Anthropic has decided against a public rollout of its latest AI model, Claude Mythos Preview, citing its exceptional ability to uncover software flaws. The company claims the model surpasses almost all highly skilled human programmers in coding capability. It has already identified thousands of high-severity vulnerabilities hidden inside every major operating system and web browser.
Model Uncovers Long-Overlooked Bugs
In one instance, Mythos Preview discovered a critical 27-year-old vulnerability in OpenBSD, an operating system heavily relied upon for critical global infrastructure. The bug can allow attackers to remotely crash devices, somehow surviving decades of human security reviews and millions of automated tests.
It also discovered a 16-year-old vulnerability in FFmpeg, which is used by innumerable pieces of software to encode and decode video, in a line of code that automated testing tools had hit five million times without ever catching the problem.
Linux Kernel Chain Demonstrates Risk
The model autonomously found and chained together several vulnerabilities in the Linux kernel, the software that runs most of the world’s servers, to allow an attacker to escalate from ordinary user access to complete control of the machine. Anthropic said these discoveries highlight the model’s prowess. The company added that such capabilities raise concerns if misused.
Project Glasswing Limits Access to Allies
Fearing severe consequences if Mythos Preview were to proliferate among bad actors, Anthropic has launched a new partnership dubbed Project Glasswing. Rather than a public rollout, Anthropic is granting exclusive access to 11 industry giants to help them find and patch flaws in their own systems. The partners include Apple, Google, JPMorgan Chase, Amazon Web Services, Microsoft, Nvidia, Cisco, Broadcom, CrowdStrike, Palo Alto Networks and the Linux Foundation.
Today we are announcing Project Glasswing, a new initiative that brings together Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks in an effort to secure the world’s most critical software, the company said in a blog post.
To support the initiative, Anthropic is providing its partners with $100 million in usage credits to hunt for difficult-to-spot bugs, alongside $4 million in direct donations to open-source security organizations. The company views this as a starting point to ultimately build stronger, safer software globally.
About the author – Rehan Khan is a law student and legal journalist with a keen interest in cybercrime, digital fraud, and emerging technology laws. He writes on the intersection of law, cybersecurity, and online safety, focusing on developments that impact individuals and institutions in India.
