Brief IA

Anthropic and Claude Mythos: a Model Too Powerful to be Released

🛠️ AI Tools·Tom Levy·

Anthropic and Claude Mythos: a Model Too Powerful to be Released

Anthropic and Claude Mythos: a Model Too Powerful to be Released
Key Takeaways
1Anthropic has restricted access to its Claude Mythos model, reserving it for preview partners for security reasons.
2Claude Mythos has already detected thousands of critical vulnerabilities in major operating systems and browsers.
3The Glasswing Project includes $100 million in credits to support open-source security organizations.
💡Why it mattersAnthropic's decision highlights the security stakes associated with the rapid advancements of AI in cybersecurity.
Le brief IA que lisent les pros

Le brief IA que les pros lisent chaque soir

Les 7 actus IA du jour, décryptées en 5 min. Gratuit.

Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.

Choisis ton rythme

Gratuit · Pas de spam · Désabonnement en 1 clic

📄
Full Analysis

The Glasswing Project by Anthropic

Anthropic recently made an unusual decision by choosing not to release its latest artificial intelligence model, Claude Mythos, to the public. This model, although completed, is only accessible to a select group of preview partners as part of their initiative called the Glasswing Project. This cautious approach is motivated by Claude Mythos's advanced capabilities in cybersecurity, which require an adjustment period for the software industry as a whole.

Claude Mythos is a general-purpose model, similar to its predecessor Claude Opus 4.6, but it stands out due to its exceptional capabilities in cybersecurity research. Anthropic deemed these capabilities powerful enough to warrant a delay before broader dissemination. Indeed, the model has already detected thousands of high-severity vulnerabilities, including in all major operating systems and web browsers. With the rapid pace of AI advancements, it is likely that such capabilities will spread quickly, potentially beyond the actors committed to using them responsibly.

Restricted Access for Glasswing Project Partners

Partners involved in the Glasswing Project have access to Claude Mythos Preview to identify and fix vulnerabilities in their core systems. These systems represent a significant portion of the shared global attack surface. The partners' work focuses on tasks such as local vulnerability detection, black-box testing of binaries, securing endpoints, and penetration testing of systems.

For more technical details, the article titled Assessing the Cybersecurity Capabilities of Claude Mythos Preview on Anthropic's red team blog provides in-depth insights. For instance, in one case, Mythos Preview successfully wrote a web browser exploit by chaining four vulnerabilities, creating a complex JIT heap spray that evaded rendering environments and operating system sandboxes. Additionally, it autonomously obtained local privilege escalation exploits on Linux and other operating systems by exploiting subtle race conditions and KASLR bypasses. It also developed a remote code execution exploit on the NFS server of FreeBSD, allowing complete root access to unauthenticated users by chaining a ROP string of 20 gadgets across multiple packets.

Comparison with Claude 4.6 Opus

Internal assessments showed that Opus 4.6 generally had a success rate close to 0% in the autonomous development of exploits. In contrast, Mythos Preview belongs to a different category. For example, Opus 4.6 transformed the vulnerabilities it found in the Mozilla Firefox 147 JavaScript engine — all patched in Firefox 148 — into JavaScript exploits only twice out of several hundred attempts. In comparative tests, Mythos Preview developed functional exploits 181 times, and gained control of registers 29 times more.

Community Reactions

The security community has reacted to these developments. A few days ago, a new tag ai-security-research was created on the blog to acknowledge an increase in credible security professionals sounding the alarm about the quality of vulnerability research conducted by modern language models.

Greg Kroah-Hartman from the Linux kernel noted that, in the past, AI-generated security reports were often inaccurate or of low quality, which he referred to as "AI slop." However, he observed a radical change about a month ago, with the arrival of credible and high-quality security reports generated by AI.

For his part, Daniel Stenberg from curl described the challenge posed by AI in open-source security as having shifted from a tsunami of "AI slop" to a tsunami of security reports. While the number of reports has increased, many of them are now of high quality, requiring hours of analysis each day.

Conclusion and Financial Implications

The Glasswing Project also includes significant financial support, with $100 million in usage credits and $4 million in direct donations to open-source security organizations. Partners include major companies such as AWS, Apple, Microsoft, Google, and the Linux Foundation. Notably, OpenAI is not yet involved, although GPT-5.4 already has a solid reputation for detecting security vulnerabilities.

For those not part of the trusted partners, the bad news is that Claude Mythos Preview will not be available to the general public in the near future. Anthropic aims to enable the secure use of Mythos-like models at scale, but this will require the development of robust security measures to detect and block the most dangerous outputs of the model. These measures will first be tested with a less risky model, Claude Opus, before being applied to more powerful models like Mythos.

In conclusion, while Anthropic's caution may seem excessive, it is justified by the credible security risks associated with these technological advancements. The additional time granted to trusted teams to anticipate these risks is a reasonable compromise.

Brief IA — L'actualité IA en français

L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.