Anthropic’s ‘Mythos’ found zero‑days

A zero-day is a software flaw that defenders do not know about yet, which means there is no patch when an attacker first finds it. Anthropic said on April 7 that its unreleased Claude Mythos Preview can find and exploit those flaws across major operating systems and web browsers. (anthropic.com) Anthropic said Mythos Preview had already found “thousands of high-severity vulnerabilities,” including bugs in every major operating system and web browser it tested. In a technical post the same day, the company said more than 99% of the flaws it found were still unpatched, so it withheld details under coordinated disclosure rules. (anthropic.com) (red.anthropic.com) The company also said some of the bugs were old. Its researchers wrote that many were 10 or 20 years old, and that the oldest disclosed example so far was a 27-year-old OpenBSD flaw that has now been patched. (red.anthropic.com) Anthropic is not releasing Mythos Preview to the public. In its system card, published April 7 and corrected April 8, the company said the model’s jump in capability led it to keep access limited to a defensive cybersecurity program with selected partners. (anthropic.com) That program is called Project Glasswing. Anthropic said the launch group includes Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks and Anthropic itself. (anthropic.com) Anthropic said those launch partners are using Mythos Preview for defensive security work, and that more than 40 additional organizations that build or maintain critical software infrastructure also received access. The company said it is committing up to $100 million in usage credits and $4 million in donations to open-source security groups. (anthropic.com) In plain terms, Anthropic is describing a model that can read code, spot a hidden weakness, test whether the weakness is real, and in some cases produce an exploit that shows how an attacker could break in. Its technical team said Mythos Preview can also reverse-engineer exploits for closed-source software and turn known-but-unpatched “N-day” flaws into working attacks. (red.anthropic.com) Anthropic framed that as a near-term security problem, not a distant one. The company wrote that artificial intelligence models had crossed a threshold where they can outperform all but the most skilled humans at finding and exploiting vulnerabilities, and said “the old ways of hardening systems are no longer sufficient.” (anthropic.com 1) (anthropic.com 2) Outside Anthropic, the announcement prompted a policy response within days. CNBC reported on April 10 that Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell had discussed the security implications of Mythos with major bank chief executives. (cnbc.com) Anthropic’s public materials do not say that Mythos was trained on NVIDIA Blackwell chips. The company does confirm NVIDIA as a Glasswing launch partner, but the Blackwell training claim appears in commentary and social posts rather than in the April 7 announcement, system card, or technical write-up. (anthropic.com 1) (anthropic.com 2) For now, the core fact is narrower and clearer than the hype around it: Anthropic says it built a model strong enough at offensive security work that it chose to keep it gated and put it to patching duty first. That leaves Project Glasswing as both a product test and a stress test for whether defenders can use these systems faster than attackers do. (anthropic.com) (red.anthropic.com)