LLM

Anthropic Won’t Release “Mythos”, Says it is Too Dangerous

Avatar
Claude by Anthropic. © via Unsplash
Claude by Anthropic. © via Unsplash

US-based AI developer Anthropic has unveiled a new language model called Claude Mythos Preview, which, according to the company, is capable of independently finding and exploiting security vulnerabilities in software. The model is said to surpass the capabilities of all but the best human security experts. Due to its threat potential, Anthropic does not plan a general public release.

As previously reported, developments around Mythos became known recently following a leak. Prior to this, Anthropic had already sent shares of cybersecurity companies into a tailspin with the release of Claude Code Security. The news about Mythos — where companies such as Palo Alto Networks, CrowdStrike, CloudFlare, Cisco, and Broadcom are partners via “Project Glasswing” — partially boosted their stocks on Tuesday.

Why Mythos is not intended to be publicly available

Anthropic justifies the decision against a public release with the model’s extraordinary capabilities. According to the company, Claude Mythos Preview can identify security vulnerabilities and develop exploits almost entirely autonomously, without human guidance. The concern: should such capabilities fall uncontrolled into the hands of actors who are not committed to responsible use, the consequences for the economy, public safety, and national security could be severe.

In the long term, Anthropic aims to make models of this performance class available safely and at scale. However, appropriate safeguards must first be developed that can detect and block dangerous outputs. These security mechanisms are to be tested initially with a less risky model — an upcoming Claude Opus model.

Vulnerabilities found: Decades-old flaws in critical systems

As part of internal testing, Anthropic deployed Claude Mythos Preview to identify so-called zero-day vulnerabilities — security flaws that were previously unknown to the respective developers. According to the company, thousands of critical vulnerabilities were discovered across all major operating systems and web browsers. Three specific examples were made public:

  • A 27-year-old vulnerability in OpenBSD, an operating system considered particularly secure and frequently used for firewalls and critical infrastructure. The flaw made it possible to crash any affected machine simply via a network connection.
  • A 16-year-old vulnerability in FFmpeg, a widely used library for video processing. Particularly noteworthy: automated testing tools had already executed the relevant line of code five million times without detecting the issue.
  • Multiple interconnected vulnerabilities in the Linux kernel, the operating system core that powers the majority of the world’s servers. By combining these flaws, an attacker could escalate from simple user access to full control over a machine.

All of the vulnerabilities mentioned were reported to the respective software maintainers and have since been patched. For additional discovered flaws, Anthropic has initially published only a cryptographic hash of the details and intends to disclose the full information only after a fix has been applied.

Project Glasswing: Defensive use by selected partners

To deploy the model’s capabilities specifically for defensive purposes, Anthropic has launched the initiative Project Glasswing. The goal is to use Claude Mythos Preview in the context of defensive security work and to share the insights gained with the entire industry.

The founding partners include prominent companies from technology, finance, and cybersecurity:

  • Amazon Web Services
  • Anthropic
  • Apple
  • Broadcom
  • Cisco
  • CrowdStrike
  • Google
  • JPMorganChase
  • Linux Foundation
  • Microsoft
  • NVIDIA
  • Palo Alto Networks

In addition, more than 40 further organizations that develop or operate critical software infrastructure will be granted access to the model. They are intended to use it to audit and secure both their own and open-source systems for vulnerabilities.

Financial commitments and outlook

Anthropic is making up to $100 million in usage credits for Claude Mythos Preview available for Project Glasswing. An additional $4 million will be awarded as direct grants to open-source security organizations.

“The work of defending the world’s cyber infrastructure could take years; the capabilities of frontier AI will likely advance significantly over the coming months. For cyber defenders to maintain the upper hand, we must act now,” reads a statement from the company.

Anthropic emphasizes that Project Glasswing is only a starting point. No single organization can solve cybersecurity problems alone. Frontier AI developers, software companies, security researchers, open-source developers, and governments worldwide are called upon to act together.

Rank My Startup: Erobere die Liga der Top Founder!
Advertisement
Advertisement

Aus Datenschutz-Gründen ist dieser Inhalt ausgeblendet. Die Einbettung von externen Inhalten kann in den Datenschutz-Einstellungen aktiviert werden:

Specials from our Partners

Top Posts from our Network

Deep Dives

© Wiener Börse

IPO Spotlight

powered by Wiener Börse

Europe's Top Unicorn Investments 2023

The full list of companies that reached a valuation of € 1B+ this year
© Behnam Norouzi on Unsplash

Crypto Investment Tracker 2022

The biggest deals in the industry, ranked by Trending Topics
ThisisEngineering RAEng on Unsplash

Technology explained

Powered by PwC
© addendum

Inside the Blockchain

Die revolutionäre Technologie von Experten erklärt

Trending Topics Tech Talk

Der Podcast mit smarten Köpfen für smarte Köpfe
© Shannon Rowies on Unsplash

We ❤️ Founders

Die spannendsten Persönlichkeiten der Startup-Szene
Tokio bei Nacht und Regen. © Unsplash

🤖Big in Japan🤖

Startups - Robots - Entrepreneurs - Tech - Trends

Continue Reading