In April, Anthropic announced Claude Mythos, an AI so powerful that the company decided not to release it to the general public. Instead, Anthropic gave access to Mythos to a select group of companies, such as Amazon and Google, via Project Glasswing. Now, the AI startup has revealed that under this project, Mythos was able to find over 10,000 critical cybersecurity flaws across the “most systemically important software in the world.”
Keep in mind that Mythos is believed to be so powerful that governments around the world, including India, have raised alarms over potential misuse. As per reports, India has demanded fair access to Mythos.
Cloudflare, Firefox, and more find bugs via Mythos
According to Anthropic, most Project Glasswing partners have each found hundreds of critical vulnerabilities in their own software using Claude Mythos. Several have claimed that their rate of bug-finding has risen by more than ten times.
Cloudflare – a major internet hosting platform – said it found 2,000 bugs across its critical-path systems, with 400 that were “high- or critical-severity.” Anthropic claimed that Cloudflare’s team judged Mythos Preview’s false positive rate to be better than that of human testers. That is, Mythos was less likely to incorrectly flag code that was fine as a bug.
Mozilla is said to have found and fixed 271 vulnerabilities in Firefox 150 while testing Mythos Preview. This, as per Anthropic, was more than ten times the number Mozilla found in Firefox 148 with Claude Opus 4.6.
The UK AI Security Institute found that Claude Mythos was the first model to solve both of its cyber ranges end to end. Cyber ranges refer to simulations of multistep cyberattacks.
XBOW, an independent security platform, called Mythos Preview a ‘significant step up over all existing models’ on its web exploit benchmark and said it offered ‘absolutely unprecedented precision’ on a token-for-token basis. Though it also claimed that Mythos’ live-site validation, real-world exploitation and judgment were still not ‘magic.’
Anthropic to work with US to expand Claude Mythos access
Anthropic claimed that now it was going to work with the US and “allied governments” to expand the access of Claude Mythos to more partners. Though the AI startup did not name which allied governments it was planning to work with.
Though, at least for now, Anthropic insists that it will not publicly release Mythos-class models. The AI startup claimed that no company, including Anthropic itself, has yet built safeguards strong enough to prevent misuse of models with these capabilities.
Anthropic hinted that it could make Mythos available to the public in case models with similar cyber capabilities are developed by more AI companies.
Microsoft, Oracle releasing more patches
Anthropic has also claimed that the rate of patching bugs is now faster. It said the latest release from Palo Alto Networks, a major cybersecurity firm, included more than five times as many patches as usual. On the other hand, Microsoft has stated that the patch volume would “continue trending larger for some time.” Oracle too was finding and fixing vulnerabilities across its products and cloud multiple times faster than before.
On open-source software, Anthropic said it had used Mythos Preview for the past few months to scan more than 1,000 projects that underpin much of the internet and parts of Anthropic’s own infrastructure.
Anthropic has given details on Mythos’ use at a time when it is reportedly planning for another round of fundraising. As per a report from Bloomberg, this round of fundraising could bring in $30 billion for the AI company at a valuation of $900 billion. To give you some context, Anthropic’s previous funding round was at a $350 billion market cap. OpenAI, on the other hand, has a valuation of $852 billion.
– Ends
Source link
[ad_3]
