Claude Mythos sparks security debate

Anthropic’s Claude Mythos Preview has reopened a basic security question: if an AI can find software flaws faster than humans, who gets that advantage first? (red.anthropic.com) A software vulnerability is a bug that can be turned into a break-in, and a “zero-day” is one nobody has patched yet. Anthropic said on April 7 that Mythos could identify and exploit zero-days in every major operating system and every major web browser during testing. (red.anthropic.com) Anthropic did not put Mythos on general release. In its April 7 system card, the company said the model would be withheld from broad access and used instead in a limited defensive program with selected partners. (www-cdn.anthropic.com) That program is Project Glasswing, announced the same day. Anthropic said launch partners include Amazon Web Services, Apple, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, Nvidia and the Linux Foundation, with access also extended to more than 40 additional critical-software organizations. (anthropic.com) Anthropic said it is committing up to $100 million in usage credits and $4 million in donations to open-source security groups through Glasswing. The company said the goal is to let defenders patch critical code before comparable capabilities become widely available to attackers. (anthropic.com) The debate now is about timing, not possibility. Foreign Policy reported on April 20 that Anthropic’s claims that Mythos found “thousands of high-severity vulnerabilities” in major systems have intensified arguments over whether frontier AI shifts the balance toward offense before defense catches up. (foreignpolicy.com) European officials are looking at a different problem: who is allowed to use a model like this, and under what rules. GovInfoSecurity reported on April 10 that European policymakers were weighing how the European Union’s AI rules could apply to a model released only to vendors and infrastructure operators for security work. (govinfosecurity.com) Anthropic has framed Mythos as a threshold case under its own safety regime. In February, before the Mythos announcement, the company published Responsible Scaling Policy version 3.0, its internal framework for deciding when model capabilities require tighter controls and extra review. (anthropic.com) The company’s public technical write-up gives a sense of why the release decision changed. Anthropic said more than 99% of the vulnerabilities it found remain unpatched, and said it would not disclose details while coordinated fixes are still underway. (red.anthropic.com) Anthropic’s argument is that restricted access buys defenders time. The harder question, now being argued by security firms, policymakers and AI labs, is how long that lead lasts once other models reach the same bug-finding level. (foreignpolicy.com)