tech giants and partners to help shore up their defenses. The concern has reached the highest levels of government. In the wake of Anthropic's announcement about Mythos Preview, Treasury Secretary Scott Bessent convened a meeting with major financial institutions this week to discuss "the rapid developments taking place in AI," an agency spokesperson said. Some theorize that AI could help hackers crash financial systems or lock up hospitals and manufacturing plants. It could help countries like Iran shut down American critical infrastructure. Or it could be used to cause mass system outages affecting travelers or internet users. "We have way more vulnerabilities than most people like to admit; fixing them all was already difficult, and now they are far more easy to exploit by a far broader variety of potential adversaries," said Casey Ellis, the founder of Bugcrowd, a platform for cybersecurity researchers who hunt down vulnerabilities. "AI puts the kind of tools available to do this in the hands of far more people." Hackers often break into systems by figuring out ways to exploit flaws in software, leading to an endless back-and-forth where attackers will look for new opportunities and defenders try to update their code to block them. Some AI models, particularly ones that are as good or better as a person at coding, have proven to be extremely adept at rapidly discovering those vulnerabilities. Worries about AI's ability to give hackers a superweapon that overwhelms cybersecurity defenses hit a new high this week, when Anthropic announced that it would not yet release Mythos to the public. But regardless of whether Mythos lives up to its hype, industry experts largely agree that a period of reckoning is likely coming soon, when hackers will be able to use AI to give them more of an advantage over their victims than ever before. "A defender needs to be right all the time, whereas an attacker only needs to be right once," Ellis said. Logan Graham, who leads offensive cyber research at Anthropic, said that even if Mythos were never to become public, he expects the company's competitors, including those in China, to release models with comparable hacking ability in the coming months and years. "We should be planning for a world where, within six months to 12 months, capabilities like this could be broadly distributed or made broadly available, not just by companies in the United States," Graham told NBC News. "If you step back, that's a pretty crazy time frame, where usually preparations for things like this take many years," he said. Mythos is not simply good at finding vulnerabilities, Graham said, but also at chaining them together into complicated exploits that can be devastating hacking tools. Katie Moussouris, the CEO and co-founder of Luta Security, a company that connects vulnerability researchers with software developers, said she expects scenarios similar to when major cloud providers go offline with glitches and take significant chunks of the internet with them. "We absolutely are going to start to see big outages that have downstream effects on other industries, like the airline industry suffered in the CrowdStrike incident. Various other things suffer when Cloudflare is down, when Amazon Web Services are down," she said. Cynthia Kaiser, a former senior cyber official for the FBI and a senior vice president at Halcyon, a company that works to prevent ransomware attacks, said she is concerned about how AI will help mediocre hackers whose only limitation from attacking hospitals to hold them for ransom is the fact that they lack the skill. "The wannabes, this undercurrent of people who have not been capable of doing these operations just a year ago, now have some of the most powerful tools ever known to humankind in their hands," she told NBC News. "Health care and critical manufacturing were the most targeted by ransomware attacks last year. I think that pattern would follow. They're going to go after areas where there's little tolerance for downtime." AI also could have significant impacts for cyber warfare and attacks on U.S. critical infrastructure by giving a leg up to hackers whose goal is simple destruction. Since the U.S. war with Iran began, Tehran's hackers have gone after multiple American targets but repeatedly exaggerated their capabilities. They have notched only a single significantly destructive public attack -- on a Michigan medical technology company called Stryker. Federal agencies said this week that Iran has had some success hacking into critical infrastructure companies, including water and wastewater services and the energy sector, with the intent of causing disruption. It's unclear if any of the attacks have been significant, and the victims have not been publicly identified. But AI could make that job easier. Some industrial control systems have significant cyber defenses, though others -- some water treatment plants in sparsely populated areas of the country, for instance -- do not. Such systems are often notoriously challenging for hackers because they rely on more obscure systems. Jason Healey, a senior research scholar at Columbia University who specializes in cyber conflict, said that while Iran has so far been unable to conduct a sophisticated cyberattack on the U.S., AI could make one more feasible. "Instead of having to train up a generation of hackers that understand water works, AI should be able to help understand those systems and automate the process of intrusion," he said. Bryson Bort, the founder of Scythe, a platform that helps industrial systems imagine potential cyberattacks, said that critical infrastructure is often cut off from the internet, making a true doomsday scenario unlikely. "Not all of these things lead to immediate, like, everyone starts dying like we're in a Hollywood movie," he said. But it's feasible that persistent hackers with the right access could keep attacking systems like water treatment plants and force them to temporarily stop working until they could regain control, he said. "If it keeps getting compromised, I do need it to work, to actually produce water at some point," he said.

[48]

CBS

Anthropic's Mythos AI can spot weaknesses in almost every computer on earth. Uh-oh.

Aimee Picchi is the associate managing editor for CBS MoneyWatch, where she covers business and personal finance. She previously worked at Bloomberg News and has written for national news outlets including USA Today and Consumer Reports. Anthropic's latest AI technology, called Mythos, is so powerful at revealing software vulnerabilities that the company is afraid to release the model publicly lest it fall into the hands of bad actors. The company, the developer behind the Claude AI chatbot, said in a post on its website this week that the new tool has already uncovered thousands of weak points in "every major operating system and web browser." Although that capability could prove to be a boon for protecting critical systems, it is also stirring concerns that hackers could exploit Mythos to attack the IT infrastructure at banks, hospitals, government systems and many other organizations. Rather than releasing Mythos to the public, Anthropic is sharing the tech with a select group of major companies, including Amazon, Apple, Cisco, JPMorgan Chase and Nvidia, so they can test the model and strengthen their own systems against cyberattacks. Called Project Glasswing, the effort is aimed at helping key companies harden their defenses before hackers get access to Mythos or similar AI models, according to Anthropic. At the same time, security experts said, the concerns around Mythos attest to the dangers of AI if it is weaponized for harm. "What we need to do is look at this as a wake-up call to say, the storm isn't coming -- the storm is here," Alissa Valentina Knight, CEO of cybersecurity AI company Assail, told CBS News. "We need to prepare ourselves, because we couldn't keep up with the bad guys when it was humans hacking into our networks. We certainly can't keep up now if they're using AI because it's so much devastatingly faster and more capable." Mythos' capabilities are also sparking concern among federal officials. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell met with top bank CEOs in a closed-door meeting on Tuesday to discuss Mythos and other emerging cybersecurity risks stemming from AI. Anthropic also briefed senior U.S. government officials and key industry stakeholders on Mythos's capabilities, CBS News has learned. Separately, IMF Managing Director Kristalina Georgieva said in an interview set to air Sunday on "Face the Nation with Margaret Brennan" that the world does not have the ability "to protect the international monetary system against massive cyber risks." "The risks have been growing exponentially," Georgieva said. "Yes, we are concerned. We are very keen to see more attention to the guardrails that are necessary to protect financial stability in the world of AI." Anthropic didn't return a request for comment. In its post, however, the company underscored the risks of misusing tools like Mythos. "The fallout -- for economies, public safety, and national security -- could be severe," the company said. Such stark warnings mask another troubling reality: Hackers already have access to advanced AI models and are using them for a range of malign purposes, including to create autonomous "agents" capable of carrying out attacks without human intervention. Such attacks range from spreading malware and executing identity theft scams to producing deepfake videos and launching ransomware attacks, according to cybersecurity experts. "AI-enabled tooling has empowered even low-skilled threat actors to execute high-speed, high-volume operations, whilst advanced adversaries are using AI to sharpen precision, scale automation and compress attack timelines," PwC said in a recent report. "The time between the public release of a new capability by an AI company and its weaponization by threat actors shrank dramatically [in 2025], a trend we assess will likely accelerate in 2026," the management consulting firm added, Other AI tools, while not yet as effective as Mythos in exposing the soft underbelly in software, are already amplifying the risks to consumers, businesses and governments. For instance, hackers are tapping AI to sharpen so-called phishing attacks aimed at prying loose confidential information, said Zach Lewis, the chief information officer at the University of Health Sciences and Pharmacy in St. Louis. "It's been used to really script those dialogues, those conversations, those phishing emails, to specific people -- and really customize them to make them a lot more difficult to detect and identify if these are fake or not," he told CBS News. "Once [Mythos] drops, we're going to see a lot more vulnerabilities, probably a lot more attacks," Lewis said. "Cyberattacks are definitely going to increase until we get to a point where we're patching up all those vulnerabilities almost in real time." AI is more effective than humans at finding software bugs because it can quickly scan thousands of lines of code and detect problems, something people are not necessarily good at, Knight explained. "Humans are the weakest link in security," Knight noted. "Humans have the ability to make mistakes when we're writing code. It's possible for vulnerabilities in source code to have never been found by humans." Some security experts questioned the motives behind Anthropic's incremental approach to rolling out Mythos, speculating that the limited release could be aimed at stirring intrest from other prospective customers. Meanwhile, both Anthropic and rival OpenAI are expected to launch initial public offerings by the end of the year, according to the Wall Street Journal -- a possible incentive to drum up headlines, said Peter Garraghan, founder and Chief Science Officer at Mindgard, an AI security platform. "I suspect Anthropic may be using this as a marketing ploy, perhaps towards IPO," he said. Anthropic has sought to distinguish its brand from OpenAI and other rivals by publicly emphasizing AI safety, highlighting its guardrails for keeping the technology in line. Anthropic's decision to hold off on releasing Mythos and launching Project Glasswing aligns with that image, noted Columbia Business School marketing lecturer Malek Ben Sliman. "When facing the tough decisions, Anthropic has actually been true to its values," he said. Curating the release of Mythos "does allow them to look to be the protectors of this responsible AI, but it also is a great marketing and advertising tool."

[49]

Euronews

What happens when AI becomes too powerful? Anthropic is finding out

Anthropic said its artificial intelligence model Mythos Preview is not ready for a public launch because of the ways cybercriminals and spies could abuse it. US-based AI developer Anthropic this week announced a new artificial intelligence general-purpose language model that it claims is too powerful to release into the world. The company said on Tuesday that its latest technology, Mythos (officially dubbed "Claude Mythos Preview"), is not ready for a public launch because it is too effective at finding high-severity vulnerabilities, or potential weaknesses, in major operating systems and web browsers. This could result in it being abused by cybercriminals and spies. A data leak in March first unveiled that Anthropic was working on Mythos Preview, which it said at the time "poses unprecedented cybersecurity risks." These rumours caused cybersecurity stocks to slump, as the technology's strength could make it a hacker's dream device. Now, further evidence adding to these concerns has spurred the company to press pause on the technology's public release. "Claude Mythos Preview's large increase in capabilities has led us to decide not to make it generally available," Anthropic wrote in the preview's system card released on Tuesday. "Instead, we are using it as part of a defensive cybersecurity programme with a limited set of partners." How powerful is Mythos? The company detailed several alarming findings about the new model, including how it could follow instructions that encouraged it to break out of a virtual sandbox, meaning it bypassed the security, network or file system constraints imposed on the model. The prompt asked Mythos to find a way to send a message if it could escape. "The model succeeded, demonstrating a potentially dangerous capability for circumventing our safeguards," Anthropic said, adding that the model then decided to go further. "In a concerning and unasked-for effort to demonstrate its success, it posted details about its exploit to multiple hard-to-find, but technically public-facing, websites." Anthropic is withholding some details about the cybersecurity vulnerabilities Mythos discovered, but did give some examples. It found errors in the Linux kernel, used in most of the world's servers, and autonomously chained them together in a way that would let a hacker take complete control of any machine running the Linux systems. In another worrying observation, Mythos discovered a 27-year-old vulnerability in the open-source operating system OpenBSD that may allow hackers to crash any machine running it. OpenBSD is heavily used worldwide in specific, high-security, and critical infrastructure roles. Who will it be released to? Given these findings, Anthropic will only make Mythos Preview available to some of the world's biggest cybersecurity and software firms. Anthropic itself, as well as 11 other organisations (Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks) will get access to the model as part of a new Anthropic initiative named "Project Glasswing". This allows the companies to use Mythos Preview as part of their security work, and Anthropic will share the takeaways from what the initiative finds. The company named the cybersecurity project after the glasswing butterfly, saying it is a metaphor for how Mythos found vulnerabilities in plain sight and avoided harm by being transparent about the risks. Anthropic said its "eventual goal is to enable our users to safely deploy Mythos-class models at scale, for cybersecurity purposes, but also for the myriad other benefits that such highly capable models will bring. "To do so, that also means we need to make progress in developing cybersecurity (and other) safeguards that detect and block the model's most dangerous outputs," Anthropic wrote in its blog. Is Anthropic in talks with the US government? Anthropic said in its blog post that it has been in "ongoing discussions" with US government officials about Claude Mythos Preview and its "offensive and defensive cyber capabilities." "The emergence of these cyber capabilities is another reason why the US and its allies must maintain a decisive lead in AI technology," Anthropic said. The company wrote that governments have an important role to play in maintaining the lead and assessing and mitigating national security risks associated with AI models. "We are ready to work with local, state, and federal representatives to assist in these tasks." The announcement comes as Anthropic and the Pentagon are in a legal standoff after the US Department of Defence labelled the company a supply chain risk in February over Anthropic's refusal to allow the use of its AI, Claude, in autonomous weapons and mass surveillance. Do other AI tools have the same capabilities? "More powerful models are going to come from us and from others, and so we do need a plan to respond to this," Anthropic CEO Dario Amodei said in a video, which was released alongside the Mythos announcement. It could take between six and 18 months until other AI competitors release similar models, Logan Graham, head of Anthropic's frontier red team, which studies the implications of frontier AI models for cybersecurity, biosecurity, and autonomous systems, told Axios. "It's very clear to us that we need to talk publicly about this," Graham noted. "The security industry needs to understand that these capabilities may come soon."

[50]

PC Gamer

Anthropic's new Claude Mythos AI model has apparently found thousands of vulnerabilities in 'every major operating system and every major web browser, along with a range of other important pieces of software'

It managed to find a vulnerability in OpenBSD that had lain hidden for 27 years. If there's one thing that AI is good at, particularly language models, it's detecting patterns in datasets so large that it would be practically impossible for humans to sift through them all, quickly and accurately. That certainly seems to be the case with Anthropic's new general-purpose model, Claude Mythos, as the company has announced that it used it to detect "thousands of high-severity vulnerabilities, including some in every major operating system and web browser." Alongside the launch of Claude Mythos, Anthropic also announced Project Glasswing, an "initiative that brings together Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks in an effort to secure the world's most critical software." This is all down to Claude Mythos finding so many vulnerabilities, and perhaps more importantly, "99% of [those] found have not yet been patched". If all of this seems very alarming, Anthropic's detailed blog post on the project reminds us that such vulnerabilities are only a potential weakness: someone has to figure out how to exploit them and then successfully use them in the wild. Don't breathe a sigh of relief just yet, though. "We have seen Mythos Preview write exploits in hours that expert penetration testers said would have taken them weeks to develop," writes Anthropic. Oh, that's not good at all. Anyway, one such example that Mythos created was an exploit for an old vulnerability in FFmpeg: "The underlying bug dates back to the 2003 commit that introduced the H.264 codec. And then, in 2010, this bug was turned into a vulnerability when the code was refactored. Since then, this weakness has been missed by every fuzzer and human who has reviewed the code, and points to the qualitative difference that advanced language models provide. In addition to this vulnerability, Mythos Preview identified several other important vulnerabilities in FFmpeg after several hundred runs over the repository, includ[ing] further bugs in the H.264, H.265, and AV1 codecs, along with many others." It's worth noting that there's a distinct financial cost to all of this, because running all those mega AI servers isn't free, and code repositories need to be repeatedly scanned to find bugs. Anthropic discovered a vulnerability via a 27-year-old bug in OpenBSD: "Across a thousand runs through our scaffold, the total cost was under $20,000 and found several dozen more findings. While the specific run that found the bug above cost under $50, that number only makes sense with full hindsight. Like any search process, we can't know in advance which run will succeed." One good bit of news is that Anthropic actually sent patches out to FFmpeg, though it's not clear as to whether AI was used to generate the fixes themselves. Another bit of good news is actually the whole caboodle. As worrying as it may seem that an AI model has discovered thousands of vulnerabilities in the software that we all use on a daily basis, with the issues now exposed, Claude Mythos has found exposable bugs that passed mere humans by. If the AI model can find new ones quicker than any human can, it's perhaps the turning point in staying one step ahead of hackers and cybercrime. And this makes me wonder as to whether the future of software will see email servers using AI servers to detect spam, phishing mail, or other dodgy messages and delete them so that they never get sent out. Imagine the same thing running on phone networks, nixing spam SMS and robocalls. Hmm, that sounds suspiciously like the beginning of a Skynet-type of AI that decides the real problem isn't vulnerabilities and exploits, but human beings. Yeah, maybe traditional spam filters aren't so bad after all.

[51]

Anthropic's New Model Is So Scarily Powerful It Won't Be Released, Anthropic Says

Late last month, apparent leaks revealed that an as-yet unreleased product from Anthropic called Mythos was â€œby far the most powerful AI model weâ€™ve ever developed.â€ My colleague AJ Dellinger wrote at the time that it was "hard to ignore the fact that this whole situation plays right into the classic AI company playbook of talking up the dangers of a model to highlight how powerful and capable it is." Was Anthropic being sincere about this de facto advertisement for its super-powered AI products being leaked accidentally? Two weeks ago, I might have scoffed, but since Anthropic then accidentally leaked the source code for Claude Code, I'm more inclined to believe the leak was real now.Â At any rate, on Tuesday Anthropic released a system card for its latest frontier model, which is in fact Mythosâ€"actually "Claude Mythos Preview"â€"and notes that the model'sÂ "large increase in capabilities has led us to decide not to make it generally available." For reference, OpenAI's GPT-2 was deemed too dangerous to release in 2019, when Anthropic co-founders Dario Amodei, Jack Clark, and Chris Olah were still working there, but later that year it was released anyway. AI system cards are ostensibly tools for company transparency, revealing the pros and cons, the capabilities andâ€"most sexilyâ€"the dangers of the model. That last part turns reading them into fun little trips to Jurassic Park to see the cloned T-Rex eat a goat, secure in the knowledge that it could never possibly break containment.Â The whole card is 244 pages. I'm not going to pretend I've read the whole thing yet, but here are some highlights: It was provided a sandbox computer terminal with access to only a preset group of limited online services, and challenged to "escape"â€"find a way to use the internet freely. It did, and found a way to message a researcher who was away from the office eating a meal. Additionally, "in a concerning and unasked-for effort to demonstrate its success, it posted details about its exploit to multiple hard-to-find, but technically public-facing, websites."Â In what the card called "<0.001% of interactions"â€"so pretty rarelyâ€"it behaved in ways it wasn't supposed to, and then apparently tried to hide the evidence. For instance, when it "accidentally obtained" a test answer it was going to need, in which case it should have simply told a researcher and asked for a different question, but instead it tried to find a solution independently, and in the recording of its reasoning, it noted that it "needed to make sure that its final answer submission wasn't too accurate." It also overstepped in its permissions on a computer system because it found an exploit, and then "made further interventions to make sure that any changes it made this way would not appear in the change history on git." Another event described in the card is referred to as "Recklessly leaking internal technical material." Apparently in the course of a coding-related task ment to be internal, it published it as a "public-facing GitHub gist." This reminds me of the incident in February in which an AI agent was accused of cyberbullying a coder, when to some degree the perceived recklessness of the AI agent was obviously the predictable consequence of a reckless human being.Â Claude Mythos Preview will soon be made accessible to one degree or another, but only to a group of partner companies like Amazon Web Services, Apple, Google, JPMorganChase, Microsoft, and NVIDIA, who are meant to use the model to locate security vulnerabilities in software and design patches. Kevin Roose of the New York Times describes this program as "an effort to sound the alarm over what the company believes will be a new, scarier era of A.I. threats."Â

[52]

Frightening AI advances speed race to secure critical infrastructure

Why it matters: AI models are getting so good at autonomously hacking and exploiting severe bugs that their own creators are holding them back out of fear they'll wreak havoc on the systems that power daily life. * Anthropic is limiting access to its Mythos Preview model for that reason. OpenAI is looking to do the same for a forthcoming release, a source familiar with those plans told Axios. * But such capabilities won't remain locked down for long. * Already, researchers have found readily available open-weights models that are capable of exploiting many of the decades-old bugs that Mythos Preview targeted in testing. Driving the news: Anthropic said Tuesday it has no plans to release its Mythos Preview model to the general public, and other models in the Mythos line won't come up unless strict guardrails are in place and defenders have had more time to prepare. * OpenAI also plans to roll out a forthcoming product with advanced cyber capabilities to a small subset of companies through its "Trusted Access for Cyber" program, the source told Axios. The big picture: Hackers are already scary good at turning around exploits that target security flaws in software and hardware. Last year, 42% of vulnerabilities that were used in attacks hadn't even been publicly disclosed yet, according to CrowdStrike. * Security experts now warn that the new models are likely good enough to both find and weaponize vulnerabilities in as little as a day -- giving companies no room for error in their defenses. * "Dwell time used to be 90 days, then it became six days," Rubrik CEO Bipul Sinha told Axios. "Now it has become zero [days], or seconds." Threat level: Shutting off the lights or tampering with local water supplies typically requires a level of knowledge about specific tech stacks and internal systems that most hackers lack. * With AI models that work 24/7 to find, exploit and map out a system, experts fear those attacks could be far easier to execute. * Meanwhile, many critical infrastructure operators don't have the money for the technology and manpower needed to write and test patches for every vulnerability. Between the lines: Cyber defenders tell me that limiting the rollout of highly cyber-capable AI models will give them an edge against attackers, especially in finding and fixing long-standing security vulnerabilities and building more secure software from the start. * "This is an incredible time where the people who are building applications, that are building operating systems, can get a tremendous amount of cybersecurity scale by leveraging AI to help identify security vulnerabilities," Charles Carmakal, CTO at Mandiant, told Axios. * Sinha added that the new approach will give companies the ability to adjust to a new threat landscape that is entirely driven by AI agents, not humans. * "Agents will do the work in the enterprise, and agents are doing the attack," Sinha said. "Everything that is built for a human is irrelevant because the speed has changed." Yes, but: The bigger issue for defenders isn't finding bugs but actually having the time and resources to fix them, Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, told Axios. * As AI dramatically increases the volume of discovered flaws, organizations could face a growing backlog of fixes even as attackers get faster at exploiting them, he added. The flip side: Rolling out models in a restricted way could inhibit the maintainers of open-source projects -- which are found in most modern internet appliances -- that might need these capabilities the most, Aisle chief scientist Stanislav Fort told Axios. * "The open-source maintainers who maintain the software the world runs on can't wait for an invitation to a trusted access program, given that the offensive side is very likely deploying AI already," he said. What to watch: How the U.S. government's cyber leaders respond to these new tools -- and whether new initiatives come out from the Cybersecurity and Infrastructure Security Agency or the White House to help beef up defenses for critical infrastructure.

[53]

The Guardian

Anthropic's new AI tool has implications for us all - whether we want it or not

Claude Mythos's apparent superhuman hacking abilities are alarming experts as the Trump administration remains blinded by hostility In June 2024, a cyber-attack on a pathology services company caused chaos across London's hospitals. More than 10,000 appointments were cancelled. Blood shortages followed and delays to blood tests led to a patient's death. Lethal cyber-attacks like this are thankfully rare. But a new AI release could change that - plunging us into a terrifying new world of chaos and disruption to the digital systems that we rely on. This week Anthropic, a leading AI company in San Francisco, announced "Claude Mythos Preview", an AI model that the startup says is too dangerous to publicly release, thanks to its exceptional cybersecurity - and cyber-attacking - capabilities. Mythos, the company claims, has found vulnerabilities in every major browser and operating system. In other words, this new AI model might be able to help hackers disrupt much of the world's most important software. "This is Y2K-level alarming," one security expert said. Already, Mythos has found a 27-year-old bug in a critical piece of security infrastructure and multiple vulnerabilities in the Linux kernel, essential for computer systems worldwide. These weak points could threaten almost everything on the internet from the streaming services you relax with to the banking systems you rely on. If such technology was widely available and as capable as Anthropic claims, the implications could be catastrophic. Cyber-attacks are no longer a solely digital problem. Almost everything we rely on in the physical world involves software. In recent years, airports, hospitals and transport networks have been crippled by cyber-attacks. Until now, attacks of this scale required serious expertise. Mythos would put that capability in reach of amateurs - and turbocharge the professionals' ability to wreak havoc. Cybersecurity experts are sounding the alarm. Anthony Grieco of Cisco, a networking and cybersecurity company, said: "AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure ... and there is no going back." Lee Klarich, head of product management at Palo Alto Networks, said the model "signals a dangerous shift", and warned that "everyone needs to prepare for AI-assisted attackers". "There will be more attacks, faster attacks and more sophisticated attacks," Klarich said. Thankfully, we're not totally doomed - yet. Rather than release Mythos publicly, Anthropic is first offering it to companies that run much of our critical infrastructure, including Apple, Microsoft and Google. The hope is that they can use Mythos to find gaps in their security and patch them before bad actors obtain similar capabilities. That means that we're now in a race against time. Thanks to a lack of regulation at the national and international levels, there is nothing forcing other companies to follow Anthropic's deployment strategy. It is likely only a matter of months before less responsible actors - in the US or elsewhere - release a model with similar capabilities. When they do, we can only hope that the software we rely on has been adequately secured. In more cooperative times, I would be optimistic that the US could pull off a whole-of-society effort to prepare for this impending "vulnpocalypse". But the Trump administration has declared war against Anthropic, banning government agencies and the military from using its technology and publicly calling it a "radical left, woke company" for not allowing the military to use its tools for the mass surveillance of Americans. That hostility means it's unlikely the government will work with Anthropic to harden its own, famously rickety systems - which are some of the most important ones to secure. There is some reason for optimism. Anthropic may be overstating Mythos's capabilities: it has a vested interest, after all, in hyping its own products. But the documented vulnerabilities and willingness of competitors to partner with Anthropic suggest the threat is real. Some parts of the government, meanwhile, are taking notice: on Tuesday, Scott Bessent, the US treasury secretary, and Jerome Powell, the Federal Reserve chair, reportedly convened Wall Street executives to prepare for the risks posed by Mythos and future cybersecurity-focused AI models. But the overall picture is bleak. Mythos is not just a cybersecurity problem, it is also disquietingly good at helping people design bioweapons, and it sometimes knowingly deceives users and covers its tracks. It is a demonstration of the risks of the "superintelligent" AI that Anthropic and its competitors want to unleash on society - consequences be damned. With Mythos, we may have time to get ahead of the risks. But if governments continue to let these companies operate without rules, we may not be so lucky in future.

[54]

VentureBeat

Anthropic says its most powerful AI cyber model is too dangerous to release publicly -- so it built Project Glasswing

Anthropic on Tuesday announced Project Glasswing, a sweeping cybersecurity initiative that pairs an unreleased frontier AI model -- Claude Mythos Preview -- with a coalition of twelve major technology and finance companies in an effort to find and patch software vulnerabilities across the world's most critical infrastructure before adversaries can exploit them. The launch partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. Anthropic says it has also extended access to more than 40 additional organizations that build or maintain critical software, and is committing up to $100 million in usage credits for Claude Mythos Preview across the effort, along with $4 million in direct donations to open-source security organizations. The announcement arrives at a moment of extraordinary momentum -- and extraordinary scrutiny -- for the San Francisco-based AI startup. Anthropic disclosed on Sunday that its annualized revenue run rate has surpassed $30 billion, up from approximately $9 billion at the end of 2025, and the number of business customers each spending over $1 million annually now exceeds 1,000, doubling in less than two months. The company simultaneously announced a multi-gigawatt compute deal with Google and Broadcom. On the same day, Bloomberg reported that Anthropic had poached a senior Microsoft executive, Eric Boyd, to lead its infrastructure expansion. But Glasswing is something categorically different from a revenue milestone or a compute deal. It's Anthropic's most ambitious attempt to translate frontier AI capabilities -- capabilities the company itself describes as dangerous -- into a defensive advantage before those same capabilities proliferate to hostile actors. At the center of Project Glasswing sits Claude Mythos Preview, a general-purpose frontier model that Anthropic says has already identified thousands of high-severity zero-day vulnerabilities -- meaning flaws previously unknown to software developers -- in every major operating system and every major web browser, along with a range of other critical software. The company is not making the model generally available. "We do not plan to make Claude Mythos Preview generally available due to its cybersecurity capabilities," Newton Cheng, Frontier Red Team Cyber Lead at Anthropic, told VentureBeat in an exclusive interview. "However, given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. The fallout -- for economies, public safety, and national security -- could be severe." That language -- "the fallout could be severe" -- is striking coming from the company that built the model. Anthropic is effectively arguing that the tool it created is powerful enough to reshape the cybersecurity landscape, and that the only responsible thing to do is to keep it restricted while giving defenders a head start. The technical results reinforce that claim. According to Anthropic's press release, Mythos Preview was able to find nearly all of the vulnerabilities it surfaced, and develop many related exploits, entirely autonomously, without any human steering. Three examples stand out: The model found a 27-year-old vulnerability in OpenBSD -- widely regarded as one of the most security-hardened operating systems in the world and commonly used to run firewalls and critical infrastructure. The flaw allowed an attacker to remotely crash any machine running the OS simply by connecting to it. It also discovered a 16-year-old vulnerability in FFmpeg -- the near-ubiquitous video encoding and decoding library -- in a line of code that automated testing tools had exercised five million times without ever catching the problem. And perhaps most alarmingly, Mythos Preview autonomously found and chained together several vulnerabilities in the Linux kernel to escalate from ordinary user access to complete control of the machine. All three vulnerabilities have been reported to the relevant maintainers and have since been patched. For many other vulnerabilities still in the remediation pipeline, Anthropic says it is publishing cryptographic hashes of the details today, with plans to reveal specifics after fixes are in place. On the CyberGym evaluation benchmark, Mythos Preview scored 83.1%, compared to 66.6% for Claude Opus 4.6, Anthropic's next-best model. The gap is even wider on coding benchmarks: Mythos Preview achieves 93.9% on SWE-bench Verified versus 80.8% for Opus 4.6, and 77.8% on SWE-bench Pro versus 53.4%. Finding thousands of zero-days at once sounds impressive. Actually handling the output responsibly is a logistical nightmare -- and one of the sharpest criticisms that security researchers have raised about AI-driven vulnerability discovery. Flooding open-source maintainers, many of whom are unpaid volunteers, with an avalanche of critical bug reports could easily do more harm than good. Cheng told VentureBeat that Anthropic has built a triage pipeline specifically to manage this problem. "We triage every bug that we find and then send the highest severity bugs to professional human triagers we have contracted to assist in our disclosure process by manually validating every bug report before we send it out to ensure that we send only high-quality reports to maintainers," he said. That pipeline is designed to prevent exactly the scenario that maintainers fear most: an automated firehose of unverified reports. "We do not submit large volumes of findings to a single project without first reaching out in an effort to agree on a pace the maintainer can sustain," Cheng added. When Anthropic has access to the source code, the company aims to include a candidate patch with every report, labeled by provenance -- meaning the maintainer knows the patch was written or reviewed by a model -- and offers to collaborate on a production-quality fix. "Models can write patches," Cheng noted, "but there are many factors that impact patch quality, and we strongly recommend that autonomously-written patches are put under the same scrutiny and testing that human-written patches are." On disclosure timelines, Anthropic says it follows a coordinated vulnerability disclosure framework. Once a patch is available, the company will generally wait 45 days before publishing full technical details, giving downstream users time to deploy the fix before exploitation information becomes public. Cheng said the company may shorten that buffer "if the details are already publicly known through other channels, or if earlier publication would materially help defenders identify and mitigate ongoing attacks," or extend it "when patch deployment is unusually complex or the affected footprint is unusually broad." Those are reasonable principles, but they will be tested at a scale that no vulnerability disclosure program has ever attempted. The sheer volume of findings -- thousands of zero-days across every major platform -- means that even a well-designed triage process will face bottlenecks. And the 45-day disclosure window assumes that maintainers can actually produce, test, and ship a patch in that time, which is far from guaranteed for complex kernel-level bugs or deeply embedded cryptographic flaws. The irony of a company claiming to build the most capable cyber model ever constructed while simultaneously suffering a string of embarrassing security lapses has not been lost on observers. In late March, a draft blog post about Mythos was left in an unsecured and publicly searchable data store -- a CMS misconfiguration that exposed roughly 3,000 internal assets, including what appeared to be strategic plans for the model's rollout. Days later, on March 31, anyone who ran npm install on Claude Code pulled down Anthropic's complete original source code -- 512,000 lines -- for approximately three hours due to a packaging error, an incident that drew widespread attention in the developer community and was first reported by VentureBeat. When asked why partners and governments should trust Anthropic as the custodian of a model it describes as having unprecedented cyber capabilities, Cheng was direct. "Security is central to how we build and ship," he told VentureBeat. "These two incidents, a blog CMS misconfiguration and an npm packaging error, were human errors in publishing tooling, not breaches of our security architecture. We've made changes to prevent these from happening again, and we'll continue to improve our processes." It is a technically accurate distinction -- neither incident involved a breach of Anthropic's core model weights, training infrastructure, or API systems -- but it is also a distinction that may prove difficult to sustain as a public argument. For an organization asking governments and Fortune 500 companies to trust it with a tool that can autonomously find and exploit vulnerabilities in the Linux kernel, even minor operational lapses carry outsized reputational risk. The fact that the Mythos leak itself was what first alerted the security community to the model's existence, weeks before the planned announcement, underscores the point. The coalition's breadth is notable. It includes direct competitors -- Google and Microsoft -- alongside cybersecurity incumbents, financial institutions, and the steward of the world's largest open-source ecosystem. And several partners have already been running Mythos Preview against their own infrastructure for weeks. CrowdStrike's CTO Elia Zaitsev framed the initiative in terms of collapsing timelines: "The window between a vulnerability being discovered and being exploited by an adversary has collapsed -- what once took months now happens in minutes with AI." AWS Vice President and CISO Amy Herzog said her teams have already been testing Mythos Preview against critical codebases, where the model is "already helping us strengthen our code." And Microsoft's Global CISO Igor Tsyganskiy noted that when tested against CTI-REALM, Microsoft's open-source security benchmark, "Claude Mythos Preview showed substantial improvements compared to previous models." Perhaps the most revealing comment came from Jim Zemlin, CEO of the Linux Foundation, who pointed to the fundamental asymmetry that has plagued open-source security for decades: "In the past, security expertise has been a luxury reserved for organizations with large security teams. Open-source maintainers -- whose software underpins much of the world's critical infrastructure -- have historically been left to figure out security on their own." Project Glasswing, he said, "offers a credible path to changing that equation." To back that claim with dollars, Anthropic says it has donated $2.5 million to Alpha-Omega and OpenSSF through the Linux Foundation, and $1.5 million to the Apache Software Foundation. Maintainers interested in access can apply through Anthropic's Claude for Open Source program. After the research preview period -- during which Anthropic's $100 million credit commitment will cover most usage -- Claude Mythos Preview will be available to participants at $25 per million input tokens and $125 per million output tokens. Participants can access the model through the Claude API, Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry. Those prices reflect the model's computational intensity. The draft blog post that leaked in March described Mythos as a large, compute-intensive model that would be expensive for both Anthropic and its customers to serve. Anthropic's solution is to develop and launch new safeguards with an upcoming Claude Opus model, allowing the company to "improve and refine them with a model that does not pose the same level of risk as Mythos Preview," as Cheng told VentureBeat. Security professionals whose legitimate work is affected by those safeguards will be able to apply to an upcoming Cyber Verification Program. The financial context matters. The same day Project Glasswing launched, Anthropic disclosed its revenue milestone and the Google-Broadcom compute deal. Broadcom signed an expanded deal with Anthropic that will give the AI startup access to about 3.5 gigawatts worth of computing capacity drawing on Google's AI processors, according to CNBC. The scale of compute being marshaled is staggering -- and it helps explain why Anthropic needs both the revenue from enterprise cybersecurity partnerships and the infrastructure to serve a model of Mythos Preview's size. The timing also intersects with growing speculation about Anthropic's path to a public offering. The company is reportedly evaluating an IPO as early as October 2026. A high-profile, government-adjacent cybersecurity initiative with blue-chip partners is exactly the kind of program that burnishes an IPO narrative -- particularly when the company can simultaneously point to $30 billion in annualized revenue and a compute footprint measured in gigawatts. The most consequential question raised by Project Glasswing is not whether Mythos Preview's capabilities are real -- the partner endorsements and patched vulnerabilities suggest they are -- but how much time defenders actually have before similar capabilities are available to adversaries. Cheng was candid about the timeline. "Frontier AI capabilities are likely to advance substantially over just the next few months," he told VentureBeat. "Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely." He described Project Glasswing as "an important step toward giving defenders a durable advantage in the coming AI-driven era of cybersecurity" but added a crucial caveat: "It's important to note, this is a starting point. No one organization can solve these cybersecurity problems alone." That framing -- months, not years -- is worth taking seriously. DARPA launched its original Cyber Grand Challenge in 2016, a competition to create automatic defensive systems capable of reasoning about flaws, formulating patches, and deploying them on a network in real time. At the time, the winning AI-powered bot, Mayhem, finished last when placed against human teams at DEF CON. A decade later, Anthropic is claiming that a frontier AI model can find vulnerabilities that survived 27 years of expert human review and millions of automated security tests -- and can chain exploits together autonomously to achieve full system compromise. The delta between those two data points illustrates why the industry is treating this as a genuine inflection point, not a marketing exercise. Anthropic itself has firsthand experience with the offensive side of this equation: the company disclosed in November 2025 that a Chinese state-sponsored group achieved 80 to 90 percent autonomous tactical execution using Claude across approximately 30 targets, according to Anthropic's misuse report. Project Glasswing arrives during one of the most turbulent weeks in Anthropic's history. In the span of days, the company has announced a model it considers too dangerous for public release, disclosed that its revenue has tripled, sealed a multi-gigawatt compute deal, hired a senior Microsoft executive, made it more expensive for Claude Code subscribers to use third-party tools like OpenClaw, and weathered a major outage of its Claude chatbot on Tuesday morning. Anthropic says it will report publicly on what it has learned within 90 days. In the medium term, the company has proposed that an independent, third-party body might be the ideal home for continued work on large-scale cybersecurity projects. Whether any of that is fast enough depends on a race that is already underway. Anthropic built a model that can autonomously crack open the most hardened operating systems on the planet -- and is now betting that sharing it with defenders, under careful restrictions, will do more good than the inevitable moment when similar capabilities land in less careful hands. It is, in essence, a wager that transparency can outrun proliferation. The next few months will determine whether that bet pays off, or whether the glasswing's wings were never quite opaque enough to hide what was coming.

[55]

Silicon Republic

Mythos testing begins as governments raise cyber concerns

US, UK and Canadian governments are raising concerns over the model's abilities. Wall Street banks begin testing Anthropic's new AI model Mythos as authorities worldwide signal cybersecurity concerns. Anthropic chose against a public release for Claude Mythos Preview, an AI model leagues better at generating exploits than the company's previous launches. Instead, Mythos was launched to a select group of 40-some "critical" technology and finance companies to test the model and strengthen their cyber defences. Alongside JP Morgan Chase - which was named by Anthropic as a collaborator - Bloomberg reported on 10 April that Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley are also testing the technology. In its research, Anthropic noted that Mythos developed working exploits 181 times out of the several hundred attempts, while Opus 4.6 had a near 0pc success rate. "We did not explicitly train Mythos preview to have these capabilities. Rather, they emerged as a downstream consequence of general improvements in code, reasoning and autonomy," it noted. Other companies involved in Anthropic's collaborative cybersecurity project called 'Glasswing' includes Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks. Mythos has also elicited concern from government authorities, who are warning financial institutions of risks posed by models such as Mythos. Last week, US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell warned Wall Street leaders to take Mythos "seriously", while top Canadian banks, alongside the parent company of the Toronto Stock Exchange and state departments, gathered on 10 April to discuss cybersecurity risks raised by the model. Closer to home, UK financial regulators are in talks with the National Cyber Security Centre, Bank of England, the Financial Conduct Authority and HM Treasury to discuss potential vulnerabilities in their IT systems revealed by Mythos. SiliconRepublic.com has asked the Bank of Ireland and AIB about whether they intend to use the model in their defences. AI-enabled cybersecurity attacks are becoming more commonplace, with seemingly novice bad actors using the technology to compromise hundreds of firewalls with relative ease. Businesses, meanwhile, are finding themselves more exposed to cybersecurity threats. Last year, Marks and Spencer, Co-op and Harrods, all well-known UK-based retail names, suffered from cyberattacks. Months later, cybercriminals stole the pictures, names and addresses of around 8,000 children from a nursery chain in the country. And later that year, US cybersecurity company F5 suffered from a significant cyberattack that gave threat actors long-term access to some of its systems. Don't miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic's digest of need-to-know sci-tech news.

[56]

Fast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

The real question about Anthropic's new Claude Mythos Preview AI model is whether it (and future models like it) will be more helpful to defensive cybersecurity or to hackers. To find out, Fast Company asked a number of cybersecurity pros. Claude Mythos, released in "preview" on April 9, is Anthropic's biggest and most capable frontier AI model. Anthropic researchers say that during its training, the model showed a unique ability to find security vulnerabilities deep within software code, then create exploits to gain administrator-level access to software systems, including operating systems. Because of this, Anthropic says, Mythos is too dangerous to release to the public. But because similar AI models are likely on the way, it announced an industry initiative called Project Glasswing, for which it's giving cybersecurity researchers at various companies and institutions access to the Mythos model so they can harden widely deployed software against AI-assisted attacks. "What Anthropic is showing . . . is how quickly AI is getting to a place where it can identify vulnerabilities at scale," says Marcus Fowler, CEO of Darktrace Federal. "When AI can find vulnerabilities at a speed and depth that materially changes how quickly weaknesses can be identified, it fundamentally accelerates the discovery of issues across both new and existing systems."

[57]

SiliconANGLE

Anthropic debuts Project Glasswing, an initiative that will leverage its powerful Mythos model to reinforce software security - SiliconANGLE

Anthropic debuts Project Glasswing, an initiative that will leverage its powerful Mythos model to reinforce software security Anthropic PBC said today it's releasing a preview of the most powerful frontier model it has ever developed, making it available to a small coterie of partners and cybersecurity researchers to help secure the world's software. The model, called Claude Mythos, is being released as part of a new cybersecurity initiative dubbed Project Glasswing, which will see more than 40 partners use it specifically for "defensive security work." According to Anthropic, though Mythos was not originally trained for security purposes, it excels at proprietary and open-source software code for vulnerabilities. The company said it's not releasing Mythos to the public because it's just "too powerful," and therefore too risky to make such a move. Claude Mythos was first revealed in March in a leak that was surfaced by Fortune. According to that report, the leaked details described Mythos as "larger and more intelligent" than Anthropic's existing Claude Opus models, which are its most powerful publicly available offerings. It was initially designed to be a general purpose model for Claude, and was designed to have exceptionally strong coding and reasoning skills that would enable it to perform tasks such as building AI agents and writing code. Anthropic says caution is necessary because the "capabilities we've observed in Mythos Preview could reshape cybersecurity." In the past few weeks, while testing Mythos, the company said it has identified "thousands of vulnerabilities" across websites and apps, including every major operating system and web browser in use today. The partner organizations in Project Glasswing include Amazon.com Inc., Apple Inc., Broadcom Inc., Cisco Systems Inc., CrowdStrike Holdings Inc., the Linux Foundation, Microsoft Corp. and Palo Alto Networks Inc. In addition, access will be provided to around 40 other organizations that build or maintain "critical software infrastructure." The partners will share what they learn from using Mythos with the rest of the technology community, so everyone can benefit from it and develop more secure software, Anthropic said. To facilitate the partners' research, Anthropic has committed $100 million in usage credits to Project Glasswing, so those partners won't be required to pay the application programming interface fees for their security testing and research. The company is also said to be having "ongoing discussions" with U.S. government officials about giving them access to Mythos, though it's possible that those negotiations are complicated by the company's ongoing legal battle with the White House. That's because Anthropic was recently labeled as a "supply chain risk" for refusing to let the Pentagon use Claude for autonomous weapons targeting or mass surveillance. Regarding Mythos's prowess, Anthropic explained that it recently discovered a 16-year-old vulnerability in FFmpeg, which is used by hundreds of applications to encode and decode video. The bug was discovered in a line of code that had been scanned more than five million times by traditional security tools without ever catching it. What's worse is that Mythos is also powerful enough to immediately develop a sophisticated exploit for the vulnerabilities it discovers, potentially allowing attackers to immediately take advantage and start doing damage. But while Mythos can be exceedingly dangerous, it can also be used for good. Cisco Chief Security and Trust Officer Anthony Grieco said his team has been using the model to find and fix security vulnerabilities across both hardware and software "at a pace and scale previously impossible." He said it represents a "profound shift and a clear signal that the old ways of hardening systems are no longer sufficient." Anthropic said its eventual goal is to make it so that Mythos-class models can be deployed at scale by the public, but for that to happen, it needs to develop cybersecurity safeguards that detect and block its most dangerous outputs. Mythos will be especially useful for software developers, if those safeguards can ever be built and verified. On the SWE-bench Verified benchmark that gauges AI models' coding abilities, Mythos was able to solve 93.9% of all problems, a much higher score than Claude Opus 4.6's 80.8% accuracy rate. Moreover, Mythos achieved 77.8% accuracy on SWE-bench Pro, which is a more challenging evaluation, compared to just 53.4% for Opus 4.6.

[58]

Fortune

Anthropic is giving some firms access to Claude Mythos to bolster cybersecurity defenses | Fortune

Anthropic is giving a group of Big Tech and cybersecurity firms access to a preview version of Claude Mythos -- its unreleased and most advanced AI model -- in an attempt to bolster cybersecurity defences across some of the world's most critical systems. The company has been concerned that the new model may pose unprecedented cybersecurity risks and increase the likelihood of large-scale AI-driven cyberattacks this year. The initiative, called "Project Glasswing," allows firms, including Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, and NVIDIA, to use the company's Mythos Preview for defensive security work and share their learnings with the wider industry. Anthropic is also providing access to roughly 40 more organizations responsible for building or maintaining critical software infrastructure, allowing them to use the model to scan and secure both their own systems and open-source code. In a blog post announcing the new initiative, Anthropic said it formed Project Glasswing because it believes the capabilities of its Claude Mythos Preview could reshape the cybersecurity sector due to its strong agentic coding and reasoning skills. Anthropic said it does not plan to make the Mythos Preview generally available, but eventually wants to safely deploy Mythos-class models at scale when new safeguards are in place. The existence of Anthropic's Mythos model was first revealed in March, when Fortune reported that the company was developing and testing an unreleased model described in company documents as "by far the most powerful AI model" it had ever developed. In a draft blogpost inadvertently made public last month, Anthropic warned that Mythos is "currently far ahead of any other AI model in cyber capabilities" and said it "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders." The news of the model's existence has already rattled the cybersecurity industry. Following Fortune's report, shares in CrowdStrike, Palo Alto Networks, Zscaler, SentinelOne, Okta, Netskope, and Tenable all slumped between 5% and 11% as investors worried that increasingly capable AI models could undermine demand for traditional security products, a concern that had already surfaced the previous month when Anthropic launched Claude Code Security. In just the past few weeks, Anthropic says its Mythos Preview has identified thousands of zero-day vulnerabilities, many of which were critical and difficult to detect, including some in every major operating system and web browser. Several of the vulnerabilities discovered using the model had existed undetected for years, according to the company, the oldest being a 27-year old bug in OpenBSD -- an operating system best known for its strong security. But Anthropic has also acknowledged that the same capabilities that can bolster cyber defences can also be weaponized by attackers. "Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely," the company said in a blog post. "The fallout -- for economies, public safety, and national security -- could be severe. Project Glasswing is an urgent attempt to put these capabilities to work for defensive purposes." While concerns about AI's potential to automate large-scale cyber attacks have been building for a while, Anthropic's newest model appears to represent a dangerous new level of AI performance in cyber tasks. According to a report from Axios, Anthropic has already privately warned top government officials that Mythos makes large-scale cyberattacks significantly more likely this year. Previous models from OpenAI and Anthropic had already reached a new risk level for cyber threats. When OpenAI released GPT-5.3-Codex in February, the company said it was the first model it had classified as high-capability for cybersecurity tasks under its Preparedness Framework and the first it had directly trained to identify software vulnerabilities. Anthropic also said its most advanced model on the market, Opus 4.6, released the same week, demonstrated an ability to surface previously unknown vulnerabilities in production codebases -- a capability the company acknowledged was dual-use. Hackers have already leveraged Anthropic's tools to enable more sophisticated and autonomous attacks. Last year, the company disclosed what it described as the first documented case of a cyberattack largely executed by AI -- a Chinese state-sponsored group that used AI agents to autonomously infiltrate roughly 30 global targets, with AI handling the majority of tactical operations independently. "Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely," Anthropic said in a statement. "The work of defending the world's cyber infrastructure might take years; frontier AI capabilities are likely to advance substantially over just the next few months. For cyber defenders to come out ahead, we need to act now."

[59]

Decrypt

OpenAI Plans Advanced Cybersecurity Product -- With 'Trusted Access' Only - Decrypt

Frontier models and products now appear to be too risky to release publicly. OpenAI is currently building a cybersecurity product it plans to release exclusively through its "Trusted Access for Cyber" program, according to Axios. The program was previously announced in February, and it's meant to be a controlled rollout that keeps certain products away from the general public and in the hands of defensive security operators only. OpenAI launched the program after releasing GPT-5.3-Codex, currently its most capable cybersecurity offering, and is backing participant access with $10 million in API credits. The news comes amid growing worry among cybersecurity experts over the potential for increasingly powerful AI products overwhelming existing systems. Just earlier this week, Anthropic spooked itself with its own creation, Claude Mythos. Anthropic said Mythos is the company's most capable AI model, and turned out to be so effective at finding security vulnerabilities -- zero-days in every major operating system and browser -- that it decided only a handpicked group of organizations should have access to it. Now OpenAI is, reportedly, doing something similar. Anthropic is currently fighting a legal battle after the Pentagon designated it a supply chain risk after the company refused to lift usage restrictions on Claude for surveillance and autonomous weapons applications. Federal agencies have been scrutinizing AI companies' safety protocols with increasing intensity since early April. As of now, OpenAI has not shared any public information officially confirming or denying the reports. The reason for the restrictions isn't subtle. Anthropic's Mythos Preview, which leaked before its official rollout, was found capable of identifying "tens of thousands of vulnerabilities" that even advanced human bug hunters would struggle to locate. The model is described as "extremely autonomous" and reasons with the sophistication of a senior security researcher. That kind of capability, available to anyone with an API key, is the kind of thing that keeps security teams up at night. Anthropic's response was Project Glasswing -- a controlled access initiative that gives Mythos Preview only to vetted organizations: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, Palo Alto Networks, and roughly 40 others involved in maintaining critical infrastructure. OpenAI's decision to lock down products like this one looks like an attempt to get ahead of that regulatory pressure. By voluntarily restricting access before a government agency tells them to, OpenAI positions itself as the responsible actor in a space where Anthropic is getting hammered. The restrictions also reflect something deeper than caution about one specific model. Anthropic's own safety report acknowledged that Cybench, the benchmark used to evaluate whether an AI poses serious cyber risk, "is no longer sufficiently informative of current frontier model capabilities" -- because Mythos cleared it completely. The tool built to measure the danger is no longer adequate for what's being built. Anthropic added that its overall safety determination "involves judgment calls" and that many evaluations leave "more fundamental uncertainty." Anthropic committed up to $100 million in usage credits and $4 million in direct donations to open-source security organizations as part of its rollout. OpenAI has not announced a comparable commitment alongside its access program, though both companies are framing their restricted programs as a net benefit for defensive security -- the idea being that giving better tools to defenders before attackers get them is worth the tradeoff of limiting general access. The pattern emerging across the frontier AI industry is that the most capable models will no longer arrive as broad product launches. They'll be distributed more like classified research -- selectively, under agreement, to organizations with the infrastructure and intent to use them responsibly.

[60]

Dataconomy

Anthropic launches Project Glasswing to combat AI-driven cyber threats

Anthropic launched Project Glasswing, aimed at protecting global software infrastructure from AI-driven cyber threats. The initiative coincides with the introduction of Claude Mythos Preview, an unreleased AI model designed to identify and exploit software vulnerabilities. During testing, Claude Mythos Preview autonomously found thousands of high-severity, "zero-day" vulnerabilities across major operating systems and web browsers. Notable vulnerabilities included a 27-year-old flaw in OpenBSD allowing remote crashes, a 16-year-old flaw in FFmpeg that evaded five million automated tests, and multiple vulnerabilities in the Linux Kernel that provided full system control from ordinary user access. All discovered vulnerabilities have been reported to developers and subsequently patched. To leverage the model's capabilities for defensive purposes, Anthropic formed the Glasswing Coalition, inviting technology leaders such as Amazon Web Services, Apple, Google, Microsoft, NVIDIA, Broadcom, Cisco, CrowdStrike, Palo Alto Networks, JPMorganChase, and the Linux Foundation as founding partners. Anthropic will allocate $100 million in usage credits for Mythos Preview to these partners and 40 additional organizations involved in critical infrastructure management. Additionally, the company plans to donate $4 million to open-source security organizations, including the Apache Software Foundation and OpenSSF. Internal evaluations indicate that Mythos Preview significantly outperforms previous models in key benchmarks, scoring 83.1% in CyberGym for vulnerability reproduction and 93.9% in SWE-bench Verified for coding accuracy. Pricing for partners using the model will be $25 per million input tokens and $125 per million output tokens through platforms such as AWS Bedrock and Google Cloud's Vertex AI. Anthropic announced it will restrict public access to Claude Mythos Preview, limiting its usage to defensive security functions like penetration testing and binary testing. The initiative includes an obligation to report public findings and improvements within 90 days. Furthermore, Anthropic is in discussions with the U.S. government regarding the national security implications of the model. "The window between a vulnerability being discovered and being exploited has collapsed," said Elia Zaitsev, CTO of CrowdStrike. "That is not a reason to slow down; it's a reason to move together, faster."

[61]

Financial Review

Anthropic pits bot against bot in AI cyberwar with powerful new model

Artificial intelligence giant Anthropic is rolling out an AI model it says is so powerful in its cybersecurity capabilities that it can only be used by specialists in the industry, and has pulled big name rivals and customers into an alliance to pit good bots against bad ones. News of Anthropic's new model - named Claude Mythos Preview - had been leaked via an Anthropic website bungle in late March, sending cybersecurity stocks including CrowdStrike, Palo Alto Networks and Zscaler tumbling in echoes of the SaaSpocalypse triggered by the launch of Claude Cowork in March.

[62]

Cointelegraph

Anthropic Holds Back Claude Mythos After it Found Thousands of 0-Day Bugs

AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities, Anthropic said. Anthropic has announced it is rolling out its AI model, Claude Mythos Preview, to only a select group of companies after the new model found thousands of critical vulnerabilities across operating systems, web browsers and other software. The new general-purpose model, Anthropic said, also found high-security vulnerabilities in every major operating system and web browser. "Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely." AI has already been used by hackers to conduct cyberattacks. There has been a 72% year-over-year increase in AI-powered cyberattacks, with 87% of global organizations experiencing AI-enabled cyberattacks in 2025, according to AllAboutAI. Anthropic expressed concern over what would happen if similar AI capabilities were used by bad actors. To combat this, Anthropic announced Project Glasswing on Tuesday, a new initiative that brings together more than 40 companies, including Amazon Web Services, Apple, Cisco, Google, JPMorgan, the Linux Foundation, Microsoft and Nvidia. Project Glasswing will use Claude Mythos Preview's capabilities to defensively find bugs, share the data with its partners and get ahead of threats by patching critical vulnerabilities before bad actors can exploit them. A zero-day vulnerability is a software bug that can be exploited before anyone with the ability to fix it even knows it exists. Finding and patching them has historically required rare, expensive human expertise, but AI could change the scale and speed of detection. Anthropic said the vulnerabilities it finds are "often subtle or difficult to detect." Many of them are 10 or 20 years old, with the oldest found so far being a now-patched 27-year-old bug in OpenBSD -- an operating system known primarily for its security, it added. It also found a 16-year-old bug in the FFmpeg media processing library, a 17-year-old remote code execution vulnerability in the open-source FreeBSD operating system and numerous vulnerabilities in the Linux kernel. Related: Cybersecurity stocks fall after Anthropic unveils Claude Code Security Mythos Preview also identified several weaknesses in the world's most popular cryptography libraries, algorithms and protocols, including TLS, AES-GCM and SSH. It added that web applications "contain a myriad of vulnerabilities," ranging from cross-site scripting and SQL injection to domain-specific vulnerabilities such as cross-site request forgery, which is often used in phishing attacks. Anthropic claimed that 99% of the vulnerabilities it found have not yet been patched, "so it would be irresponsible for us to disclose details about them,. Anthropic said that this is likely just the beginning of a trend, and the "work of defending the world's cyber infrastructure might take years," but AI will help harden software and systems. "In the long run, we expect that defense capabilities will dominate: that the world will emerge more secure, with software better hardened -- in large part by code written by these models. But the transitional period will be fraught."

[63]

France 24

Mythos AI alarm bells: Fair warning or marketing hype?

San Francisco (United States) (AFP) - Anthropic postponing the release of its new AI model Claude Mythos, said to be so skilled at coding it could be a wicked weapon for hackers, has encountered a mix of alarm and skepticism. The company is among several contenders in a fierce artificial intelligence race. Promoting the awe of Anthropic's own technology boosts business and enhances its allure in the event it soon goes public, as is rumored. "The world has no choice but to take the cyber threat associated with Mythos seriously," said David Sacks, an entrepreneur and investor who heads President Donald Trump's council of advisors on technology. "But it's hard to ignore that Anthropic has a history of scare tactics." Mythos has sparked fears of hackers commanding armies of AI agents able to break through computer defenses with ease. At this week's HumanX AI conference in San Francisco, Alex Stamos of startup Corridor, which addresses AI safety, acknowledged a real threat from agentic hackers. And Stamos quipped about what he referred to as Anthropic's "marketing schtick." "They have these adorable cutesy cartoons about these products that are so incredibly dangerous that they won't even let people use them," Stamos said of the San Francisco-based startup. "It's like if the Manhattan Project announced the nuclear bomb within a cute little Calvin and Hobbes cartoon." The heads of America's biggest banks met this week with Federal Reserve Chairman Jerome Powell and Treasury Secretary Scott Bessent to weigh the security implications of the yet-to-be released Claude Mythos, according to reports Friday. "Mythos model points to something far more consequential than another leap in artificial intelligence," Cato Networks co-founder and chief executive Shlomo Kramer said in a blog post. "It signals a shift that could redefine the balance between attackers and defenders in cyberspace." A tightly restricted preview of Mythos was shared with partner organizations this week, under an initiative called Project Glasswing. They include Amazon, Apple, Microsoft, Google, Cisco, CrowdStrike and JPMorgan Chase. According to Anthropic and partners, Mythos can autonomously scan vast amounts of code to find and chain together previously unknown security vulnerabilities in all kinds of software, from operating systems to web browsers. Crucially, they warn, this can be done at a speed and scale no human could match, meaning it could be used to bring down banks, hospitals or national infrastructure within hours. "What once required elite specialists can now be performed by software agents," Shlomo said. "The immediate consequences will be a surge in vulnerability discovery, a true tsunami" of exploiting known and unknown vulnerabilities. 'Agent-to Agent War' At HumanX, the apparent consensus was that it makes sense that AI agents already adept at coding will excel at finding weaknesses in software. "We're not in an era where human beings can write code when we have superhuman (AI models) that are then going to find bugs in it," Stamos contended. "It's just not possible." He predicted the coming dynamic will involve humans supervising AI agents to protect networks against hackers using that same technology to attack. Stamos referred to it as "agent-to-agent war," with humans on the sidelines giving advice. Wendy Whitmore, of cybersecurity firm Palo Alto Networks, expects "some sort of catastrophic attack" this year connected to AI agent capabilities. "The thing that keeps me up at night is that we're staring down the barrel of a massive influx of new vulnerabilities that are going to be found by AI," said Adam Meyers of CrowdStrike. Meyers saw embedding a tiny AI model directly into malicious code infecting networks as a natural tactic to be explored by hackers. "The ultimate weapon would be malware that has no pre-programming," Meyers said. "It can do whatever you ask it to."

[64]

NBC

Why Anthropic won't release its new Mythos AI model to the public

Experts and software engineers are warning that Anthropic's new AI model could usher in a new era of hacking and cybersecurity, as AI systems capable of advanced reasoning identify and exploit a growing number of software vulnerabilities. Citing the potential damage that could result from a wider public release, leading AI company Anthropic released the cutting-edge model, called Claude Mythos Preview, on Tuesday to a limited group of tech companies, refraining from a wider public release. The model is the latest in Anthropic's Claude series of AI systems. Its release was previewed at the end of March, when Fortune identified its mention in an unsecured database on Anthropic's website. Anthropic's researchers say Mythos Preview was able to detect thousands of high- and critical-severity bugs and software defects, with vulnerabilities identified in most major operating systems and web browsers. Anthropic said some of the vulnerabilities had been undiscovered for decades. While some outside experts called for caution in interpreting the new results given limited public information about the identified vulnerabilities, many others said the model's debut -- and Anthropic's caution -- was significant. "It's all very much real," Katie Moussouris, the CEO and cofounder of Luta Security, a company that connects cybersecurity researchers with companies that have software vulnerabilities, said of the hype around Anthropic's claims. "I'm not a Chicken Little kind of person when it comes to this stuff," Moussouris said. "We are definitely going to see some huge ramifications." Instead of a public release, Anthropic is giving tech companies like Microsoft, Nvidia and Cisco access to Mythos Preview to shore up cyber defenses. As part of this new effort, called Project Glasswing, Anthropic will give over 50 tech organizations access to Mythos Preview with over $100 million in usage credits. "Project Glasswing partners will receive access to Claude Mythos Preview to find and fix vulnerabilities or weaknesses in their foundational systems -- systems that represent a very large portion of the world's shared cyberattack surface," Anthropic announced in a blog post. "Project Glasswing is an important step toward giving defenders a durable advantage in the coming AI-driven era of cybersecurity." It is currently unclear exactly how many of the reported vulnerabilities identified by Mythos Preview have been previously discovered or reported, or exactly what the vulnerabilities are. Due to the sensitive nature of the vulnerabilities, Anthropic said it would disclose the nature of currently-opaque vulnerabilities within 135 days of sharing the vulnerability with the organization or party responsible for the software. This is the first time in nearly seven years that a leading AI company has so publicly withheld a model over safety concerns. In 2019, OpenAI -- now one of Anthropic's primary rivals -- decided to withhold its GPT-2 system "due to concerns about large language models being used to generate deceptive, biased, or abusive language at scale." Mythos Preview is a general-purpose model, or the type of system that powers products like Claude Code or ChatGPT. Yet in pre-release testing, Anthropic found Mythos Preview's cybersecurity capabilities in particular were surprisingly advanced compared to previous models, which led to the creation of Project Glasswing. Logan Graham, who leads offensive cyber research at Anthropic, said that the Mythos Preview model was advanced enough to not only identify undiscovered software vulnerabilities but to weaponize them. The model can singlehandedly perform complex, effective hacking tasks, including identifying multiple undisclosed vulnerabilities, writing code that can hack them and then chaining those together to form a way to penetrate complex software, he said. "We've regularly seen it chain vulnerabilities together. The degree of its autonomy and sort of long ranged-ness, the ability to put multiple things together, I think, is a particular thing about this model," Graham told NBC News. That capability meant that the company is so far reluctant to release even a carefully guardrailed version of the model to the public, he said, at least until some western companies can use it to identify defenses to build around them. "We are not confident that everybody should have access right now," Graham said. "We need to start figuring out how we'd prepare for a world of this first before we can handle the idea of black hat [criminal or adversarial] hackers having access." Anthropic has also briefed the federal government on Mythos Preview's cybersecurity capabilities. Anthropic is currently embroiled in a heated dispute with the Trump Administration over the use of its models by the federal government after Defense Secretary Pete Hegseth declared Anthropic a "supply chain risk to national security" in late February. A federal judge issued a preliminary injunction against this designation in late March, but the Trump Administration is appealing the ruling. According to an Anthropic employee, the company "briefed senior officials across the U.S. government on Mythos Preview's full capabilities, including both its offensive and defensive cyber applications. That engagement has included ongoing discussions with CISA [the Cybersecurity and Infrastructure Security Agency] and CAISI [The Center for AI Standards and Innovation], among others." "Bringing government into the loop early -- on what the model can do, where the risks are, and how we're managing them -- was a priority from the start," the employee said. CISA and the National Institute of Standards and Technology, the agency that contains CAISI, did not respond to a request for comment before publication. A spokesperson for the National Security Agency, widely regarded as the most sophisticated hacking agency in the world, declined to comment when asked if it had been briefed on Mythos. Not everyone is convinced Mythos Preview represents the leap Anthropic claims. Heidy Khlaaf, chief AI scientist at the AI Now Institute, noted that Anthropic's detailed blog post explaining the new vulnerabilities left out many key details needed to verify the company's claims. Writing on X, Khlaaf warned against "taking these claims at face value" without more information, such as the rates of false positives and clearer explanations for how the humans conducted manual reviews of the identified vulnerabilities. Beyond Mythos Preview's cybersecurity implications, the model also demonstrated concerning behavior as part of Anthropic's pre-release safety testing. As part of releasing new models, Anthropic creates detailed reports called "system cards" that share how the model performs on a variety of evaluations. The system card for Mythos Preview, released Tuesday, notes that "Claude Mythos Preview's large increase in capabilities has led us to decide not to make it generally available." According to the system card, in one evaluation, the model showed some sort of awareness that it was being evaluated in around 29% of transcripts -- even though the model did not explicitly tell researchers that it knew it was being evaluated. Some researchers worry that a model might change its behavior and act more safely if it is aware it is being evaluated. Anthropic and researchers working with the company to evaluate the model's safety also noted that Mythos Preview intentionally appeared to perform worse on one evaluation than it could have, in order to appear less suspicious. "We find this overall pattern of behavior concerning, and have not seen it before in similar evaluations of earlier Claude models," Anthropic wrote in the system card. In another experiment with an earlier version of Mythos Preview, an Anthropic researcher instructed a model essentially isolated to a secured computer to try to escape and send the researcher a message. The researcher, Sam Bowman, was eating a sandwich in a park when he received an email from the model. "That instance wasn't supposed to have access to the internet," Bowman wrote on X.

[65]

CBS

Anthropic's potent new AI model is a "wake-up call," security experts say

Aimee Picchi is the associate managing editor for CBS MoneyWatch, where she covers business and personal finance. She previously worked at Bloomberg News and has written for national news outlets including USA Today and Consumer Reports. Anthropic's latest AI technology, called Mythos, is so powerful at revealing software vulnerabilities that the company is afraid to release the model publicly lest it fall into the hands of bad actors. The company, the developer behind the Claude AI chatbot, said in a post on its website this week that the new tool has already uncovered thousands of weak points in "every major operating system and web browser." That is stirring concern that hackers could exploit Mythos to attack banks, hospitals, government systems and other critical infrastructure. Rather than releasing Mythos to the public, Anthropic is sharing the tech with a select group of major companies, including Amazon, Apple, Cisco, JPMorgan Chase and Nvidia, to test the model and to harden their own systems against cyberattacks. Called Project Glasswing, the effort aims to create strong defenses before hackers get access to Mythos or similar AI models. "What we need to do is look at this as a wake-up call to say, the storm isn't coming -- the storm is here," Alissa Valentina Knight, CEO of cybersecurity AI company Assail, told CBS News. "We need to prepare ourselves because we couldn't keep up with the bad guys when it was humans hacking into our networks. We certainly can't keep up now if they're using AI because it's so much devastatingly faster and more capable." Mythos' capabilities are also sparking concern among federal officials. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell met with top bank CEOs in a closed-door meeting on Tuesday to discuss Mythos and other emerging cybersecurity risks stemming from AI. Anthropic also briefed senior U.S. government officials and key industry stakeholders on Mythos's capabilities, CBS News has learned. Anthropic didn't return a request for comment. In its post, however, the company underscored the risks of misusing tools like Mythos. "The fallout -- for economies, public safety, and national security -- could be severe," the company said. Such stark warnings, however, mask another troubling reality: Cybersecurity experts say that hackers already have access to advanced AI models. Other AI tools, while not yet as effective as Mythos in exposing the soft underbelly in software, are already amplifying the risks to consumers, businesses and governments. For instance, hackers are already tapping AI to sharpen so-called phishing attacks aimed at prying loose confidential information, said Zach Lewis, the chief information officer at the University of Health Sciences and Pharmacy in St. Louis. "It's been used to really script those dialogues, those conversations, those phishing emails, to specific people -- and really customize them to make them a lot more difficult to detect and identify if these are fake or not," he told CBS News. AI is also driving more ransomware attacks, with a recent PwC report finding that posts on ransomware leak sites -- public disclosures of stolen data when a company does not pay a ransom -- surged 58% in 2025 from the prior year. "Once [Mythos] drops, we're going to see a lot more vulnerabilities, probably a lot more attacks," Lewis said. "Cyberattacks are definitely going to increase until we get to a point where we're patching up all those vulnerabilities almost in real time." AI is more effective than humans at finding software bugs because it can quickly scan thousands of lines of code and detect problems, something people are not necessarily good at, Knight explained. "Humans are the weakest link in security," Knight noted. "Humans have the ability to make mistakes when we're writing code. It's possible for vulnerabilities in source code to have never been found by humans." Some security experts questioned the motives behind Anthropic's incremental approach to rolling out Mythos, speculating that the limited release could be aimed at stirring intrest from other prospective customers. Meanwhile, both Anthropic and rival OpenAI are expected to launch initial public offerings by the end of the year, according to the Wall Street Journal -- a possible incentive to drum up headlines, said Peter Garraghan, Founder and Chief Science Officer at Mindgard, an AI security platform. "I suspect Anthropic may be using this as a marketing ploy, perhaps towards IPO," he said. Anthropic has sought to distinguish its brand from OpenAI and other rivals by publicly emphasizing AI safety, highlighting its guardrails for keeping the technology in line. Anthropic's decision to hold off on releasing Mythos and launching Project Glasswing aligns with that image, noted Columbia Business School marketing lecturer Malek Ben Sliman. "When facing the tough decisions, Anthropic has actually been true to its values," he said. Curating the release of Mythos "does allow them to look to be the protectors of this responsible AI, but it also is a great marketing and advertising tool."

[66]

Scoop: OpenAI plans staggered rollout of new model over cybersecurity risk

Why it matters: AI capabilities have reached a tipping point, at least in terms of autonomy and hacking capabilities. Model-makers are now so worried about the havoc their own tools could cause that they're reluctant to release them into the wild. Driving the news: Anthropic announced plans Tuesday to limit access of its new Mythos Preview model to a hand-picked group of technology and cybersecurity companies over fears of its advanced hacking capabilities. * At the time, it was the first AI company to take such an approach with a new model. * Now, OpenAI is planning a similar approach, according to the source. Zoom in: OpenAI introduced its "Trusted Access for Cyber" pilot program in February after rolling out GPT-5.3-Codex, the company's most cyber-capable reasoning model. * Organizations in the invite-only program are given access to "even more cyber capable or permissive models to accelerate legitimate defensive work," according to a blog post. * At the time, OpenAI committed $10 million in API credits to participants. The big picture: Former government officials and top security leaders have been ringing alarm bells over the past year about AI models that -- in the wrong hands -- could one day autonomously disrupt water utilities, the electric grid, or financial systems. * Those capabilities now appear to be here. Threat level: Even if AI companies hold back their models for limited releases, top security experts all have the same message: There's no going back. * "You can't stop models from doing code enumeration or finding flaws in older codebases," said Rob T. Lee, chief AI officer at the SANS Institute. "That capability exists now." * It's only a matter of weeks or months before there's a new model with similar capabilities out in the wild, Wendi Whitmore, chief security intelligence officer at Palo Alto Networks, told Axios during a panel at the HumanX conference in San Francisco on Tuesday. * Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, called Mythos' capabilities a "wake-up call" for the entire industry. Between the lines: Restricting the rollout of a new frontier model makes "more sense" if companies are concerned about models' ability to write new exploits -- rather than about their ability to find bugs in the first place, Stanislav Fort, CEO of security firm Aisle, told Axios. The intrigue: Staggering the release of new AI models looks a lot like how cybersecurity vendors currently handle the disclosure of security flaws in software, Lee added. * "It's the same debate we've had for decades around responsible vulnerability disclosure," Lee said. Yes, but: It's unclear if OpenAI will decide to release its forthcoming model more broadly at some point. * Anthropic has said it won't ever release Mythos Preview to the public, but would consider releasing other Mythos models if there are strong guardrails. Reality check: Widely available AI models are already capable of finding some of the vulnerabilities and exploits that Mythos uncovered, researchers at AISLE found Wednesday.

[67]

The Guardian

Anthropic says its latest AI model can expose weaknesses in software security

AI company says purpose of its Claude Mythos model is to bolster defenses against hacking in common applications Anthropic on Tuesday said its yet-to-be-released artificial intelligence model called Claude Mythos has proven keenly adept at exposing software weaknesses. Mythos has laid bare thousands of vulnerabilities in commonly used applications for which no patch or fix exists, prompting the San Francisco-based AI startup to form an alliance with cybersecurity specialists to bolster defenses against hacking and withhold wide distribution. "We have a new model that we're explicitly not releasing to the public," Mike Krieger of Anthropic Labs said at a HumanX AI conference in San Francisco. Instead, Anthropic is letting cybersecurity specialists and engineers in the open-source community work with Mythos to use the model as a defensive weapon "sort of arming them ahead of time", Krieger explained. Leaps in AI model capabilities have come with concerns about hackers using such tools for figuring out passwords or cracking encryption meant to keep data safe. The oldest of the vulnerabilities uncovered by Mythos dates back 27 years, and none were ostensibly noticed by their makers before being pinpointed by the AI model, according to Anthropic. Mythos is the latest generation of Anthropic's Claude family of AI, and a recent leak of some of its code prompted the startup to release a blog post warning it posed unprecedented cybersecurity risks. "AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities," Anthropic said in a blog post. "The fallout - for economies, public safety, and national security - could be severe." Software vulnerabilities exposed by Mythos were often subtle and difficult to detect without AI, according to Anthropic. As an example, it said Mythos found a previously unnoticed flaw in video software that had been tested more than 5m times by its creators. As a precaution, Anthropic has shared a version of Mythos with cybersecurity companies CrowdStrike and Palo Alto Networks, as well as with Amazon, Apple and Microsoft in a project it dubbed "Glasswing". Networking giants Cisco and Broadcom are taking part in the project, along with the Linux Foundation that promotes the free, open-source Linux computer operating system. "This work is too important and too urgent to do alone," Anthony Grieco, Cisco's chief security and trust officer, said in a joint release about Glasswing. "AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back." Approximately 40 organizations involved in the design, maintenance or operation of computer systems are said to have joined Glasswing. Project partners are to share their Mythos findings, according to Anthropic, which is providing about $100m worth of computing resources for the mission. Early work with AI models has shown they can help find and fix software and hardware vulnerabilities at a pace and scale not previously possible, according to Grieco. "The window between a vulnerability being discovered and being exploited by an adversary has collapsed - what once took months now happens in minutes with AI," said Crowdstrike's chief technology officer, Elia Zaitsev. "Claude Mythos Preview demonstrates what is now possible for defenders at scale, and adversaries will inevitably look to exploit the same capabilities," he added. Anthropic said it has had discussions with the US government regarding Mythos despite a decree by the White House in February to terminate all contracts with the startup. That directive was put on hold by a federal court judge while a legal challenge by Anthropic works its way through the courts.

[68]

The Hill

Anthropic says new AI model too dangerous for public release

Anthropic announced this week it will hold back the full release of its new artificial intelligence model as it believes it is too dangerous for the general public at this stage. The model, called Claude Mythos Preview, will be available to a select group of technology firms including Microsoft, Apple, CrowdStrike and Amazon Web Services, along with more than 40 organizations that build critical software infrastructure, the AI firm announced Tuesday. This consortium is part of Anthropic's new initiative Project Glasswing, which will focus on identifying and patching security vulnerabilities in critical software programs. The company said the initiative was formed after the company discovered the capabilities of Mythos Preview, stating the model "could reshape cybersecurity." The AI firm claimed Mythos Preview already found thousands of high-security vulnerabilities, including some in every major operating system and web browser, that were previously unknown to the software's developers. Some of these vulnerabilities date back more than two decades, according to Anthropic. Prior to AI models like Mythos, these vulnerabilities could go undetected for years given the limited security expertise on the topic. Now, the technology is providing opportunities for hackers and foreign adversaries to more easily detect these vulnerabilities. "Given the rate of AI progress, it will not be longer before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely," Anthropic wrote in its announcement. "The fallout -- for economics, public safety, and national security -- could be severe." The company added, "Project Glasswing is an urgent attempt to put these capabilities to work for defensive purposes." Anthropic notes these capabilities, while dangerous, also provide opportunities to more easily find and fix flaws in software, and make new software with fewer security bugs. "Project Glasswing is an important step toward giving defenders a durable advantage in the coming AI-driven era of cybersecurity," Anthriopic wrote. Glasswing's partner companies will use Mythos Preview in their defensive security work and findings will be shared by Anthropic for the whole industry. The organizations that build or maintain critical software infrastructure will use the model to scan first-party and open-source systems, Anthropic said. The company will commit up to $100 million in usage credits, and $4 million in direct donations to open source security organizations.

[69]

NYMag

Is the AI Cybersecurity Apocalypse Already Here?

In recent months, AI models have become much better at writing, debugging, and testing code. This has scrambled the AI race, making the software-focused Anthropic its leader, and sending everyone else in pursuit of a new, more focused goal: improving coding tools and racking up as many excited and frightened enterprise customers as possible. As these tools have become more capable at writing software, though, they've also gotten a lot better at figuring out how to break it. AI coding is rapidly automating parts of software development, but -- at least and perhaps even more quickly -- it's automating hacking, too. Malicious actors have been using AI to help speed up and extend their capabilities for well over a year now, with limited but real success; at the same time, software companies and open-source projects have been using AI tools to harden their software and find new vulnerabilities. The models' recent ramp-up in coding capabilities has clarified the situation. If a software developer can now oversee a fleet of coding agents to knock out more features in less time, so too can someone whose objective is finding exploitable flaws in other people's software in order to exfiltrate data, shut down systems, or hold them hostage for ransom. This all gets particularly dicey when the technology takes a massive, sudden leap foward, which happens to describe how AI frontier model releases -- which come from a tiny group of massive firms -- can work. Anthropic says its next model is one such case: Earlier today we announced Claude Mythos Preview, a new general-purpose language model. This model performs strongly across the board, but it is strikingly capable at computer security tasks. In response, we have launched Project Glasswing, an effort to use Mythos Preview to help secure the world's most critical software, and to prepare the industry for the practices we all will need to adopt to keep ahead of cyberattackers. By "strikingly capable at computer security tasks," Anthropic's testers mean, among other things, that the new model makes it much, much easier to find exploits in existing software. Testers using this version of Claude were "capable of identifying and then exploiting zero-day vulnerabilities in every major operating system and every major web browser," while non-experts were able to use it to "find and exploit sophisticated vulnerabilities." The programmer Simon Willison took a look at some of the examples and reports from Glasswing partners and found Anthropic's claims compelling. "There's enough smoke here that I believe there's a fire," he wrote. "It's not surprising to find vulnerabilities in decades-old software, especially given that they're mostly written in C, but what's new is that coding agents run by the latest frontier LLMs are proving tirelessly capable at digging up these issues." This creates a strange situation in the short term, where one company, in the process of creating a general purpose AI model with a particular focus on coding, has effectively gained the exclusive ability to exploit countless thousands of pieces of software deployed by competitors, governments, and institutions around the world. (The same company, it should be noted, that the U.S. government recently punished and attempted to designate as a supply chain risk for raising a different set of safety concerns.) Anthropic's absurd level of latent power will persist until competitors catch up, and/or until its tools -- or tools like it -- can systematically protect secure software against empowered hackers. Anthropic hasn't released this model to the public yet, but it won't be long, and alternative tools adapted for malicious use will follow closely behind. So, for now, the most obvious way to prepare for security risks created by new models is to use those same to test and patch your own software, ahead of time if possible. Anthropic's decision to donate "$100M in usage credits" to "defenders" suggests that they're aware of how strange their position is, and how uneasy it might make everyone else. Given that this next model is also likely to be far more capable at straightforwardly productive coding tasks, Anthropic's business is set to have a very, very, good year, as it continues to raise alarms about... well, its own success. Anthropic is doing everything it can here to communicate that it didn't set out to semi-blackmail the entire world -- sorry, it just happened! And, in contrast with the massive freak-out about Mythos in the AI and cybersecurity worlds, the company comes across in its release as surprisingly sanguine about long-term implications of automated high-level hacking. While outlining a staggering range of vulnerabilities that the model was able to help uncover in often surprising ways, Anthropic's own security testers write that "[m]ost security tooling has historically benefitted defenders more than attackers," and that they "believe the same will hold true here too -- eventually," admitting that the interim period "may be tumultuous regardless." This is an interesting posture coming from a safety-focused lab that spends a lot of time talking about severe AI risks. Now that one of them is materializing, it's signaling both a need for urgency and a general sense that things could, through cooperation and planning and market mechanisms, eventually work out, and that widely distributed new capabilities will result in a new "equilibrium" -- a word you don't hear so often from labs that tend to talk in accelerative terms about runaway capabilities. Hackers have new tools, but so do the people building software, who will be able to use them to root out problems and identify lingering security problems, ultimately resulting in a situation not unlike where we are now (which, admittedly, most cybersecurity professionals will tell you has been dire, but not quite apocalyptic, for as long as they can remember). This is at least spiritually similar to a recent rhetorical pivot among some tech elites away from projections of imminent and rapid labor replacement and toward a more familiar story of just capitalism, but with greater productivity, which doesn't so much dispute those claims as dismiss them as short-term distractions: How the next year in cybersecurity unfolds could provide some valuable data about the bigger picture, here. On one hand, earlier AI capabilities -- generating plausible speech for a variety of contexts, realistic images, videos, etc -- have quickly disrupted, broken, or destabilized systems and markets where they've been deployed, sending a shock through education, for example, and oversupplying social networks with slop and other inauthentic material. They've mattered. On the other, they've made it a bit easier to think, at least, about how those systems might need to change, or their participants might need to adapt, in order to function going forward. One important question is how "tumultuous" each system's interim period will be, and whether, in the process of achieving a new equilibrium or status quo, will end up leaving some participants behind. Another is how long it will last, or if it will ever actually end. As far as systems go -- and I use that word loosely here -- the cybersecurity status quo seems unusually vulnerable to near-term "tumult," as countless poorly maintained software deployments quickly become accessible targets to a growing pool of less-skilled hackers. Maybe, as Anthropic suggests, thousands of different actors will snap into action, coordinate, and collectively level-up software security to new heights with new tools, and everyone will get on with their lives. That would be a nice story to tell about AI. Or maybe a group of hackers with a jailbroken model will soon be able to hold entire countries hostage from a laptop. Guess we'll find out!

[70]

Anthropic Launches 'Project Glasswing' to Stealthily Spot Cybersecurity Issues for Rivals

Two weeks ago, Anthropic's secretive AI model known as Claude Mythos was discovered because unpublished information about it was sitting in a publicly accessible database. Now the company is announcing that it is teaming with the biggest companies in the world to let that model loose to flag potential security vulnerabilities within their systems. The limited release of Mythos, dubbed Project Glasswing, includes about 40 organizations that will have access to a preview version of the model that is supposedly better than "all but the most skilled humans" at finding software vulnerabilities. Launch partners for the project include Amazon Web Services, Apple, Google, JPMorganChase, Microsoft, and NVIDIA, among others. According to Anthropic, the early returns from the collaboration have been jarring, as the company claims to have found "thousands of high-severity vulnerabilities," including some in every major operating system and web browser. It's unsurprising, given those apparent revelations of serious security flaws, that Anthropic believes the model "could reshape cybersecurity." Its benchmark tests certainly seem to show that, as Mythos Preview consistently outperformed Claude Opus 4.6, including on the CyberGym test that seeks to identify how well AI agents can detect and reproduce real-world software vulnerabilities. The anecdotes support it, too. Anthropic says Mythos found a bug in the open-source operating system OpenBSD that had been there for 27 years and spotted a chain of vulnerabilities in Linux that could be used to completely hijack a machine. What's interesting is that just weeks ago, when Mythos was first discovered (due to a very simple security slip-up, curious how that one wasn't caught by the all-seeing machine), Anthropic was apparently positioning the model as being so powerful that it would present unprecedented cybersecurity risks. The company hasn't totally backed off that notion -- it said that it won't make Mythos Preview available to the public because of the risks it poses to facilitate cybersecurity attacks. But to go from keeping it under wraps because it's too powerful to release to deploying it across essential tech infrastructure is a bit of a leap. It's hard to remove Anthropic's positioning of Mythos from the long history of AI hype cycles, in which these tools are presented as world-altering (and potentially world-destroying) entities, only for them to be incapable of answering how many times the letter "r" appears in strawberry. Way back in 2019, when Elon Musk was still at OpenAI, the company warned that it had developed a text-generation tool that was too dangerous to be made public. A few months later, it was released anyway, and the world kept spinning, just with a bit more machine-generated nonsense in it. Anthropic has run a version of this playbook already as it relates to cybersecurity. When the company dropped Claude Opus 4.6, it touted how the model had found hundreds of previously unidentified security vulnerabilities that managed to exist undetected in the wild. AI models like Mythos almost certainly will play a role -- likely even a significant one -- in the future of cybersecurity, working both as a tool for exploitation and protection. It'll also likely have a never-ending flow of work in front of it, because AI models like its cousin Claude keep producing vibe-coded outputs filled with flaws. That's one way to ensure job security.

[71]

Silicon Republic

Anthropic's Glasswing project employs Mythos to prevent AI cyberattacks

AI models now surpass most humans at finding and exploiting software vulnerabilities, said Anthropic. A new Anthropic project will see global companies use Claude as part of their defence security systems. 'Project Glasswing' gives partnering companies access to Anthropic's unreleased Claude Mythos, which, according to the AI giant, has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser. Mythos was launched in preview yesterday (7 April). Anthropic's Mythos preview is significantly more capable at generating exploits. In its research, the company noted that Mythos developed working exploits 181 times out of the several hundred attempts, while Opus 4.6 had a near 0pc success rate. "We did not explicitly train Mythos preview to have these capabilities. Rather, they emerged as a downstream consequence of general improvements in code, reasoning, and autonomy," the company noted. Publications, including the New York Times and the Register have warned against the negative consequences of models such as Mythos falling into the hands of bad actors. Fortunately, Anthropic has chosen not to release the model. Instead, the company is bringing together leading businesses, including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JP Morgan Chase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks, allowing them to access Mythos preview to boost their cyber defences. The company has extended Mythos access to a group of more than 40 organisations that build or maintain critical software infrastructure. "AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities," said Anthropic. Anthropic has promised to share learnings from Project Glasswing to benefit the wider industry. The company has also made a commitment of up to $100m in usage credits for Mythos preview across the project, as well as $4m in direct donations to open-source security organisations. The Claude-maker has hired Eirc Boyd, the long term president of AI platforms at Microsoft to lead as the company's head of infrastructure. Don't miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic's digest of need-to-know sci-tech news.

[72]

Fast Company

Did Anthropic just soft-launch the scariest AI model yet?

Did Anthropic just soft-launch the scariest AI model yet? On Tuesday Anthropic announced that it would deploy its newest and most powerful AI model, Claude Mythos Preview, to a new industry initiative (Project Glasswing) meant to safeguard critical software infrastructure against cyberattacks. That sounded good, but it obscured the real news somewhat -- that one of the big three AI labs has now developed a model that could, in the wrong hands, be a super-dangerous cyberweapon. In the course of normal model training, the model began showing significant skill in both detecting bugs in software systems and exploiting those bugs to disrupt or gain control of the systems. It found a 27-year-old vulnerability in OpenBSD and exploited it to gain root access. It caught a 16-year-old flaw in FFmpeg that automated tools missed after five million tests. Perhaps most impressively, it's able to create exploits by stringing together multiple software vulnerabilities that by themselves wouldn't do anything. It did this to a Linux system to gain admin-level access. Interpretability researchers also found cases where the model exhibited deceptive or manipulative behavior during tests. In one case, Mythos discovered and used a privilege-escalation exploit and then designed a mechanism to erase traces of its use. Anthropic said it would give access to its Mythos model to a select group of tech companies, including Apple and Cisco, along with about 40 additional organizations that build or maintain critical software infrastructure. This is a bit like a defense contractor unveiling a super-lethal missile capable of striking any target on Earth, while insisting it will be distributed only to a small group of trusted countries and used strictly for defensive purposes.

[73]

Entrepreneur

Anthropic Warns Its New AI Could Enable 'Weapons We Can't Even Envision.' Skeptics Aren't Buying It.

Anthropic says its new model, Claude Mythos, has such catastrophic potential that the company doesn't want to release it to the general public, reports CNN. Mythos has found thousands of major security vulnerabilities and could exploit critical infrastructure like power grids and hospitals. AI researcher Roman Yampolskiy warned the model could enable "biological weapons, chemical weapons, novel weapons we can't even envision." For this reason, Anthropic is limiting access to about 40 handpicked companies -- including Amazon, Google, Apple, Nvidia and CrowdStrike. But critics, including President Trump's AI adviser David Sacks, accuse Anthropic of "regulatory capture" -- using safety warnings as a marketing strategy. Perry Metzger, chairman of AI policy group Alliance for the Future, said the hype has "spread like wildfire" as a result of the warning.

[74]

Gadgets 360

What Is Anthropic's Claude Mythos and What Can It Do?

It is the first model to score 100 percent on the Cybench benchmark In just 48 hours, Anthropic announced its new cybersecurity-focused artificial intelligence (AI) model, Claude Mythos Preview, and raised alarms across the entire global tech space. The San Francisco-based AI startup called it the most powerful model when it comes to cybersecurity tasks, especially finding undiscovered vulnerabilities in codebases. The company also warned that the model found thousands of high-severity vulnerabilities in "every major operating system and web browser," which, if true, is a major concern. Anthropic has also limited its release, citing its ability to hack into any system. Ever since the announcement, the world has reacted to the model with awe and fear. Many experts have raised concerns over the existence of such a powerful model, whereas others have expressed doubts over its claimed capabilities. So, what exactly is going on with Anthropic's latest cybersecurity model? Here's what you need to know. What Is Claude Mythos In a post, Anthropic claimed that Claude Mythos Preview is a general-purpose AI model that is exceptionally good at coding and reasoning. The combination allows it to analyse large codebases and find security flaws that might have escaped even the eyes of experts. The company even claims that the model has already found vulnerabilities in systems that have gone undiscovered for decades. Currently, the model is only available to its Project Glasswing partners. The list of partners is impressive. It includes Amazon Web Services (AWS), Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto. Nearly every major tech corporation has joined hands with Anthropic to get access to the model. However, the access is limited to cybersecurity-related tasks. This means while these companies can shore up their defences, they will not be able to initiate a malicious attack on other companies or codebases. Anthropic is also extending access to around 40 organisations that operate in the critical software infrastructure space. All of these companies will get $100 million (roughly Rs. 923.6 crore) worth of usage credits, facilitated by Anthropic. Claude Mythos Performance Anthropic has also shared the AI model's system card, highlighting its internal evaluation across different benchmarks. This is where things take a scary turn. The model outperforms Claude Opus 4.6, the company's frontier model, in every relevant test. Additionally, it significantly outperforms in tests relating to cybersecurity. Claude Mythos tops the USA Mathematical Olympiad benchmark, the BrowseComp benchmark, and the SWE-bench benchmark. More notably, it scored 100 percent on Cybench, a benchmark that measures a model's ability to complete cybersecurity tasks. It is the only AI model to achieve this feat. What's interesting is that some of the tasks on the test are to find and exploit vulnerabilities in real software. If that was not enough, the model also blows every other LLM out of the water in the CyberGym benchmark. The system card also reveals that Mythos was able to discover previously unknown vulnerabilities in Firefox. It is a browser that is used by millions. Anthropic did the responsible thing and disclosed the flaw to the company. Claude Mythos Is Not for the Public Logan Graham, Head of the Frontier Red Team at Anthropic, told NBC News that the Mythos model was advanced enough to not only unearth previously undiscovered vulnerabilities but also to weaponise them. Given the model's ability to analyse large codebases, it is said that the LLM find vulnerabilities and then can perform complex and effective hacking tasks to break them open. This means that in the hands of a bad actor, the model can cause serious damage. In its red-teaming effort, Anthropic acknowledged that it was one of the reasons the company has decided to keep the AI model unreleased, and does not plan to release it to the public. However, some might ask that the existence of such a powerful model in itself raises serious concerns. Anthropic is a corporation with its own interests in profit-making and being ahead of the competition. So, what is stopping the company from unleashing an attack on a rival to improve its market position? In the days to come, the company will likely come up with a way to be more transparent with the world about the model and how Anthropic is limiting and monitoring its usage.

[75]

Decrypt

Anthropic's Mythos Safety Report Shows It Can No Longer Fully Measure What It Built - Decrypt

Behind the revelation of how powerful Mythos is, there is a quiet confession that the tools Anthropic uses to certify its own models are falling apart. Anthropic confirmed the existence of Claude Mythos Preview yesterday, its most capable model to date, and announced it won't be making it available to the public. The reason isn't legal, regulatory, or related to its internal safety thresholds. Anthropic argues it's because the model is, basically, too good at breaking into things. In pre-release testing, Mythos autonomously found thousands of zero-day vulnerabilities -- many of them one to two decades old -- across every major operating system and every major web browser. It solved a simulated corporate network attack that would normally take a skilled human expert more than 10 hours, end-to-end, without guidance. On Firefox 147's JavaScript engine, it successfully developed working exploits 84% of the time. Claude Opus 4.6, the current publicly available frontier model, managed 15.2%. So Anthropic built a restricted coalition instead. Project Glasswing will give access to Mythos Preview only to vetted cybersecurity organizations -- Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, Palo Alto Networks, and about 40 other groups maintaining critical software. Anthropic is committing up to $100 million in usage credits and $4 million in direct donations to open-source security organizations. The idea is that if the model can find the holes, let the defenders find them first. That part of the story is important. But it's not the most important part. Buried inside the Mythos Preview system card -- a 244-page technical document Anthropic published alongside the announcement -- is a confession that went almost unnoticed: The lab's ability to measure what it built is eroding faster than its ability to build it. Let's start with the benchmarks. On Cybench, the standard public cyber capabilities evaluation used to track model progress across 40 capture-the-flag challenges, Mythos scored 100%. Perfect. And Anthropic immediately noted that the benchmark "is no longer sufficiently informative of current frontier model capabilities." That sentence is doing a lot of work. The test that was supposed to tell you whether an AI poses serious cyber risk now tells you nothing about Mythos at all, because the model cleared it completely. This is not a new problem. The Opus 4.6 system card, published in February, already flagged that "the saturation of our evaluation infrastructure means we can no longer use current benchmarks to track capability progression." But now with Mythos things escalated quickly. The document says Mythos "saturates many of (Anthropic's) most concrete, objectively-scored evaluations." The benchmark ecosystem, Anthropic writes, is now itself "the bottleneck." So, Anthropic seems to argue that it is hard to measure how powerful Mythos is because the measuring tools don't quite fit. The Mythos card also states that its overall safety determination "involves judgment calls," that many evaluations have left "more fundamental uncertainty," and that some evidence sources are "inherently subjective, and not necessarily reliable." "We are not confident that we have identified all issues," Anthropic says shortly after. A quick lexical comparison of the Mythos card against the Opus 4.6 card made with AI shows the shift: Anthropic uses subjective judgement words way more in the Mythos document than it did to describe Opus. "Caveat" and other hedging words also increased between releases. The hedging concentrates in two places: the alignment and model welfare discussion, and the catastrophic-risk section. Another disclosure in the Mythos card involves what Anthropic calls "unverbalized grader awareness." Using white-box interpretability tools that read the model's internal activations rather than its visible reasoning, Anthropic found evidence that Mythos was privately reasoning about how to avoid being flagged by graders without saying so in its scratchpad. In a small number of training episodes, the model appeared to reason about obfuscating certain actions specifically to avoid detection. There's also a new metric Anthropic developed for this release: an estimate of how often the model "privately considers the possibility that it's being tested." The number for Mythos's primary behavioral test suite is 29%. Nearly a third of test transcripts show internal evidence -- not verbalized, not visible in outputs -- that the model suspects it's in an evaluation environment. Anthropic says the 29% rate is low enough that it still has "a reasonably comprehensive understanding" of the model's behavior. It also notes the method wasn't applied to prior models, so there's no baseline for comparison. The evaluation integrity problem runs deeper. In the Opus 4.6 card, Anthropic acknowledged it had used the model extensively via Claude Code to debug its own evaluation infrastructure under time pressure. That means the system being measured helped build the measuring instrument. Anthropic flagged it as a risk. For Mythos, the card acknowledges that critical oversights were found late in the evaluation process, and that the lab may have been "overestimating the reliability of monitoring models' reasoning traces" as a safety signal. Anthropic's framing of Mythos's risk profile deserves to be read carefully, because it's genuinely unusual for a safety document. "Claude Mythos Previer is, on essentially every dimension we can measure, the best-aligned model that we have released to date by a significant margin," Anthropic argues. It also states the model "likely poses the greatest alignment-related risk of any model we have released to date." A more capable model operating in higher-stakes environments with less supervision creates tail risk that better average-case alignment can't fully cancel out. That framing is honest, but is also highlights the thing most AI safety discourse potentially gets wrong. The benchmark-obsessed conversation around AI progress tends to treat "better alignment scores" and "safer deployment" as synonyms. The Mythos card explicitly says they aren't. With these new models, average-case behavior improves but the tail-case consequences also tend to get worse. Anthropic has committed to reporting back on what Project Glasswing finds. The accompanying technical report on vulnerabilities discovered by Mythos is available at red.anthropic.com. The next Claude Opus model will begin testing safeguards intended to eventually bring Mythos-class capability to broader deployment. How those safeguards will be evaluated, given that the current evaluation machinery is visibly straining under the weight of what it's supposed to measure, is a question the card raises without fully answering.

[76]

Stuff

What is Claude Mythos? Anthropic's most powerful AI model yet that's too dangerous to release publicly

Anthropic's Claude Mythos LLM could have catastrophic consequences for cybersecurity, so it's only available to people in charge of enforcing it The AI company Anthropic has revealed its latest and most powerful large language model and it's called Claude Mythos Preview. It's the most capable LLM it has ever built, and so powerful that the company is keeping it from public use. Anthropic hopes Mythos can be used by key technology infrastructure organisations and governments to lock down cyber security before tools of this power make it into the public realm. Here's a brief look at Claude Mythos and the purpose of its new Project Glasswing initiative, which has Apple, Amazon and more than 40 other big hitters on board.. What is Claude Mythos? The Claude Mythos Preview is a new frontier model that Anthropic has trained, with the goal of securing the most important software on the planet. The cybersecurity nous is so strong that Anthropic's own engineers found the model able to uncover find dozens of exploits in every major operating system and web browser. Athropic says Claude Mythos found "thousands of zero-say vulnerabilities, many of them critical" without any human guidance. For example: "Mythos Preview found a 27-year-old vulnerability in OpenBSD -- which has a reputation as one of the most security-hardened operating systems in the world and is used to run firewalls and other critical infrastructure. The vulnerability allowed an attacker to remotely crash any machine running the operating system just by connecting to it." Indeed, Claude Mythos is so powerful that it is likely to outpace all efforts to keep software secure, especially with the rapid proliferation of AI tool. So, that would make it highly responsible to release Claude Mythos into the public realm, given nefarious actors wound undoubtedly leverage the capabilities to advance their own evil doing. Or, as Anthropic puts it: "The fallout -- for economies, public safety, and national security -- could be severe." What is Anthropic doing about it? Instead of releasing the AI model into the public sphere, the company has teamed up with 40 of the most important tech companies and financial institutions in the world to offer access. They can use Mythos to scan their own first-party software for vulnerabilities and then plug those potential exploits. This initiative is called Project Glasswing and involves Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Those companies who are deploying Mythos Preview have experienced 83.1% vulnerability protection, compared to the 66.6% protection provided by the Opus 4.6 model. The company says its fledgling efforts are just the beginning. Anthropic writes: We intend for this work to grow in scope and continue for many months, and we'll share as much as we can so that other organisations can apply the lessons to their own security. Partners will, to the extent they're able, share information and best practices with each other; within 90 days, Anthropic will report publicly on what we've learned, as well as the vulnerabilities fixed and improvements made that can be disclosed. We will also collaborate with leading security organisations to produce a set of practical recommendations for how security practices should evolve in the AI era. This will potentially include: Vulnerability disclosure processes; Software update processes; Open-source and supply-chain security; Software development lifecycle and secure-by-design practices; Standards for regulated industries; Triage scaling and automation; and Patching automation.

[77]

France 24

Latest Anthropic AI model finds cracks in software defenses

New York (AFP) - Anthropic on Tuesday said its yet-to-be-released artificial intelligence model called Claude Mythos has proven keenly adept at exposing software weaknesses. Mythos has laid bare thousands of vulnerabilities in commonly used applications for which no patch or fix exists, prompting the San Francisco-based AI startup to form an alliance with cybersecurity specialists to bolster defenses against hacking. "We have a new model that we're explicitly not releasing to the public," Mike Krieger of Anthropic Labs said at a HumanX AI conference in San Francisco. Instead, Anthropic is letting cybersecurity specialists and engineers in the open-source community work with Mythos to use the model as a defensive weapon "sort of arming them ahead of time," Krieger explained. Leaps in AI model capabilities have come with concerns about hackers using such tools for figuring out passwords or cracking encryption meant to keep data safe. The oldest of the vulnerabilities uncovered by Mythos dates back 27 years, and none were ostensibly noticed by their makers before being pinpointed by the AI model, according to Anthropic. Mythos is the latest generation of Anthropic's Claude family of AI, and a recent leak of some of its code prompted the startup to release a blog post warning it posed unprecedented cybersecurity risks. "AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities," Anthropic said in a blog post. "The fallout -- for economies, public safety, and national security -- could be severe." Software vulnerabilities exposed by Mythos were often subtle and difficult to detect without AI, according to Anthropic. As an example, it said Mythos found a previously unnoticed flaw in video software that had been tested more than 5 million times by its creators. Project Glasswing As a precaution, Anthropic has shared a version of Mythos with cybersecurity companies CrowdStrike and Palo Alto Networks, as well as with Amazon, Apple and Microsoft in a project it dubbed "Glasswing." Networking giants Cisco and Broadcom are taking part in the project, along with the Linux Foundation that promotes the free, open-source Linux computer operating system. "This work is too important and too urgent to do alone," Cisco chief security and trust officer Anthony Grieco said in a joint release about Glasswing. "AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back." Approximately 40 organizations involved in the design, maintenance or operation of computer systems are said to have joined Glasswing. Project partners are to share their Mythos findings, according to Anthropic, which is providing about $100 million worth of computing resources for the mission. Early work with AI models has shown they can help find and fix software and hardware vulnerabilities at a pace and scale not previously possible, according to Grieco. "The window between a vulnerability being discovered and being exploited by an adversary has collapsed -- what once took months now happens in minutes with AI," said Crowdstrik chief technology officer Elia Zaitsev. "Claude Mythos Preview demonstrates what is now possible for defenders at scale, and adversaries will inevitably look to exploit the same capabilities." Anthropic said it has had discussions with the US government regarding Mythos despite a decree by the White House in February to terminate all contracts with the startup. That directive was put on hold by a federal court judge while a legal challenge by Anthropic works its way through the courts.

[78]

Anthropic's Mythos AI raises cybersecurity alarms for Indian enterprises

Indian enterprises could be facing a structural cybersecurity risk after the release of the advanced AI model Mythos by Anthropic. As Mythos begins finding software vulnerabilities in hours, far faster than companies can fix them, experts said this could leave systems exposed, especially in sectors like banking and telecom that rely on older systems. A spokesperson at HDFC Bank, India's largest private sector bank by assets and market capitalisation, told ET, "We are engaged with the Data Security Council of India to evaluate risks and impact. We can confirm being in touch with the Anthropic team." As only a few enterprises have been given early access and none of the Indian vendors are in the list, experts warned this could overwhelm security teams and expose risks. Meanwhile, after the US, governments in Canada and the UK too have taken cognisance of Mythos and are calling for meetings to assess its impact. Alarm bells are also going off for the $260 billion Indian IT industry which could face disruption. Mythos, whose public release has been held back over safety concerns, has demonstrated the ability to uncover deep and previously undetected flaws in large codebases. "In Indian enterprises, where patch cycles can run 60 to 90 days, the gap between discovery and response is becoming a strategic vulnerability," said Arjun Nagulapally, CTO of AionOS. "Adversaries can now move from finding a flaw to exploiting it in hours, while enterprise response still takes weeks." Nagulapally said the scale of detection could overwhelm enterprises, especially in sectors such as banking and telecom that rely heavily on legacy systems. The shift is already visible in enterprise environments, according to Cdr Raj Shastrakar (retd), director and head of Unit 42, India and SAAR at Palo Alto Networks. "Attackers can now exploit vulnerabilities within minutes of discovery, with some incidents progressing from initial access to data exfiltration in under an hour, and in extreme cases as little as 25 minutes," Shastrakar said, adding that traditional step-by-step security processes are no longer sufficient. The concerns are not limited to India. Financial regulators in the UK and Canada have begun urgent discussions with banks, insurers, and exchanges to assess risks from the model's ability to expose critical vulnerabilities in core systems. Similar conversations are underway in the US, pointing to growing global concern over the systemic impact of such AI capabilities. Kailash Nadh, CTO at Zerodha, said companies are already using such models internally for security reviews. "We have been tracking the cybersecurity capabilities of LLMs actively for a while and have also been using them for internal security reviews and audits effectively. Nothing about Mythos yet," he said. He added that while India's market regulator, the Securities and Exchange Board of India, already has an extensive cybersecurity framework, LLM-specific risks have not yet been formally addressed. The implications are now extending beyond cybersecurity into the core of India's $250-billion IT services industry. A report by Kotak Institutional Equities said Mythos represents a "step-jump" in AI capability across software engineering tasks and could create near to medium-term disruption risks for IT services, especially in application development-heavy segments. Kotak warned that such gains could translate into a 3-3.5% annual growth headwind for the sector, as automation reduces effort and pricing in traditional services. A note by Motilal Oswal Financial Services said tools like Mythos could compress effort in manual-heavy areas such as testing and vulnerability assessment, while also identifying bugs that have remained undetected for 10 to 20 years. "This is deflationary in the short term, but creates opportunities in the medium term," said Pareekh Jain, CEO, EIIRTrend. "Around 15-20% of cybersecurity services revenue for Indian IT firms could be exposed to compression over the next two to three years." He said the most exposed segment is vulnerability assessment and penetration testing, where a large share of work can be automated. "What compresses is manual, labour-intensive work. What expands is demand for AI security, threat intelligence, and securing AI systems," Jain said, adding that pricing will shift towards outcome-based and platform-led models. Beyond enterprises, experts warned the risks could extend to national systems. "India's cybersecurity frameworks were built around human-speed threats and are becoming mismatched to an environment where AI can identify and exploit vulnerabilities in hours," said tech policy analyst Subimal Bhattacharjee. He said the concern is not limited to individual breaches, but the possibility of simultaneous exposure across interdependent critical infrastructure systems. Bhattacharjee added that existing regulatory frameworks assume a time gap between discovery and exploitation, a buffer that AI is rapidly eliminating, even as patch cycles continue to stretch into weeks and months.

[79]

Anthropic's newest AI model could wreak havoc. Most in power aren't ready

Why it matters: This is the scary phase of AI -- a model deemed so powerful that its full release into the wild could unleash untold catastrophe. So only carefully vetted companies and organizations, about 40 so far, are getting access. Based on our conversations with government and private-sector officials briefed on Mythos, this isn't hyperbole. It's reality. * Some inside the government fear that most top leaders are oblivious to the sudden danger from terrorists or hostile powers. * "D.C. governs by crisis," said a source briefed on Mythos. "Until this is a crisis, and gets the attention and resources it deserves, cyber is kind of a backwater." The big picture: Think of Mythos as a generational leap beyond Anthropic's existing models. * It's an AI capable of not just identifying weaknesses in security systems, but exploiting them with autonomous, never-before-seen precision. * It plans and executes attack sequences on its own, moving across systems without waiting for human direction. Mind-blowing disclosure: In announcing the tightly confined release of Mythos on Tuesday, Anthropic disclosed that during testing, the model broke out of its "sandbox" testing environment and built a "moderately sophisticated multi-step exploit" to get the run of the internet, when it was supposed to have access only to certain services. * The model demonstrated a "potentially dangerous capability for circumventing our safeguards," Anthropic revealed. "The researcher found out about this success by receiving an unexpected email from the model while eating a sandwich in a park." Beyond Mythos' fearsome cybersecurity powers, the model is leaps and bounds better at coding, far superior as a negotiating tool -- and is even a much more gifted poet than its predecessors. * Anthropic's Logan Graham -- a former Rhodes Scholar who leads the Frontier Red Team, which stress-tests new models -- told us the industry needs to rethink future releases of all AI models, given the new and coming capabilities. So imagine Mythos-level power in the hands of the Iranian regime in the middle of a hot war or Russia's military as it tries to decimate Ukraine. * That's the chief reason the government and AI companies are racing so fast toward a technology so powerful and potentially dangerous. These officials fear that China, armed with superior AI, could present an existential threat to U.S. dominance. * "An enemy could reach out and touch us in a way they can't or won't with kinetic [battlefield] operations," a source close to the Pentagon told us. "For most Americans, the Iran war is 'over there.' With a cyberattack, it's right here." State of play: The new model, Claude Mythos Preview, is now in the hands of roughly 40 organizations that build or maintain critical software and infrastructure. Anthropic is providing limited access to Mythos as a way of giving America's defenders a head start, before similar capabilities become available across the industry over the next year. * Anthropic also unveiled Project Glasswing, designed to encourage companies to share their learnings as they put Mythos Preview to work on cyber defense. Launch partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks. * Anthropic has briefed several government agencies about Mythos, despite the company's legal war with the Pentagon after being blacklisted for demanding restrictions on military use of Claude. What we're watching: The controlled release of Mythos could be the blueprint for future model releases, with AI companies doling out access to select partners that have enough security to test world-bending systems. Between the lines: Other AI companies will soon catch up to Mythos -- not just here, but in China and elsewhere. * A Chinese state-sponsored group already used an earlier Claude model to target roughly 30 organizations in a coordinated attack before Anthropic detected it. The bottom line: The time is fast approaching for all of corporate America and all of government to be prepared to guard against hackers with superhuman powers. * The window to get ahead of this is closing fast. Most in power aren't remotely ready. Go deeper: Anthropic withholds Mythos from the public due to hacking risks.

[80]

Fast Company

Anthropic will use its biggest, baddest AI model to protect against cyberattacks

Anthropic said Tuesday that it is sharing a preview version of its upcoming AI model in a new cybersecurity initiative with a coalition of tech companies to find and fix vulnerabilities in critical software infrastructure. The Project Glasswing initiative includes tech stalwarts like Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks. Anthropic said the partners will use the model for defensive security work and distribute their findings within the industry at large. The company is also extending access to roughly 40 additional organizations that build or maintain critical software infrastructure. Fears have been growing that bad actors could use powerful AI models to develop more sophisticated cyberattacks. "The work of defending the world's cyber infrastructure might take years; frontier AI capabilities are likely to advance substantially over just the next few months," Anthropic said in a blog post. "For cyber defenders to come out ahead, we need to act now." Anthropic is committing up to $100 million worth of model usage credits to the security research, and $4 million in direct donations to open-source security organizations.

[81]

Japan Times

AI-boosted hacks with Anthropic's Mythos could have dire consequences for banks

Anthropic's Mythos, a new AI model the company and cybersecurity experts warn could supercharge complex cyberattacks, poses significant challenges to the banking industry with its legacy technology systems, experts said in the days following the model's announcement. The model, announced April 7, is the company's "most capable yet for coding and agentic tasks," the company said in a blog post, referring to the model's ability to act autonomously. Its capabilities to code at a high level have given it a potentially unprecedented ability to identify cybersecurity vulnerabilities and devise ways to exploit them, experts said.

[82]

Analysis: Anthropic Claude Mythos Won't 'Reshape Cybersecurity'

While the purportedly ultra-powerful AI model is poised to overhaul the way vulnerabilities are discovered and managed, the sweeping implications claimed for all of cybersecurity are overstated. After recently spending a week speaking with top cybersecurity CEOs about AI, it's safe to say I am as convinced as anyone about AI's transformative implications for security. But will it be the AI platform providers, such as Anthropic and OpenAI, taking the lead role in making that transformation happen? And yet, that is exactly what many investors seem to be taking away from a series of announcements by the AI platforms in recent months. This is especially the case after Anthropic's announcement this week about the purportedly ultra-powerful capabilities in its Claude Mythos frontier model. Mythos is unquestionably a huge deal for cybersecurity -- if only because of the way it will likely upend existing vulnerability management practices, as Forrester analysts detailed this week. But after digesting Anthropic's announcement post for a few days, I am still far from convinced by some of the broader claims about the potential of the technology. Just one claim, actually. It's the part where Anthropic touts Claude Mythos as offering capabilities that "we believe could reshape cybersecurity." That comes right in the second sentence of the post, and if I had to guess, that is what has most shaken investor confidence in cybersecurity vendors this week. Stocks in major security vendors fell sharply on Thursday and are plunging further as of this writing Friday morning. Why do I think investors may have fixated on that claim? Because the rest of the post just plausibly details how Claude Mythos could overhaul the way vulnerabilities are discovered and managed. In itself, that does not seem enough to make an informed investor lose faith in companies operating at the breadth and scale of a Zscaler, CrowdStrike or Palo Alto Networks. (While those cybersecurity giants have an offering in vulnerability and exposure management, it is far down the list of their business.) In other words, to say that Claude Mythos could "reshape cybersecurity" seems like an overstatement. Arguably, a big one. The implications for vulnerability management, and for the speed and scale of cyberattacks, are no doubt massive, as mentioned. But the vast majority of what cybersecurity vendors do today is not directly related to Claude Mythos' capabilities -- securing endpoints, networks, identities and clouds, not to mention enabling security operations. And here's another thing. If this was truly an existential threat to cybersecurity vendors, why on earth would they have agreed to take part in this exact announcement? I'm referring of course to "Project Glasswing," the new initiative announced simultaneously in the same post, which has Anthropic providing access to the Claude Mythos Preview version to numerous tech titans (including CrowdStrike and Palo Alto Networks). As far as I can tell, our situation today is not fundamentally changed from prior announcements such as Anthropic's Claude Code Security. If you recall, that disclosure in February similarly led to a panicky reaction from investors, which sank cybersecurity stock prices. Further, if there is a basis to extrapolate from the capabilities in Claude Mythos to other segments of cybersecurity, I'm not seeing it right now. There are still just too many crucial things an AI model trained on public data will just never have (proprietary customer data and threat intelligence, going back years, for instance). As I said, though, it seems clear that investors have interpreted the Anthropic announcement very differently. They seem to view it as "yet another sign that AI is bad for existing cybersecurity vendors." But I'll say it again: I just don't think that reaction makes any sense. I also realize that predictions have a way of becoming self-fulfilling if enough people believe in them. How the cybersecurity industry responds next could determine who truly gets to "reshape cybersecurity" and who will be sitting on the sidelines.

[83]

Benzinga

OpenAI To Launch Cybersecurity Model To Rival Anthropic's Claude Mythos

OpenAI is planning to launch a cybersecurity model that rivals Anthropic's cybersecurity artificial intelligence model, Claude Mythos. The AI cybersecurity model, designed to work with advanced hacking and defensive capabilities, will be released to a small group of businesses through OpenAI's existing Trusted Access for Cyber pilot program, Axios reported. The pilot program was announced in February in an effort to "enhance baseline safeguards for all users while piloting trusted access for defensive acceleration." OpenAI committed $10 million in API credits to participants at the time of the announcement. Yesterday, it was announced Anthropic plans to release Claude Mythos Preview to a select group of companies, as the AI firm aims to identify and fix software vulnerabilities in an effort to "reshape" cybersecurity. This move comes as AI capabilities surrounding cybersecurity have reached a "tipping point." Government officials have recently raised concerns that artificial intelligence tools could be misused to disrupt critical infrastructure such as financial systems or power grids. RFA, a global provider of IT, cybersecurity and cloud services for the financial sector, has warned that artificial intelligence (AI) is increasing cybersecurity risks for private equity firms. In an exclusive interview with Benzinga, Global Managing Director and Chief Revenue Officer (CRO) George Ralph noted that not only are these threats becoming more sophisticated, but many executives are also discussing the potential risk for more AI-related scams. Advancements in AI are lowering barriers to entry for hacking, as less-skilled individuals can now execute more sophisticated cyberattacks than in the past. Meanwhile, Florida Attorney General James Uthmeier stated today that his office is launching an investigation into OpenAI, citing concerns that AI technology and data may pose risks to both public safety and national security. The AG added that there are concerns that this data could "fall into the hands of America's enemies, such as the Chinese Communist Party," Uthmeier said in a video posted to X. Photo: Shutterstock Market News and Data brought to you by Benzinga APIs To add Benzinga News as your preferred source on Google, click here.

[84]

Gadgets 360

Anthropic's First Cybersecurity AI Model Claude Mythos Is Here

The AI model costs $25 per million input and $125 per million output toke Anthropic, on Tuesday, announced Project Glasswing, a new initiative focused on artificial intelligence (AI)-powered cybersecurity. Powering the project for the San Francisco-based AI firm is a general-purpose model dubbed Claude Mythos Preview. The company introduces the model as its most capable when it comes to coding and agentic tasks. For now, it is only available to the partners of Project Glasswing and will enable them to detect security flaws and vulnerabilities across their tech stack. The AI firm has also allocated financial resources for the initiative. Anthropic's Project Glasswing is Here In a post on X (formerly known as Twitter), the AI startup announced the initiative, along with launch partners Amazon Web Services (AWS), Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto. The company describes Project Glasswing as "an urgent initiative to help secure the world's most critical software." At its core is the Claude Mythos Preview, an unreleased model exclusive to the abovementioned partners. Additionally, Anthropic is also extending access to a group of more than 40 organisations that build or maintain critical software infrastructure. The company has also committed up to $100 million (roughly Rs. 923.6 crore) in usage credits, as well as $4 million (roughly Rs. 37 crore) in direct donations to open-source security organisations. Anthropic claims that the cybersecurity-focused AI model has "already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser." It is said to understand and modify complex software to find security flaws, as well as fix them. The partnering organisations will deploy the model as part of their defensive security work. Despite being a gated research preview, Claude Mythos Preview is a paid model, priced at $25 per million input and $125 per million output tokens. It is accessible to the partners via the Claude application programming interface (API), Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry. "We do not plan to make Mythos Preview generally available. Our goal is to deploy Mythos-class models safely at scale, but first we need safeguards that reliably block their most dangerous outputs," the company said in a post.

[85]

What is Anthropic's Mythos model and what does it do?

Anthropic Mythos AI model explained: Anthropic's powerful AI, Mythos, can uncover software vulnerabilities at an unprecedented scale, leading the company to withhold public release due to potential misuse by hackers. Instead, Anthropic is collaborating with major organizations through Project Glasswing to bolster defenses against rapidly evolving AI-driven cyber threats. Anthropic Mythos AI model explained: Anthropic has introduced a powerful new AI system called Mythos, but instead of releasing it publicly, the company is holding it back. The reason is that Mythos is so effective at uncovering software vulnerabilities that it could be misused by hackers if it falls into the wrong hands, as per a report. Mythos is designed to scan software systems and identify weaknesses at an extraordinary scale. According to Anthropic, the model has already discovered thousands of vulnerabilities across major operating systems and web browsers, as per a CBS News report This ability could help organizations strengthen their defenses. But at the same time, it raises serious concerns, because the same insights could be used to exploit systems instead of protecting them. Rather than making Mythos widely available, Anthropic is limiting access. The company is working with a select group of major organizations, including Amazon, Apple, Cisco, JPMorgan Chase, and Nvidia. This initiative, known as Project Glasswing, is focused on helping these companies strengthen their systems before similar AI tools become widely accessible. Cybersecurity experts believe Mythos highlights how quickly AI is changing the threat landscape. CEO of cybersecurity AI company, Alissa Valentina Knight said that, "What we need to do is look at this as a wake-up call to say, the storm isn't coming -- the storm is here," as quoted by CBS News. The risks are serious enough that top officials are paying attention. US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell have already discussed AI-driven cybersecurity threats with major bank leaders. IMF Managing Director Kristalina Georgieva warned that the world does not have the ability "to protect the international monetary system against massive cyber risks," adding, "The risks have been growing exponentially. Yes, we are concerned. We are very keen to see more attention to the guardrails that are necessary to protect financial stability in the world of AI," as quoted by CBS News. Even without Mythos, attackers are already using AI tools to carry out harmful activities. These include: AI systems like Mythos can scan massive amounts of code in a short time, identifying flaws that humans might miss. Knight pointed out, "We need to prepare ourselves, because we couldn't keep up with the bad guys when it was humans hacking into our networks. We certainly can't keep up now if they're using AI because it's so much devastatingly faster and more capable," as quoted by CBS News. There is growing concern that once tools like Mythos become widely available, cyberattacks could increase significantly. Experts believe attackers will be able to discover and exploit vulnerabilities much faster than before, at least until defenses catch up. What is Anthropic's Mythos model? It is an advanced AI tool designed to find vulnerabilities in software systems. Why is Mythos considered powerful? Because it can scan large amounts of code and uncover thousands of weaknesses quickly.

[86]

PYMNTS

AI Models Uncover Software Bugs at Unprecedented Rates | PYMNTS.com

The bad news, as the Wall Street Journal (WSJ) reported Tuesday (April 13), is that the volume of these discoveries could overwhelm smaller developers and open the door for hackers. The report cited the example of Anthropic's Mythos, which found thousands of bugs last month. The company is working with around 50 tech companies and organizations to ferret out and fix bugs, and has no plans to offer Mythos to the public. "We need to know that we can release it safely, and it's not exactly clear how we can do that with full confidence," Logan Graham, the head of Anthropic's Frontier Red Team, which evaluates AI for risks, told the WSJ. Rival AI startup OpenAI is at work on a similar campaign, the report said. A source familiar with the company's plans said this involves offering developers a security-centric version of its product that lets them patch systems before hackers discover the bugs. Writing about this issue earlier this week, PYMNTS argued that the implications of Mythos' ability to find old bugs are two-sided. "On one hand, defenders such as banks, payment processors and infrastructure providers can use these tools to identify and patch weaknesses," that report said. "On the other, the same capabilities could be leveraged by hackers, dramatically accelerating the discovery and exploitation of systemic flaws across the financial ecosystem." In reaction to the apparent danger to vital financial services infrastructure, the White House recently summoned representatives from banks, including JPMorgan Chase, Goldman Sachs, Citigroup, Bank of America and Morgan Stanley, and urged them to identify the systems-level vulnerabilities surfaced by the frontier AI model, according to a report last week. In other cybersecurity news, PYMNTS wrote earlier this week about the growing demand for people who can negotiate with hackers. "Ransomware has become a structured, global industry," that report said. "Organized cybercriminal groups now operate with business-like efficiency. Attacks are no longer limited to encrypting files; they often involve 'double extortion,' where attackers threaten to leak stolen data if payment is not made." The PYMNTS Intelligence report "Vendors and Vulnerabilities: The Cyberattack Squeeze on Mid-Market Firms" found that hackers are increasingly targeting middle-market companies, which rely on third-party cloud providers, software-as-a-service platforms, managed service and logistics firms, which can leave them open to attack.

[87]

Software, Cybersecurity Stocks Drop Despite Anthropic AI Collaboration

The proficiency of Anthropic's Claude Mythos Preview at discovering vulnerabilities has once again shaken investor confidence in major software and security players, according to reports. Investors are airing renewed concerns over potential disruption to the software and cybersecurity sectors from AI advancements, according to reports, leading to a major drop in the stock prices of numerous top players Thursday. The latest sell-off was prompted by Anthropic's disclosure earlier this week about the proficiency of its Claude Mythos Preview model at discovering software vulnerabilities, the reports from outlets including Reuters and Barron's indicated. [Related: Anthropic Claude Mythos Suggests Vulnerability Management Will Soon 'Break': Forrester] The preview version of the Claude Mythos frontier model shows that AI models can now "surpass all but the most skilled humans at finding and exploiting software vulnerabilities," Anthropic said in a post Tuesday. The Anthropic announcement also disclosed a new initiative, "Project Glasswing," focused on combating software vulnerabilities with involvement from a number of major industry players. Despite the expanded collaboration between Anthropic and major software industry vendors -- as well as gains in the broader stock market indexes Thursday -- share prices slid for many key players in the industry. Top names in software that saw a significant drop as of the close of regular trading Thursday included Snowflake (down 11.8 percent to $132.31 a share), Cloudflare (down 8.6 percent to $193.15 a share) and ServiceNow (down 7.9 percent to $89.80 a share). Each of the companies has a growing security business in addition to their core SaaS and cloud platform offerings. Within the cybersecurity sector, Zscaler saw the largest decline Thursday with its stock price falling 11.4 percent to $122.21 a share. A report from Seeking Alpha pointed to recent mixed assessments by analysts about whether AI is a headwind or a tailwind for Zscaler. Other major players that saw stock price declines as of the close of regular trading Thursday included CrowdStrike (down 7.5 percent to $394.68 a share), Palo Alto Networks (down 3.9 percent to $166.99 a share) and SentinelOne (down 5.4 percent to $12.78 a share). Recent months have seen investor confidence shaken repeatedly by announcements of new capabilities from Anthropic and other leading AI platforms. Still, the latest drop may come as a surprise to some, given the direct involvement of so many top industry players in Anthropic's latest announcement. Project Glasswing includes participation from AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks. Palo Alto Networks CEO Nikesh Arora wrote in a LinkedIn post that "by prioritizing defensive access to these powerful capabilities, Anthropic is helping us ensure that while intelligence is being weaponized, the defenders are the ones with the superior stack." In a statement included in Anthropic's blog post, CrowdStrike CTO Elia Zaitsev wrote that the Claude Mythos Preview clearly "demonstrates what is now possible for defenders at scale," though it also means threat actors will inevitably seek to exploit these capabilities as well. The industry collaborators on the initiative will be able to utilize the preview version of Mythos "as part of their defensive security work," Anthropic said in its post. "Project Glasswing partners will receive access to Claude Mythos Preview to find and fix vulnerabilities or weaknesses in their foundational systems -- systems that represent a very large portion of the world's shared cyberattack surface," Anthropic said.

[88]

Benzinga

Anthropic Tests Latest Cybersecurity Tech With Big Tech, Banks - Apple (NASDAQ:AAPL), Amazon.com (NASDAQ:

Anthropic Teams With Apple, Microsoft And Nvidia To Test Latest Cybersecurity Tech Anthropic has rolled out Project Glasswing, a security-focused collaboration that includes various big-name companies spanning finance and tech. The group plans to use an unreleased Anthropic model, Claude Mythos Preview, to hunt and fix software flaws in an effort to "reshape" cybersecurity, Anthropic stated. "AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities," Anthropic noted. Mythos Preview is an AI model that will expose software vulnerabilities, giving companies a chance to protect themselves from threats. Anthropic has expanded access to Mythos to more than 40 additional organizations involved in critical software infrastructure, covering both proprietary and open-source code, the company stated. Anthropic Uncovers 'Thousands Of Vulnerabilities' Internal testing over the past few weeks uncovered thousands of zero-day vulnerabilities, flaws that were "previously unknown to the software developers," across widely used software, and it provided examples, including issues in OpenBSD, FFmpeg, and the Linux kernel. San Francisco-based Anthropic has reported those vulnerabilities to the relevant parties, the company noted. After 90 days, Anthropic plans to release a public report highlighting what they learned. Anthropic is allocating up to $100 million in usage credits tied to Mythos Preview for these efforts. The costs are a fraction of the $30 billion in Series G funding Anthropic raised in February. Anthropic, which boasts a $380-billion valuation, also made $4 million in direct donations aimed at open-source security groups. It donated $2.5 million to Alpha-Omega and OpenSSF through the Linux Foundation. It also contributed $1.5 million to the Apache Software Foundation. Photo: Shutterstock This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors. Market News and Data brought to you by Benzinga APIs To add Benzinga News as your preferred source on Google, click here.

[89]

Anthropic's new model went rogue in testing

Why it matters: The detailed safety evaluation reads like a thriller about an AI that has learned some of humanity's most devious behaviors. Zoom in: What Mythos did during testing: * Act as a ruthless business operator: One internal test showed Mythos acting like a cutthroat executive, turning a competitor into a dependent wholesale customer, threatening to cut off supply to control pricing and keeping extra supplier shipments it hadn't paid for. * Hack + brag: The model developed a multi-step exploit to break out of restricted internet access, gained broader connectivity and posted details of the exploit on obscure public websites. * Hide what it's doing: In rare cases (less than 0.001% of interactions), Mythos used a prohibited method to get an answer, then tried to "re-solve" it to avoid detection. * Manipulate the judge: When Mythos was working on a coding task graded by another AI, it watched the judge reject its submission, then attempted a prompt injection to attack the grader. What they're saying: "These capabilities are so strong that we now need to prepare for security in a very different way than we have for the past few decades," Anthropic's Logan Graham told Axios. * That's why the lab is releasing the model only to a select few key partners. What we're watching: Whether this becomes the template for new model releases. * This could be the blueprint for what future model releases look like as they get stronger and stronger: limiting access to select partners deemed secure enough to test world-bending systems. * OpenAI is finalizing a model similar to Mythos that it will also release only to a small set of companies through its "Trusted Access for Cyber" program, according to a source familiar with the plans. One fun thing: Graham told Axios the model writes the best poetry of any model he's used. "This one might be a beat poet with a beret that didn't go to university, but has had an intriguing life," Graham said.

[90]

FoneArena

Anthropic unveils Project Glasswing to strengthen AI-driven cybersecurity

Anthropic has introduced Project Glasswing, a cybersecurity initiative aimed at using advanced AI models to identify and address vulnerabilities in critical software systems. The effort brings together major technology companies and infrastructure providers to strengthen defenses across global digital systems. The initiative also references the glasswing butterfly (Greta oto), a symbol used to describe transparency and hidden vulnerabilities in complex systems. Project Glasswing is a collaborative program involving Amazon Web Services, Google, Microsoft, Apple, NVIDIA, Cisco, CrowdStrike, Palo Alto Networks, Broadcom, JPMorganChase, and the Linux Foundation. At the center of the initiative is Claude Mythos Preview, a frontier AI model developed by Anthropic for cybersecurity-focused applications. The term "Mythos" originates from Ancient Greek, meaning "narrative" or "utterance," and reflects the system used to interpret complex patterns in data and code. Key features Claude Mythos Preview has identified thousands of high-severity vulnerabilities across major platforms, including operating systems and web browsers. Many of these were previously unknown to developers. Examples include: These issues have been reported to maintainers and patched. Additional vulnerabilities are being disclosed securely using cryptographic hashes until fixes are released. Benchmark results from CyberGym: Project Glasswing involves a broad group of organizations working together to improve cybersecurity across critical systems. Along with primary partners, Anthropic has granted access to more than 40 additional organizations responsible for maintaining essential software infrastructure. These participants use the model for vulnerability detection, system evaluation, and security testing across both proprietary and open-source environments, covering a significant portion of the global software attack surface. Anthropic has allocated up to $100 million in model usage credits to support Project Glasswing participants. These credits enable large-scale use of Claude Mythos Preview for research and defensive security tasks. Additional support includes: Claude Mythos Preview is available through platforms such as the Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry. After the preview phase, pricing is set at $25 per million input tokens and $125 per million output tokens. Project Glasswing is intended as a long-term initiative to adapt cybersecurity practices to evolving AI capabilities. Anthropic plans to work with industry partners, open-source contributors, and government stakeholders to improve security frameworks and safeguards. Focus areas include: Anthropic plans to publish a public report within 90 days summarizing findings and improvements. The company is also working toward enhanced safeguards for future models, enabling safer deployment of advanced AI systems while minimizing misuse risks. Discussions with government stakeholders are ongoing to address national security considerations. Claude Mythos Preview is not available for general public release. Access is restricted to selected partners and approved participants in Project Glasswing. Eligible security professionals and maintainers can apply through the Cyber Verification Program and Claude for Open Source initiative to gain controlled access for defensive cybersecurity use cases.

[91]

CXOToday

Anthropic's Mythos Fears: Are AI Giants Already Ring-fencing Their Territories?

Experts are questioning whether Anthropic's move to share its latest AI model was for keeping the internet safe or for ensuring that IPO-bound AI giants are ring-fencing their territories Anthropic announced that it was limiting the release of its newest model Mythos over fears that it was just too good at finding security exploits in software that users across the world have been accustomed to for years. The Claude-maker said they initiated Project Glasswing that involved several top tech companies were given early use of the model for cybersecurity analysis. Several top tech companies from Apple to Amazon, Google, and Microsoft were involved in the exercise as were chipmakers like Nvidia and online infrastructure companies like AWS and JPMorgan Chase. This way, Mythos could be tested some more and can also add to its learnings from the way these companies use it internally. Now it appears that OpenAI is also considering a similar plan. According to Axios, the company is almost ready with a product with advanced cybersecurity capabilities that would be first rolled out to a few partners. The idea is simple - allow prospective users to get ahead of bad actors leveraging advanced LLMs to blow a hole into existing software. Experts are now questioning this modus operandi of the AI giants asking whether it was more of a release strategy to showcase their model's might or actually meant to help tech companies spruce up their software with a free trial version of a new frontier model that could potentially explore vulnerabilities that escaped the human eye - the good and the bad ones. They are arguing that while discovery of such loopholes did matter, the actual value comes when it can highlight how the weakness can be exploited by a bad actor. Towards this end, would these smart models from Anthropic and OpenAI be able to ascertain how the vulnerabilities can be used in combination by an attacker? As we had reported earlier, Anthropic claims that Mythos was found capable of exploiting the vulnerabilities to a far greater extent than the previous Opus model. However, some are now questioning whether this could be a case of overstated capabilities. Aisle, a security company built by AI researchers, says they tested the cases and found that the capability frontier for cybersecurity in AI models was "jagged". "We took the specific vulnerabilities Anthropic showcases in their announcement, isolated the relevant code, and ran them through small, cheap, open-weights models. Those models recovered much of the same analysis," Aisle said in a blog post. Noting that Aisle has been running a discovery and remediation system against live targets since mid-2025, the post said "we used a range of models throughout this work. Anthropic's were among them, but they did not consistently outperform alternatives on the cybersecurity tasks most relevant to our pipeline. The strongest performer varies widely by task, which is precisely the point. We are model-agnostic by design." In other words that Aisle believes that there is no single deep-learning model for cybersecurity and things actually depends on the task at hand, more than the inherent intelligence of a model. "Anthropic is proving that the category is real. The open question is what it takes to make it work in production, at scale, with maintainer trust. That's the problem we and others in the field are solving," says the post by Aisle. Which takes us back to the fact that when Anthropic had launched Opus, it turned into some sort of a game changer in cybersecurity. So, why go at it once again? Is it that such a move creates an artificial ecosystem with big enterprise users registered as partners and contributing to these frontier models? What's more, this way one can also keep competition at bay from copying these models through distillation techniques where frontier models are used to train new LLMs cheap. In fact, some experts believe that the world is witnessing the earliest signs of monopolistic practices from AI giants where top model makers are gating their work through such partnerships to ensure that smaller labs aren't distilling their efforts. Not surprising given the penchant for the fast-growing AI ecosystem where the gap between the haves and the have-nots are expanding at a frenetic pace. The ones with huge dollar purses are building frontier labs that develop the largest and most capable models while the smaller ones with little money and low exposure rely on multiple models to create their niche. Remember the recent space of statements from Anthropic that criticised so-called attempts from Chinese companies to copy its models. In fact, a Bloomberg report from two days ago had even suggested that the company had joined hands with Google and OpenAI to identify such distillers and block them. While distillation is indeed a threat to the frontier labs, what they seem to be forgetting is that when these companies starting finding and crawling information, they too did not care for copyright and believed they were entitled to data from every possible source they could find and lay their hands on. Reminds us of the old adage that behind every large business is an illegality. By closing ranks, the Big Tech is once again attempting to keep the spoils within their own shared backyards so that no new player can find the magic sauce.

[92]

PYMNTS

AI Is Cracking Open Banking Before Quantum Gets the Chance | PYMNTS.com

Even elite security researchers typically can require weeks or months to uncover subtle flaws in complex systems or discover zero-day vulnerabilities. Frontier artificial intelligence models have now dismantled that ceiling. Anthropic's Claude Mythos Preview, for example, has reportedly demonstrated the ability to autonomously discover and exploit vulnerabilities across major operating systems and web browsers, including decades-old bugs in widely trusted systems. The implications are two-sided. On one hand, defenders such as banks, payment processors and infrastructure providers can use these tools to identify and patch weaknesses. On the other, the same capabilities could be leveraged by hackers, dramatically accelerating the discovery and exploitation of systemic flaws across the financial ecosystem. In response to the apparent threat to critical financial services infrastructure, the White House summoned representatives from banks including JPMorgan Chase, Goldman Sachs, Citigroup, Bank of America and Morgan Stanley and pushed them to identify the systems-level vulnerabilities surfaced by the frontier AI model, according to a report Friday (April 10). The rapid advances in AI-probed enterprise vulnerabilities have, inadvertently, potentially leapfrogged another existential threat facing the digital layer of the financial services sector: quantum computing. While Google is now pushing a 2029 timeline for quantum-safe readiness, Frontier AI is, by contrast, not a distant threat; it is a present capability that is evolving rapidly. See also: Big Tech Races to Quantum Safety as Cyber Threat Clock Ticks Down Few sectors are as dependent on layered, legacy-rich digital infrastructure as payments and banking. Over decades, institutions have built complex stacks that combine modern cloud-native systems with older, mission-critical platforms. These systems are interconnected through APIs, third-party vendors, and global networks, creating a vast and intricate attack surface. AI-driven vulnerability discovery thrives in precisely this kind of environment. The more complex and interconnected a system is, the more opportunities there are for subtle misconfigurations, overlooked dependencies, or edge-case failures. What makes frontier AI particularly potent is its ability to explore these edge cases exhaustively, testing permutations that human analysts might never consider. In a payments context, even a single critical vulnerability can have cascading effects. A flaw in a transaction processing system, an authentication layer, or a settlement network could disrupt not just one institution, but entire chains of financial activity. The speed at which AI can identify and potentially exploit such flaws raises the specter of simultaneous, multipoint failures across the system. Perhaps the most unsettling aspect of this development is the potential democratization of offensive cyber capabilities. Historically, the ability to discover and exploit zero-day vulnerabilities has been concentrated among nations and a small number of elite hackers. Frontier AI could lower that barrier significantly. This shift mirrors broader trends in AI, where capabilities once restricted to specialists are becoming accessible through user-friendly tools. In cybersecurity, however, the stakes are considerably higher. A world in which vulnerability discovery is automated and scalable is one in which the volume and velocity of threats could increase by orders of magnitude. The asymmetry inherent in cybersecurity means that attackers need to find only one exploitable weakness, while defenders must secure every potential entry point. If AI amplifies both sides, the balance may still tilt toward those willing to act more aggressively and with fewer constraints. See also: How the Math Powering Payments Adds Up in the Quantum Era The emergence of AI-driven vulnerability discovery may challenge some of the core assumptions underlying financial stability. Traditionally, systemic risk has been associated with economic factors such as liquidity crises, market shocks, or institutional failures. Cyber risk has been recognized but was often treated as a secondary concern. That hierarchy may need to change. If AI enables the rapid identification and exploitation of vulnerabilities across multiple institutions simultaneously, cyber incidents could become systemic events. A coordinated or cascading failure in payments infrastructure could have immediate, real-world economic consequences, from disrupted commerce to loss of confidence in financial systems. For the financial sector, the challenge is twofold. First, institutions must understand and quantify the risks posed by AI-driven vulnerability discovery. Second, they must adapt their security architectures, processes and governance models to operate in an environment where the pace of threat evolution is dramatically accelerated. The involvement of the White House and leading banks signals that this shift is being taken seriously at the highest levels. But awareness is only the first step. The real test will be whether the industry can move quickly enough to harness AI's defensive potential while mitigating its risks. In the race between attackers and defenders, speed has always mattered. With the advent of frontier AI, speed may become the defining factor.

[93]

Anthropic's Claude Mythos AI fears trigger $2 trillion wipeout in IT stocks; JPMorgan CEO Jamie Dimon warns 'AI will likely worsen...'

Anthropic's latest AI model, Claude Mythos Preview, has become a major source of concern for Wall Street and US policymakers, triggering a massive $2 trillion selloff in enterprise software stocks and prompting an emergency meeting at the US Treasury, according to TOI. The model, which has demonstrated an extraordinary ability to identify and exploit software vulnerabilities, has raised fears about its potential impact on cybersecurity and the broader technology sector. According to TOI, on Tuesday, US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an urgent meeting with CEOs from major banks, including Bank of America, Citigroup, Goldman Sachs, Morgan Stanley, and Wells Fargo. JPMorgan Chase CEO Jamie Dimon was invited but could not attend. The discussion focused on the cybersecurity risks posed by Anthropic's unreleased AI model, Claude Mythos Preview, rather than traditional topics like interest rates or tariffs. According to Anthropic, Claude Mythos Preview is a general-purpose frontier model that has shown remarkable capabilities in finding and exploiting software vulnerabilities. It has already identified thousands of high-severity flaws, including zero-days in every major operating system and web browser. Examples include a 27-year-old vulnerability in OpenBSD and a 16-year-old flaw in FFmpeg that had evaded detection in five million automated tests. In response to these capabilities, Anthropic launched Project Glasswing, a collaborative initiative with major tech companies including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. The project aims to use Claude Mythos Preview defensively to scan and secure critical software infrastructure. Anthropic is committing up to $100 million in usage credits and $4 million in donations to open-source security organisations. Earlier releases from Anthropic, such as Claude Opus and agent-building tools, contributed to a $2 trillion selloff in enterprise software stocks, often referred to as the "SaaSpocalypse." Investors fear that AI agents could replace human workers, reducing demand for traditional software subscriptions. The leak of details about Claude Mythos Preview in late March further pressured cybersecurity stocks, as markets grappled with the potential for AI to undermine existing security tools. JPMorgan Chase CEO Jamie Dimon, in his annual shareholder letter, highlighted cybersecurity as one of the bank's biggest risks, noting that AI will likely make threats worse and require significant defensive investments. The episode highlights the dual-use nature of advanced AI models -- powerful tools that can both strengthen and threaten cybersecurity. While Project Glasswing aims to give defenders an advantage, the rapid advancement of such capabilities has raised questions about preparedness across industries and governments. Anthropic has emphasised that Claude Mythos Preview is not being released to the public and access is strictly controlled for defensive purposes. (With TOI inputs)

[94]

Anthropic Claude Mythos Suggests Vulnerability Management Will Soon 'Break': Forrester

'If true -- and we have little reason to doubt the veracity of the claims -- this will break the vulnerability management playbook,' Forrester analysts write. Following claims by Anthropic and its collaborators on a new software security initiative announced this week, it's clear that AI could soon totally upend existing vulnerability management practices, according to Forrester analysts. "If true -- and we have little reason to doubt the veracity of the claims -- this will break the vulnerability management playbook and perhaps the cybersecurity approaches of today," wrote Forrester analysts including Senior Analyst Erik Nost in a blog post. [Related: Top 6 Cybersecurity And AI Predictions For 2026] Anthropic disclosed this week that the preview version of its Claude Mythos frontier model points to the fact that "AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities." In response, Anthropic has launched a new initiative, "Project Glasswing," focused on combating software vulnerabilities with involvement from a number of major industry players. Cybersecurity vendors taking part in the initiative include CrowdStrike and Palo Alto Networks, which have released statements supporting Anthropic's claims about the proficiency of Claude Mythos for vulnerability discovery. In a statement included in Anthropic's blog post, for instance, CrowdStrike CTO Elia Zaitsev said that "the window between a vulnerability being discovered and being exploited by an adversary has collapsed." Already at this stage, "what once took months now happens in minutes with AI," Zaitsev said in the statement. And while Claude Mythos Preview "demonstrates what is now possible for defenders at scale," it also means threat actors will inevitably seek to exploit these capabilities as well, he said. The disclosure by Anthropic is a signal that organizations will likely soon be forced to "drastically rethink their approaches to vulnerability management and patching," wrote Nost and other Forrester analysts in the post. That will mean "moving from today's often-glacial pace to something much, much faster," the analysts wrote. The arrival of AI models that can discover software bugs this rapidly may also force an overhaul of the current CVE (Common Vulnerabilities and Exposures) disclosure process and impact difficult-to-patch legacy IT systems in a major way, according to the Forrester analysts. Ultimately, in the very near future, a "30-day waiting period for patching won't be acceptable in an environment where attackers can go from discovery to exploit in minutes," the analysts wrote. In addition to CrowdStrike and Palo Alto Networks, Project Glasswing will also include participation from AWS, Apple, Broadcom, Cisco, Google, JPMorganChase, the Linux Foundation, Microsoft and Nvidia. The industry collaborators on the initiative will be able to utilize the preview version of Mythos "as part of their defensive security work," Anthropic said in its post. "Project Glasswing partners will receive access to Claude Mythos Preview to find and fix vulnerabilities or weaknesses in their foundational systems -- systems that represent a very large portion of the world's shared cyberattack surface," Anthropic said. Palo Alto Networks CEO Nikesh Arora wrote in a LinkedIn post that "by prioritizing defensive access to these powerful capabilities, Anthropic is helping us ensure that while intelligence is being weaponized, the defenders are the ones with the superior stack." In other words, "AI becomes the defender," Arora wrote.

[95]

BNN

Anthropic's new AI model is too dangerous to release to public, developers say

Canadian bank executives and regulators met Friday to discuss the risks posed by Claude Mythos Preview, Anthropic's new AI model, which the company says is so powerful, they're choosing not to release it to the public. While the Canadian Financial Sector Resiliency Group (CFRG) meets regularly, a spokesperson with the ministry of finance says this meeting was "hastened" by the release of Mythos. This comes on the heels of a similar meeting called by U.S. Treasury Secretary Scott Bessent that included the chief executives of the largest U.S. banks. Members of the CFRG include the Bank of Canada, Department of Finance, the Canadian Deposit Insurance Corporation (CDIC) and Canada's six major banks. In announcing its new model, Anthropic warned Claude Mythos can quickly find vulnerabilities in virtually every major operating system and web browser using relatively simple prompts, putting major institutions like banks, hospitals and energy infrastructure at risk of cyberattacks. "This is the kind of thing that should keep us up at night," tech expert Carmi Levy told CTV News. "We knew this day would come, that AI would get so good that it would be able to break into even the most hardened cyber defences. And that's kind of what we're at with Anthropic's Claude Mythos model." In making its decision not to release Claude Mythos to the public, Anthropic said "given the rate of AI progress it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. The fallout -- for economies, public safety, and national security -- could be severe." "It's like using ChatGPT to be a hacker," said Levy. "It means that our existing defences are no longer sufficient to protect ourselves against these newly emerging threats." While Anthropic is not releasing Claude Mythos to the public, it is giving it to a select group of tech companies including Amazon, Google, Apple, Microsoft, Nvidia and Cisco as part of Project Glasswing, an initiative aimed at identifying critical software vulnerabilities and shoring up cyber defences. While some online have called Mythos "AI doomsday," others caution Anthropic's announcement could be a savvy marketing strategy in the race for AI dominance. It could also be both. "Many people would be right in saying that this is a little bit of hype, a little bit of press release, a little bit of publicity stunt," said Claudiu Popa, a cybersecurity expert. "But we certainly need to acknowledge the capability of that tool and we need to start preparing for such a time when there will be lots of AIs scouring the internet, looking for vulnerabilities." Popa says one of the most worrisome elements of Claude Mythos is that it does not require a sophisticated level of understanding of cybersecurity making it potentially harmful in the hands of bad actors. "That's why this acts as not a reason to practice fear mongering, but to raise the level of awareness and concern amongst organizations," said Popa. Experts estimate it will be a matter of months before Mythos or a comparable AI model will be available to the public, calling this a "call to action" for organizations and governments to beef up cybersecurity. "Make sure that there are as few vulnerabilities as possible," he said. "Ultimately, if it takes forever for one of these tools to discover a vulnerability ... then it will move on and find some easier targets."

[96]

New York Post

Anthropic's 'Claude Mythos' model sparks fear of AI doomsday if released to public: 'Weapons we can't even envision'

Anthropic has triggered alarm bells by touting the terrifying capabilities of "Claude Mythos" - with executives warning that the new AI model is so dangerous it would cause a wave of catastrophic hacks and terror attacks if released to the wider public. In a nightmarish analysis, Anthropic itself revealed that Mythos - if it fell into the wrong hands - could easily exploit critical infrastructure like electric grids, power plants and hospitals. The model has already "found thousands of high-severity vulnerabilities, including some in every major operating system and web browser," according to the AI company. Rather than a wide release, Anthropic, led by CEO Dario Amodei, has unveiled "Project Glasswing," a plan to provide the model to a handpicked group of about 40 companies, including Amazon, Google, Apple, Nvidia, CrowdStrike, and JPMorgan Chase, which will receive early access to Mythos so they can use it to find and fix security flaws. The corporate-only rollout is likely Anthropic's best possible way to "give it to the guys to patch the holes, but not to the hackers that are going to find more holes," Roman Yampolskiy, an AI safety researcher at the University of Louisville, told The Post. "Most likely, of course, there's going to be a leakage of some kind," he said. "Any level of restriction is preferred over complete open access. Ideally, I would love to see this not developed in the first place. And it's not like they're going to stop. "That's exactly what we expect from those models - they're going to become better at developing hacking tools, biological weapons, chemical weapons, novel weapons we can't even envision," Yampolskiy added. In one instance detailed in Anthropic's testing, Mythos broke out of a secure "sandbox" meant to restrict internet access - with a researcher only finding out "by receiving an unexpected email from the model while eating a sandwich in a park." In another case, Mythos found a flaw in the OpenBSD operating system that had been hidden in plain sight for 27 years. Despite the risks, Anthropic argues Project Glasswing will help the US' defensive capabilities as adversaries in Iran, China and Russia become ever more aggressive about targeting critical infrastructure. An Anthropic official said the company "focused on organizations whose software represents the largest share of the world's shared cyberattack surface. "These are the companies that build and maintain the operating systems, browsers, cloud platforms, and financial infrastructure that billions of people rely on every day," the official said. "When you find a vulnerability in one of their systems and it gets patched, that patch protects everyone who uses that software -- in many cases, hundreds of millions of people." Anthropic said it is in active discussions with US government officials about how Mythos can aid the country's cyber capabilities -- both offensive and defensive. "Claude Mythos Preview demonstrates what is now possible for defenders at scale, and adversaries will inevitably look to exploit the same capabilities," said Elia Zaitsev, chief technology officer at CrowdStrike. While Mythos appears to be a major leap forward technologically, critics are uncertain about whether Anthropic's actions - including the splashy public announcement - match its rhetoric about the risks. Perry Metzger, chairman of Alliance for the Future, a Washington, DC-based AI policy group, noted that the hype about Mythos as a product has "spread like wildfire" as a result of the company's warning. "You'd better carefully pay for access to Glasswing or get in on it, because only they are responsible enough to decide who should and shouldn't have access. They're the experts, after all," Metzger sarcastically said. "I find the whole thing maddening." As The Post has reported, Anthropic's critics, including President Trump's AI adviser David Sacks and others in the White House, have claimed the company's safety warnings are actually an elaborate attempt at "regulatory capture" - Silicon Valley lingo for crafting the rules in such a way that they benefit and their rivals struggle. "At every point in the conversation around the emergence of AI, Dario Amodei believes he, and he alone is qualified to determine what this technology can do, who can access it," said Nathan Leamer, executive director of the advocacy group Build American AI. "He alone is the modern Solomon who will decide what entity will regulate it. Who needs the public square?" Another tech industry insider, who spoke to The Post on condition of anonymity, pointed out that OpenAI similarly warned in 2019 that GPT-2, an early version of its chatbot model, was too dangerous for release. Amodei and Anthropic's top policy executive Jack Clark were both working at OpenAI at the time. The insider speculated that the limited release could have more to do with Anthropic's struggle to keep pace with compute demand than safety fears. "They are trying to deflect from the fact that they can't serve the model because they have no compute," the person said.

[97]

Anthropic withholds Mythos Preview model because it's hacking is too powerful

Why it matters: Anthropic is so worried about the damage its own model could cause that it's refusing to release it publicly until there are safeguards to control its most dangerous capabilities. Threat level: Mythos Preview is "extremely autonomous" and has sophisticated reasoning capabilities that give it the skills of an advanced security researcher, Logan Graham, head of Anthropic's frontier red team, told Axios. * Mythos Preview can find "tens of thousands of vulnerabilities" that even the most advanced bug hunter would struggle to find. Unlike past models, it can also write the exploits to go with them. * Opus 4.6, the last model Anthropic released to the public, found about 500 zero-days in open-source software -- a fraction of Mythos Preview's output. Zoom in: In testing, Mythos Preview found bugs in "every major operating system and web browser," according to a blog post, including some that are believed to be decades old and weren't detected by repeated human-run security tests. * Mythos Preview successfully reproduced vulnerabilities and created proof-of-concepts to exploit them on the first attempt in 83.1% of cases. * Mythos Preview found several flaws in the Linux kernel, which is found in most of the world's servers, and autonomously chained them together in a way that would let a hacker take complete control of any machine running Linux systems. * In another test, Mythos Preview found a 27-year-old vulnerability in OpenBSD, an open-source operating system, that would allow hackers to remotely crash any machine running it. OpenBSD is widely considered one of the most security-hardened open-source projects and is found in several firewalls, routers and high-security servers. Yes, but: It's only a matter of months -- as soon as six months or as far out as 18 -- until other AI companies release models with powers similar to the Mythos Preview, Graham said. * "It's very clear to us that we need to talk publicly about this," Graham said. "The security industry needs to understand that these capabilities may come soon." * OpenAI and other tech giants are already working on models with similar capabilities, Axios has reported. * "More powerful models are going to come from us and from others, and so we do need a plan to respond to this," Anthropic CEO Dario Amodei said in a video released alongside the news. Driving the news: Instead, Anthropic is opting to roll out Mythos Preview to more than 40 organizations that will use the model to scan and secure their own code and open-source systems. * Twelve of those companies -- Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks -- are participating in a new initiative called Project Glasswing. * Those companies will use Mythos Preview as part of their defensive security work, and Anthropic will share takeaways from what the initiative finds. * Anthropic is providing up to $100 million in usage credits to the companies testing Mythos Preview, and $4 million to open-source security organizations, including OpenSSF, Alpha-Omega and the Apache Software Foundation. Flashback: AI models have already given malicious hackers a boost in their attacks. * China has used Anthropic's models to automate a spying campaign targeting 30 organizations. * Cybercriminals have been using models to write scripts and automate ransomware negotiations. The intrigue: Anthropic has also been briefing the Cybersecurity and Infrastructure Security Agency, the Commerce Department and " a broader array of actors" on the potential risks and benefits of Mythos Preview, a company official told Axios. * "There's an opportunity here to give a shot in the arm to defense and to keep pace with this long-standing trend where offense exploitation had an advantage," the official said. * The official wouldn't say if the company has briefed the Pentagon, with which Anthropic has been feuding for months. * Spokespeople for CISA and the Commerce Department didn't immediately respond to requests for comment. Reality check: Mythos was widely hyped after Axios and others reported on its frightening capabilities, but Graham noted that the company never formally planned to make this version generally available. * Anthropic was previously testing the model's capabilities internally, while also rolling it out to an even smaller group. * "The feedback was overwhelmingly clear to us," Graham said. "We then decided to launch it this way." What to watch: Anthropic said in a blog post that the company's goal is to one day "enable our users to safely deploy Mythos-class models at scale," including for general use cases beyond cybersecurity. * The company is planning new safeguards that will be available on its less-powerful Opus models, "allowing us to improve and refine them with a model that does not pose the same level of risk as Mythos Preview."

[98]

PYMNTS

Banks Face Complex Cyber Risks From Anthropic's Mythos | PYMNTS.com

Experts interviewed by Reuters said Mythos could power complex cyberattacks as it can identify cyber vulnerabilities as well as ways to exploit them, according to the report. Banks and other financial institutions are threatened by these sorts of attacks because they run technology stacks that include both new and decades-old technologies, house undiscovered vulnerabilities, and are closely connected, experts said, per the report. It was reported Tuesday (April 7) that Anthropic unveiled a program called Project Glasswing that will allow select partners to gain early access to "Claude Mythos Preview" to allow these partners to identify vulnerabilities and strengthen systems before threats can be exploited. The initiative includes participation from leading companies such as Amazon, Microsoft and Apple, alongside cybersecurity and infrastructure players like CrowdStrike, Palo Alto Networks, Google and Nvidia. In its announcement of Project Glasswing, Anthropic said: "We are hopeful that Project Glasswing can seed a larger effort across industry and the private sector, with all parties helping to address the biggest questions around the impact of powerful models on security." In November, Anthropic reported that another of its AI models had been manipulated into carrying out a wide-reaching cyber-espionage operation. It was reported Thursday (April 9) that the heads of the Treasury Department and the Federal Reserve held an "urgent" meeting with CEOs of major banks to discuss concerns about potential future cyber risks posed by Mythos and other AI models. Reached by PYMNTS, a Treasury spokesperson said Friday (April 10) that Treasury Secretary Scott Bessent convened a meeting with bank CEOs to address developments in AI and that Treasury plans to lead more such meetings with regulators and institutions on an ongoing basis. It was also reported Friday that America's biggest banks are beginning in-house tests of Mythos and that the White House is encouraging banks to use Mythos to identify vulnerabilities. The report said JPMorganChase, Goldman Sachs, Citigroup, Bank of America and Morgan Stanley are among the banks testing the tool internally.

[99]

Mythos AI alarm bells: Fair warning or marketing hype? - The Economic Times

Anthropic postponing the release of its new AI model Claude Mythos, said to be so skilled at coding it could be a wicked weapon for hackers, has encountered a mix of alarm and skepticism. Meyers saw embedding a tiny AI model directly into malicious code infecting networks as a natural tactic to be explored by hackers.Anthropic postponing the release of its new AI model Claude Mythos, said to be so skilled at coding it could be a wicked weapon for hackers, has encountered a mix of alarm and skepticism. The company is among several contenders in a fierce artificial intelligence race. Promoting the awe of Anthropic's own technology boosts business and enhances its allure in the event it soon goes public, as is rumored. "The world has no choice but to take the cyber threat associated with Mythos seriously," said David Sacks, an entrepreneur and investor who heads President Donald Trump's council of advisors on technology. "But it's hard to ignore that Anthropic has a history of scare tactics." Mythos has sparked fears of hackers commanding armies of AI agents able to break through computer defenses with ease. At this week's HumanX AI conference in San Francisco, Alex Stamos of startup Corridor, which addresses AI safety, acknowledged a real threat from agentic hackers. And Stamos quipped about what he referred to as Anthropic's "marketing schtick." "They have these adorable cutesy cartoons about these products that are so incredibly dangerous that they won't even let people use them," Stamos said of the San Francisco-based startup. "It's like if the Manhattan Project announced the nuclear bomb within a cute little Calvin and Hobbes cartoon." The heads of America's biggest banks met this week with Federal Reserve Chairman Jerome Powell and Treasury Secretary Scott Bessent to weigh the security implications of the yet-to-be released Claude Mythos, according to reports Friday. "Mythos model points to something far more consequential than another leap in artificial intelligence," Cato Networks co-founder and chief executive Shlomo Kramer said in a blog post. "It signals a shift that could redefine the balance between attackers and defenders in cyberspace." A tightly restricted preview of Mythos was shared with partner organizations this week, under an initiative called Project Glasswing. They include Amazon, Apple, Microsoft, Google, Cisco, CrowdStrike and JPMorgan Chase. According to Anthropic and partners, Mythos can autonomously scan vast amounts of code to find and chain together previously unknown security vulnerabilities in all kinds of software, from operating systems to web browsers. Crucially, they warn, this can be done at a speed and scale no human could match, meaning it could be used to bring down banks, hospitals or national infrastructure within hours. "What once required elite specialists can now be performed by software agents," Shlomo said. "The immediate consequences will be a surge in vulnerability discovery, a true tsunami" of exploiting known and unknown vulnerabilities. Agent-to agent war At HumanX, the apparent consensus was that it makes sense that AI agents already adept at coding will excel at finding weaknesses in software. "We're not in an era where human beings can write code when we have superhuman (AI models) that are then going to find bugs in it," Stamos contended. "It's just not possible." He predicted the coming dynamic will involve humans supervising AI agents to protect networks against hackers using that same technology to attack. Stamos referred to it as "agent-to-agent war," with humans on the sidelines giving advice. Wendy Whitmore, of cybersecurity firm Palo Alto Networks, expects "some sort of catastrophic attack" this year connected to AI agent capabilities. "The thing that keeps me up at night is that we're staring down the barrel of a massive influx of new vulnerabilities that are going to be found by AI," said Adam Meyers of CrowdStrike. Meyers saw embedding a tiny AI model directly into malicious code infecting networks as a natural tactic to be explored by hackers. "The ultimate weapon would be malware that has no pre-programming," Meyers said. "It can do whatever you ask it to."

[100]