.
Anthropic says that its new AI model, called Claude Mythos Preview, can discover vulnerabilities in almost any operating system, browser, or app and create working exploits to hack them.
A data leak from the company’s content management system revealed that Anthropic is working on a new, powerful AI model — “Claude Mythos.”
A draft blog post, which was “stored in a publicly accessible data cache,” discussed a new tier of AI models, called “Capybara.” In it, Anthropic wrote, “‘Capybara’ is a new name for a new tier of model: larger and more intelligent than our Opus models — which were, until now, our most powerful.” Capybara and Mythos refer to the same underlying model, according to Fortune.
Love reading and writing? Submit a post to our blog.
To put that in perspective, Anthropic’s current models come in three different sizes: Opus, the largest and most capable version; Sonnet, a less capable but cheaper one; and Haiku, the smallest, fastest, and cheapest of the three.
Anthropic is especially concerned about the new model’s cybersecurity implications, saying that “it presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.” Put simply, Anthropic is worried that the model will be used by hackers to run large-scale cyberattacks.
Cybersecurity experts point out one of Claude Mythos’s capabilities as the “pivot point.” They say that AI is “now getting more capable at identifying and developing what are known as ‘exploit chains,’ or groups of [software] vulnerabilities that can be exploited in sequence to deeply compromise a target — essentially Rube Goldberg-machine-style hacking,” the Wired explains.
Because of this, the company is only releasing the new model to a few organizations, such as Microsoft, Apple, Google, and the Linux Foundation, as a part of the initiative called Project Glasswing. “We’re releasing it in early access to organizations, giving them a head start in improving the robustness of their codebases against the impending wave of AI-driven exploits,” the company said, as quoted by Fortune.
Some experts, however, are skeptical of Anthropic’s claims. They argue that “existing AI agents can already help users find and exploit vulnerabilities much more easily and cheaply,” fueling refinements in their discovery and patching without fundamentally changing the paradigm, per Wired.
A separate report by Fortune echoes this sentiment by citing one 25-year industry veteran. “We’ve never had a problem finding vulnerabilities. We find them every day. We actually have a pile of them that we just don’t fix,” said David Lindner, chief information security officer at Contrast Security. “So I don’t think that [Claude Mythos] really changes anything.”
Editor’s note: This article was updated with new information.
I’m a freelance writer with 6 years of experience in SEO blogging and article publishing. While you’re here, get the latest updates by subscribing to my newsletter.
