Brief IA

Anthropic Holds Back Claude Mythos Preview to Mitigate Risks

🤖 Models & LLM·Tom Levy·

Anthropic Holds Back Claude Mythos Preview to Mitigate Risks

Anthropic Holds Back Claude Mythos Preview to Mitigate Risks
Key Takeaways
1Anthropic discovered thousands of vulnerabilities with its AI model Claude Mythos Preview, but chose to keep it private.
2The model revealed critical flaws, such as a 27-year-old bug in OpenBSD and a vulnerability in FreeBSD.
3Anthropic distributed $100 million in credits for the use of Mythos Preview to key organizations.
💡Why it mattersAnthropic's decision highlights the risks associated with releasing advanced AI technologies, which could potentially be exploited for massive cyberattacks.
Le brief IA que lisent les pros

Le brief IA que les pros lisent chaque soir

Les 7 actus IA du jour, décryptées en 5 min. Gratuit.

Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.

Choisis ton rythme

Gratuit · Pas de spam · Désabonnement en 1 clic

📄
Full Analysis

Anthropic and Its Revolutionary AI Model

Anthropic has recently made a major breakthrough with its artificial intelligence model, Claude Mythos Preview, which has uncovered thousands of cybersecurity vulnerabilities across major operating systems and web browsers. Instead of making this model publicly accessible, the company has opted to share it with organizations responsible for Internet security. This model, developed as part of the Project Glasswing, has been distributed to partners such as Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. Anthropic has also extended access to over 40 other organizations that play a crucial role in maintaining software infrastructures. Additionally, Anthropic is committed to providing up to $100 million in usage credits for Mythos Preview, as well as $4 million in direct donations to open-source security organizations.

Unexpected Capabilities

Although Claude Mythos Preview was not specifically designed for cybersecurity, its capabilities in this area have emerged due to general improvements in coding and reasoning. The model has not only surpassed existing security benchmarks but has also discovered zero-day vulnerabilities. Among the notable findings, a 27-year-old bug in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD have been identified. The latter, referenced as CVE-2026-4747, allows an unauthenticated user to gain full control of a server running NFS. Nicholas Carlini from Anthropic's research team described the model's ability to chain vulnerabilities: “This model can create exploits from three, four, or sometimes five vulnerabilities that, in sequence, give you a very sophisticated final result. I’ve found more bugs in the past few weeks than in the rest of my life combined.”

A Publication Considered Too Risky

Newton Cheng, head of the cybersecurity team at Anthropic, explained that the model will not be made public due to its advanced capabilities. The risks to public and national security are deemed too significant, especially after Anthropic documented the first case of a cyberattack largely executed by AI. This state-sponsored attack from China involved around 30 global targets, with the AI managing the majority of tactical operations independently. Anthropic has privately informed senior U.S. government officials about the full capabilities of Mythos Preview. The intelligence community is now actively weighing how the model could redefine both offensive and defensive hacking operations.

Support for Open Source

Anthropic has also invested in open-source security by providing $2.5 million to Alpha-Omega and OpenSSF through the Linux Foundation, as well as $1.5 million to the Apache Software Foundation. These funds aim to bolster the security of open-source software, which is often left inadequately protected. Jim Zemlin, CEO of the Linux Foundation, emphasized: “In the past, security expertise has been a luxury reserved for organizations with large security teams. Open-source software maintainers, whose code underpins much of the world’s critical infrastructure, have historically been left to fend for themselves when it comes to security.”

The company plans to deploy models similar to Mythos on a large scale, but only when new protective measures are in place. The Claude Opus model could be the first to benefit from these new protections, allowing Anthropic to test these measures without the risks associated with Mythos Preview.

A Trend Towards Control

Anthropic's decision not to publish Claude Mythos Preview reflects a growing trend in the AI industry: favoring a controlled deployment of advanced models. This approach aims to mitigate potential risks associated with their malicious use, a crucial concern as the capabilities of these technologies continue to expand.

Brief IA — L'actualité IA en français

L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.