Anthropic is planning to unleash a public version of its cyber-security model. Called Mythos. It can find software flaws faster than most teams of humans. And it’s dangerous.
The Catch
Here is the problem. They don’t have safeguards.
Not yet. By their own admission. The company said no one on Earth has built adequate brakes for a system this potent. They won’t stop the bad guys from misusing it if it slips out too soon. So the plan? Slow it down. First, hand keys to US and allied governments. Then maybe later to everyone else.
The Register covered the admission well. Anthropic called the timeline “uncertain.” They also threw out a specific window. Six to twelve months. They think these “Mythos-class” models will be widely available then. Widely available in the cyber security world doesn’t exactly scream safe.
Why It Scares People
Mythos came out in April. The stats are weird. When tested against standard benchmarks, Mythos generated working exploits 72.% of the time. The standard model, Claude Opus 4. 6? Near zero percent.
Think about that gap.
Researchers who didn’t know code asked the AI to look for holes while they slept. They woke up. The exploits were ready. Functional. Complete. It wasn’t guessing. It was working.
“Mythos-level models will become widespread.” — Anthropic blog post
Since then it scanned a thousand open-source projects. It found 23,00+ flaws. Thousands of those were high severity or critical. One big miss was in wolfSSL. That crypto library runs on billions of devices. Mythos found a way to forge certificates. Attackers could have pretended to be any site you visit. It happened. The team fixed it. Barely.
The Backlash
AI tools find bugs faster than anyone can fix them.
Bug bounty programs are dying. Some have shut down completely because they can’t handle the volume. Maintainers of open-source software have asked Anthropic to pause. Just for a breath. The flood of reports is drowning their capacity.
What does Anthropic suggest? More AI.
Their own system card claims defenders will win eventually. Hackers might have the upper hand now. That feels like a comfort to nobody. Who wants to live in the “now” while hackers learn?
