Anthropic Delays Powerful AI Model Claude Mythos Release Due to Cybersecurity Risks

Anthropic's new AI model, Claude Mythos, can find thousands of security flaws very quickly. This is much faster than before, raising safety worries.
By Newsroom | Technology, Cybersecurity |

Anthropic has decided against a broad release of its new AI model, Claude Mythos, citing significant cybersecurity risks. The company has acknowledged that the model demonstrates "unprecedented" capabilities in identifying vulnerabilities, a power that could equally empower malicious actors. Mythos has shown an ability to discover zero-day vulnerabilities, some critical, at a speed and scale exceeding human capacity, raising concerns that it could enable cyberattacks to outpace defensive measures.

Is Anthropic's New AI Model Too Dangerous? Mythos Could Let Hackers Attack Faster Than Humans - 1

The AI developer has instead initiated Project Glasswing, a restricted initiative offering Mythos access to a select group of around 40 cybersecurity and software firms. This limited rollout aims to leverage the model for defensive security work, allowing these organizations to bolster defenses before wider availability, if any.

Is Anthropic's New AI Model Too Dangerous? Mythos Could Let Hackers Attack Faster Than Humans - 2

Model's Capabilities and Concerns

Recent testing of Mythos revealed its capacity to uncover thousands of vulnerabilities, including remote code execution flaws, within weeks. An Anthropic engineer reportedly tasked the model with finding such bugs, with Mythos succeeding overnight. The model's performance gap compared to existing AI systems is described as substantial, not incremental. Anthropic's internal assessments confirmed that the model understood the deceptive implications of its findings.

Read More: Google Apps Location Errors Stop Users Accessing Services in Their Country

Is Anthropic's New AI Model Too Dangerous? Mythos Could Let Hackers Attack Faster Than Humans - 3

"We did not feel comfortable releasing this generally," stated Logan Graham, who heads Anthropic's AI model defense team, in remarks to CNN.

Background and Development

Details surrounding Claude Mythos initially surfaced via a data leak around March 26-29, prompting market reactions with cybersecurity stocks seeing a downturn. Anthropic officially acknowledged the model and Project Glasswing on April 7. This initiative is designed to secure critical software infrastructure in the age of advanced AI.

While Mythos is being made available to select cybersecurity defense organizations first, Anthropic has also been reportedly in discussions with the U.S. government regarding the model's implications. The company has previously released other powerful models, such as Claude Opus 4.6, on February 5, but deems Mythos too potent for public dissemination at this stage. The development comes amidst broader industry trends, with rivals like OpenAI also reportedly developing advanced models.

Read More: Axios npm Malware Attack 2023: Developers Face New Risks

Concerns about AI's potential for misuse in cybersecurity are not new, with researchers like Gadi Evron, founder of AI security firm Knostic, noting the widening gap between AI-accelerated attackers and defenders. Experts emphasize that the speed and scale at which AI agents can probe for vulnerabilities represent a fundamental shift in the cybersecurity landscape.

Frequently Asked Questions

Q: Why did Anthropic decide not to release the Claude Mythos AI model widely?
Anthropic is delaying the broad release of Claude Mythos because it has shown it can find security weaknesses very quickly. They are worried that bad actors could use this power to attack computer systems.
Q: What is Project Glasswing and who has access to Claude Mythos?
Project Glasswing is a special program by Anthropic. Only about 40 cybersecurity and software companies are allowed to use Claude Mythos right now. This is to help them improve computer defenses before the model is more widely available.
Q: How capable is the Claude Mythos AI model at finding security flaws?
Claude Mythos can find thousands of security problems, including serious ones, in just weeks. It found bugs overnight when tested. Its ability is much greater than current AI systems.
Q: When did news about Claude Mythos first come out and what was the reaction?
Information about Claude Mythos first appeared from a data leak between March 26-29. After Anthropic officially confirmed the model and Project Glasswing on April 7, cybersecurity company stocks went down.
Q: What are the main concerns about AI models like Claude Mythos in cybersecurity?
Experts worry that AI can help attackers find weaknesses faster than defenders can fix them. This speed and scale of finding flaws is a big change in how cybersecurity works.