Anthropic’s AI Model, Mythos, Uncovers Thousands of Zero-Day Vulnerabilities
Anthropic's Claude Mythos Preview has made a startling discovery: thousands of zero-day vulnerabilities across major operating systems and web browsers. This revelation has prompted a direct response from the Federal Reserve chair and Treasury secretary, who convened bank CEOs to discuss the cyber risks.
The Discovery
In controlled testing, Claude Mythos Preview surpassed human experts in identifying and exploiting software vulnerabilities, uncovering flaws that had gone unnoticed for decades. These include a 27-year-old bug in OpenBSD and a 17-year-old remote code execution flaw in FreeBSD.
The Implications
Anthropic's CEO, Dario Amodei, warns of a "moment of danger" with an anticipated surge in vulnerabilities, breaches, and ransomware attacks on critical infrastructure like schools, hospitals, and banks. The discovery highlights the potential impact when AI models can find and exploit vulnerabilities more efficiently than human teams.
Project Glasswing
In response, Anthropic is rolling out Mythos through Project Glasswing, providing initial access to approximately 40 technology companies and institutions. The goal is to give defenders a head start before the capability becomes widely available, ensuring a period of enhanced security measures.
Industry Response
The cybersecurity industry has long theorized about the impact of AI on vulnerability discovery. With Mythos, the theoretical discussion becomes a practical reality, forcing reevaluation of traditional cybersecurity economics and strategies.