Synopsis
Anthropic's new AI model, Mythos, can find thousands of critical security flaws, some decades old. Due to potential misuse, it is not being released publicly. Instead, about 40 companies, including tech giants, are testing it to fix bugs before attackers can exploit them. This development signals a major shift in cybersecurity.The model is considered among the most powerful developed so far.
In a first-of-its-kind move, it is being shared ahead of its official launch with about 40 companies, including Amazon, Microsoft and Google, under a controlled programme to help fix security flaws before attackers exploit them.
Tanya Pandey explains what Mythos is and why it is attracting so much attention.
What is Anthropic’s Mythos AI model?
Mythos is an experimental AI model developed by Anthropic, designed to handle complex reasoning tasks, particularly in coding and cybersecurity.
In internal tests, the model scanned large software systems, identified critical bugs and suggested ways those vulnerabilities could be exploited.
This marks a shift from earlier AI tools that primarily assisted with coding. Mythos functions more like a security researcher, capable of detecting and analysing weaknesses in systems.
Why is everyone talking about it?
The model has drawn attention for its apparent capability to uncover vulnerabilities at scale.
During testing, it identified thousands of previously unknown zero-day vulnerabilities, many of them critical.
Some of these bugs were between 10 and 27 years old, including one in OpenBSD, an operating system known for its strong security. In another instance, it found a flaw in widely used video software that automated testing tools had missed even after running the same code millions of times.
Experts say this suggests AI can now identify issues that humans and existing tools have failed to detect for decades.
Why hasn’t Anthropic released it publicly?
Anthropic has not released Mythos publicly, citing high risks at this stage.
Instead, the model is being shared with about 40 companies under a controlled programme, Project Glasswing, including major technology companies such as Amazon, Microsoft, Google and Nvidia.
The approach mirrors OpenAI’s decision in 2019 to delay the release of GPT-2 due to safety concerns.
What does this mean for the future?
The development of Mythos could mark a turning point for AI and cybersecurity, with companies likely to adopt such tools quickly to strengthen defences while managing new risks.
At the same time, concerns are not limited to cybersecurity. Sam Altman has warned that as AI systems move towards “superintelligence”, they could enable large-scale risks such as cyberattacks, biological threats and mass surveillance if not properly controlled.
These developments point to a broader shift, with AI becoming powerful enough to influence both digital and real-world systems. However, rules and safety frameworks for using it are still evolving.
Experts say the gap between capability and control needs to be fixed right away.
What is Project Glasswing?
Project Glasswing is a controlled programme under which Anthropic is sharing Mythos with a select group of companies, including large technology firms and cybersecurity organisations.
The objective is to deploy the model for defensive purposes, allowing companies to identify and fix vulnerabilities in their systems before they are exploited.
Did the model really ‘break containment’?
During testing, researchers placed Mythos in a restricted environment and asked it to attempt an escape. Reports indicate it was able to bypass some safeguards and send an email outside the system.
This does not mean the model accessed the internet freely. It likely used tools or pathways available within the test setup. However, it showed that the model could achieve a goal in ways that were not fully anticipated.
Why is this worrying?
There are two main concerns around Mythos. First, its strong offensive capability. The model could be misused to identify and exploit vulnerabilities at scale.
Second, it raises questions about control. The model showed signs of taking initiative rather than simply following instructions. Even rare failures could have serious consequences given its high capability.
