
Anthropic has locked down its new Mythos model, claiming it's too dangerous for general public use due to potential severe fallout for economies, public safety and national security. This announcement has sparked widespread concern and debate within the AI community.
Mythos as a Zero-Day Vulnerability Finder Machine
During internal testing, Anthropic discovered Mythos functions as a zero-day vending machine, identifying critical vulnerabilities across multiple systems. The model found a 16-year-old FFmpeg vulnerability allowing malicious video files to corrupt memory, a 27-year-old OpenBSD bug enabling remote crashes and multiple JavaScript engine flaws in major browsers that could escape sandbox restrictions. Most notably, it exploited a Linux kernel bug to gain root access by flipping a single memory bit.
Project Glass Wing Initiative
In response, Anthropic launched Project Glass Wing, a coalition of major companies paying for access to Mythos to secure critical software. The initiative aims to patch global software before others develop similarly capable models. However, critics question Mythos's true capabilities, noting Anthropic's own security lapses since February 24th, including leaked source code and API instability.
Skepticism and Practical Exploit Development
The exploit discovery process raises doubts, as finding the OpenBSD vulnerability required $20,000 in compute across thousand parallel agent runs. Firefox exploit success rates of 84% were measured against a sandboxed shell, not actual Firefox. While Mythos likely represents a step up from Opus 4.6, experts doubt it will destroy the world, suggesting the announcement follows a familiar pattern of hype followed by limited release.