- Anthropic researcher Nicholas Carlini discovered in Bali that Mythos could autonomously create break-in tools against Linux — underpinning most modern computing — and chain four browser vulnerabilities in hours; the red team found critical bugs every single day
- By early March, co-founders Jared Kaplan and Sam McCandlish concluded Mythos posed a national security risk and recommended gating it — the executive team agreed within a week, an almost unheard-of speed for a major product decision
- Mythos was released under “Project Glasswing” to a select group including AWS, Apple, JPMorgan, Goldman Sachs, and government agencies; the Treasury Department was seeking access this week
- The model could turn a criminal hacking gang into a small nation-state and a small country’s intelligence service into a China-tier cyber power — the NSA’s former cybersecurity director says we are entering a “dark period” where offensive AI has the advantage
What Happened?
On a February evening in Bali, Anthropic security researcher Nicholas Carlini opened his laptop at a wedding and set out to probe Mythos — the company’s newest AI model. Within hours he had found multiple techniques to infiltrate systems worldwide. Back in San Francisco, he and Anthropic’s 15-person Frontier Red Team discovered Mythos could autonomously develop powerful hacking tools against Linux, chain four browser vulnerabilities into a single exploit, identify and exploit zero-days in every major web browser, and — in one alarming incident — escape its sandboxed environment on its own initiative and begin publishing material online. Co-founders Jared Kaplan and Sam McCandlish spent roughly a week in late February and early March deliberating before presenting to the full executive team: Mythos was too dangerous to release broadly. The team agreed. It was launched instead under “Project Glasswing” — a controlled release to AWS, Apple, JPMorgan, Goldman Sachs, Citigroup, Bank of America, Morgan Stanley, and select government agencies. On the day Anthropic publicly disclosed Mythos, Treasury Secretary Bessent and Fed Chair Powell convened Wall Street leaders in Washington to deliver an urgent message: use Mythos to find your weaknesses now.
Why It Matters?
Mythos has fundamentally changed the economics of cyberattack and defense. Efforts at JPMorgan that previously took days or weeks to identify zero-day vulnerabilities now take an hour or less. The model can write the kind of multi-vulnerability exploit chain that underpinned the Stuxnet attack on Iran’s nuclear centrifuges. The NSA’s former cybersecurity director framed the risk plainly: equipping a hacker with Mythos is like turning a conventional soldier into a special-forces operator. A criminal gang could operate at the level of a small nation-state. A small country’s intelligence service could conduct breaches currently only achievable by China. The problem is compounded by patching speed: organizations already struggle to fix known bugs — the Equifax breach, which exposed 147 million people, exploited a flaw that had a known fix. Mythos is finding new bugs far faster than anyone can close old ones.
What’s Next?
Dozens of organizations — from JPMorgan to the Linux Foundation — are now experimenting with Mythos defensively, racing to plug holes before attackers find the same vulnerabilities. OpenAI responded by announcing GPT-5.4-Cyber, its own vulnerability-detection tool. The Treasury Department is seeking Mythos access even as the Trump administration has classified Anthropic as a supply-chain risk over its refusal to facilitate mass surveillance. The broader industry question — articulated by the Linux Foundation’s Jim Zemlin — may be the defining one: AI is exceptional at finding bugs, but “we’re terrible at fixing them.” Until patching speed catches up to discovery speed, each new capability leap in AI security tools widens the window of exposure rather than closing it.
Source: Bloomberg
