Anthropic Mythos accessed by outsiders

A small group of outsiders reportedly got into Anthropic’s restricted Mythos artificial intelligence model through a contractor’s environment on the day the model was announced. (bloomberg.com) Bloomberg reported on April 21 that users in a private online forum had been using Mythos regularly after gaining access on April 7, the same day Anthropic unveiled the model for limited testing. (bloomberg.com) TechCrunch, citing Bloomberg, said the group reached the system through a third-party vendor and made an “educated guess” about the model’s web location based on Anthropic’s past URL patterns. (techcrunch.com) Anthropic said it was investigating “unauthorized access to Claude Mythos Preview through one of our third-party vendor environments” and said it had found no evidence that Anthropic’s own systems were affected. (cbsnews.com) Mythos is not a public chatbot. Anthropic introduced it on April 7 under Project Glasswing, a program that gave early access to launch partners including Amazon Web Services, Apple, Cisco, Google, JPMorganChase, Microsoft, NVIDIA and Palo Alto Networks. (anthropic.com) Anthropic said Project Glasswing also extended Mythos access to more than 40 additional organizations and committed up to $100 million in usage credits plus $4 million in donations to open-source security groups. (anthropic.com) The company’s case for tight controls was simple: Mythos is unusually good at finding software flaws. In a technical post published April 7, Anthropic said the model could identify and exploit zero-day vulnerabilities in every major operating system and every major web browser during testing. (red.anthropic.com) Anthropic also said more than 99% of the vulnerabilities it found had not yet been patched, which is why the company withheld technical details and did not release the model publicly. (red.anthropic.com) That made the access report a test of Anthropic’s release strategy as much as its security. The company had limited Mythos to vetted defenders precisely because it said the same capabilities could be turned against banks, hospitals, government systems and other targets. (cbsnews.com) Online reaction spread quickly after Bloomberg’s report. Cybernews said discussion surged across social platforms on April 22, while other outlets highlighted posts on X criticizing the ease of access and the reliance on contractor systems. (cybernews.com) The immediate question is narrower than whether Mythos escaped in full: whether restricted artificial intelligence can stay restricted when vendors, shared credentials and guessable infrastructure sit between a model and the public internet. (techcrunch.com)