Claude Mythos found 10,000+ bugs in just a month
What's the story
Anthropic, the AI start-up that developed Claude Mythos, has revealed that its advanced artificial intelligence (AI) system has detected over 10,000 critical cybersecurity flaws in just a month. The revelation was made during Project Glasswing, an initiative where select companies like Amazon and Google were given access to Mythos. The AI was able to identify vulnerabilities in what Anthropic described as "the most systemically important software in the world. "
Security fears
Mythos's capabilities raise global concerns
Mythos's capabilities have raised global security concerns, with governments sounding alarms over its potential misuse. Reports suggest that India has sought equitable access to this powerful AI system. Despite these concerns, Anthropic has no plans to publicly release models as advanced as Mythos, citing that no company, including Anthropic itself, has yet built safeguards strong enough to prevent misuse of models with these capabilities.
Enhanced detection
Mythos significantly boosts bug-finding rates
Most partners in Project Glasswing have found hundreds of critical vulnerabilities in their own software with the help of Claude Mythos. The rate at which these bugs are being detected has increased by over 10 times for some companies. Cloudflare, a popular internet hosting platform, reported finding 2,000 bugs across its critical-path systems using Mythos, 400 of which were deemed "high- or critical-severity."
Increased efficiency
Mozilla and UK AI security institute's findings
Mozilla found and fixed 271 vulnerabilities in Firefox 150 while testing Mythos Preview. This was more than 10 times the number of bugs found in Firefox 148 with Claude Opus 4.6. The UK AI Security Institute also noted that Claude Mythos was the first model to solve both of its cyber ranges end-to-end, which are simulations of multistep cyberattacks.
Future plans
Anthropic plans to expand Mythos access
Anthropic has announced its intention to work with the US and allied governments to expand access to Claude Mythos for more partners. However, it hasn't revealed which allied governments it plans to collaborate with. The AI start-up also claimed that no company, including itself, has yet built safeguards strong enough to prevent misuse of models with these capabilities.