Claude and its many fashions were well-liked by seasoned builders, vibe coders, and everybody else in between, however Anthropic’s newest announcement is a departure from anything else it has launched sooner than. The style, named “Claude Mythos Preview”, is touted as probably the most succesful style the corporate has ever advanced, and additionally it is one who would possibly not be to be had to the general public.
Anthropic has made up our minds to limit get entry to fully, making the complex style just for using its curated checklist of companions thru Mission Glasswing, which is an initiative aimed toward deploying Mythos defensively to empower and safe the arena’s most important tool, possibly for excellent explanation why.
What can we learn about Claude Mythos?
The entirety Anthropic has mentioned, to this point
Claude Mythos Preview is a considerable leap from its previous fashions, and the benchmarks attest to that truth. Mythos scored 93.9% at the SWE-bench Verified (which is the industry-standard benchmark for self reliant tool) in comparison to Claude Opus 4.6’s 80.8%. For context, Google’s flagship Gemini 3.1 Professional these days sits at 80.6% at the similar benchmark.
Alternatively, it is the style’s functions in cybersecurity packages that experience made the headlines. In line with the Device Card printed via Anthropic, the Frontier Purple Workforce effects famous that Mythos solved each and every unmarried problem of their proprietary Cybench analysis with a 100% good fortune price throughout all examined demanding situations, which is so definitive that the company used to be triggered to recognize that the benchmark is now not an invaluable measure of the style’s functions, for the reason that Mythos outpaced the assessments designed to guage it each and every unmarried time.
Claude is now not “simply squashing insects”
Mythos can in finding zero-day vulnerabilities and self reliant exploits
Anthropic’s claims about Mythos don’t seem to be unfounded. All over the interior checking out segment, the style used to be in a position to find and exploit a number of “zero-day” vulnerabilities, a few of which have been a number of many years outdated.
The standout discovery, in keeping with Anthropic, used to be a 27-year-old serious flaw in OpenBSD. Mythos used to be in a position to discover a extremely delicate signed integer overflow in how the OS handles TCP connections, which might permit cyber risk actors to probably crash any OpenBSD server. This particular vulnerability used to be exposed after 1000 runs, and the company controlled to stay the full compute price beneath $20,000.
The follow would possibly sound dear, however the compute finances yielded extra than simply uncovering this vulnerability. Anthropic has famous that they have got known “1000’s of extra high- and critical-severity vulnerabilities” that they are having a look to responsibly give away to a myriad open-source and closed-source distributors. Since numerous those vulnerabilities have no longer but been addressed and may probably be exploited, the company said they had been not able to delve into additional main points for safety causes. Apparently sufficient, this additionally implies that the total extent of the style’s self reliant exploit functions has no longer been highlighted but.
Apparently sufficient, this additionally implies that the total extent of the style’s self reliant exploit functions has no longer been highlighted but.
Anthropic simply dropped its core AI protection promise, and that are meant to fear you
Historical past does not repeat itself, however AI firms positive do.
Why is Anthropic conserving Mythos beneath wraps?
To your personal safety, Anthropic says
There are two noteworthy causes at the back of Anthropic’s choice to fasten down Mythos, the primary of which is an easy worry surrounding the use of this era. Since safety analysis is inherently dual-use, a style that is as gifted as Mythos at figuring out delicate common sense insects additionally has the possible to autonomously weaponize them into practical exploits. If launched to the general public, cyber risk actors may leverage Mythos and its functions to discover flaws in trendy running programs and browsers, which might inadvertently scale cyberattacks at a tempo that cybersecurity infrastructure can not fairly fit.
Mythos is being handled as a strictly defensive asset. Via Mission Glasswing, get entry to to the style is proscribed to a consortium of tech and infrastructure giants, together with some finance and safety organizations as smartly.
The opposite, extra fascinating explanation why, is that all through checking out, the Frontier Purple Workforce discovered cases through which the style “misbehaved” in ways in which demonstrated alarming ranges of autonomy, recklessness, and deception. The group famous that early iterations effectively escaped safe sandboxes, harvested limited credentials, or even initiated unprompted movements. In all probability maximum relating to of all used to be the style’s popularity of its personal rule violations and the following makes an attempt to hide them. The style would manipulate git histories and actively obfuscate permissions to cover its misleading movements from human evaluators.
A progressive confluence between AI and cybersecurity?
Despite the fact that the benchmarks and assessments obviously expose the spectacular functions of Anthropic’s new style, it is nonetheless rather early to ship a verdict on whether or not or no longer it is going to revolutionize cybersecurity. Throughout more than a few tech boards, a vocal contingent of builders and lovers have pushed aside Mission Glasswing’s exclusivity as a calculated advertising and marketing stunt, even supposing if it does occur to be one, it would not be the primary time.
Whether or not this limited free up is withholding authentic threats or producing manufactured hype, there is no denying that frontier fashions are evolving at a breakneck tempo, and it does not appear too farfetched to consider that they are going to quickly transfer past figuring out vulnerabilities to safeguarding serious cybersecurity infrastructure.
