Key Points:
- Cybersecurity experts believe the initial panic surrounding the hacking capabilities of the new Anthropic Mythos AI model is largely overstated.
- Government officials and the White House rushed to draft new safety rules after Anthropic warned that the model found thousands of software flaws.
- Google discovered a major cybercrime group using artificial intelligence to hunt for unknown software bugs on May 11.
- Security professionals state that finding bugs is easy, but validating and fixing them remains the true challenge for companies.
A month ago, Anthropic launched a powerful new artificial intelligence model called Mythos. During the April launch, the company issued a terrifying warning. Executives claimed that Mythos discovered thousands of severe software vulnerabilities hidden within every major operating system and web browser. This scary announcement immediately sparked widespread fears of a massive global hacking wave.
The government panicked quickly. Top officials in multiple countries held emergency meetings with major banks to figure out the exact risks. By early May, the White House had begun drafting new rules to govern exactly how technology companies release these models after safety testing. The Pentagon even labeled Anthropic a severe supply chain risk.
However, the actual cybersecurity experts who fight hackers every day hold a much different view. Inside the tech security world, professionals say the government’s reaction looks completely overblown. They argue that giving criminals access to a powerful tool like Mythos will not instantly trigger impossible hacking operations.
Isaac Evans runs the software security firm Semgrep as its chief executive officer. He pointed out a massive communication gap between the people who actually write code and the politicians who make the laws. Evans called the new model a real technical advance. Yet, he completely dismissed the government panic, stating that real-world evidence simply does not support the doomsday predictions.
The model certainly works well in a controlled laboratory. Experts who tested Mythos report that it finds system weaknesses much better than older technology. On May 12, reporters revealed that information technology teams at various banks currently use the tool to find and fix scores of software flaws.
The timing of the release definitely fueled the political panic. On May 11, Google announced a shocking discovery. The technology giant caught a major cybercrime group using artificial intelligence to discover an entirely unknown software flaw. The criminals planned to use this flaw for a massive global attack. This event made the Anthropic warnings sound much more realistic to nervous politicians.
Security professionals look at the situation differently. One vulnerability researcher with early access to Mythos explained that finding bugs forms the easy part of the job. Security teams already use artificial intelligence to find more bugs than they can handle. The real nightmare involves testing those bugs, figuring out which ones matter, and fixing the code without crashing the entire computer system.
Mythos does bring some major improvements to the table. Older models required incredibly complex instructions just to start working. Mythos requires much weaker prompts, meaning a user can type a simple sentence and still get dangerous results. The barrier to entry sits much lower now, allowing less experienced hackers to poke around complex systems.
Anthony Grieco serves as the senior vice president and chief security officer at Cisco. He explained that Mythos scans vast amounts of code incredibly fast. This speed helps human defenders weed out false alarms, allowing them to focus on actual threats. Grieco also noted that Mythos carries fewer safety guardrails than older models, giving users more freedom to craft specific, dangerous instructions.
To really unleash the power of Mythos, a company or a criminal group needs massive computing power and a digital harness. A harness is a specific computer environment that runs the model under strict limitations. Grieco compared the AI model to a Formula 1 race car. He noted that a person who only knows how to ride a bicycle might make the race car drive straight, but they will never maximize their track time on day 1.
Anthropic created a special program called Project Glasswing. The company invited a small group of select firms to test their computer defenses against the new model. This clever marketing move made the tool appear incredibly dangerous and boosted the company’s reputation. A spokesperson for Anthropic confirmed the company currently works closely with the United States government to share the technology safely.
Despite the current hype, everyday criminals still rely on old tricks. Cynthia Kaiser, a former cybersecurity official for the FBI, reminded the public that adversaries already possess incredible skills without any artificial intelligence. She noted that standard ransomware attacks routinely take over networks in under 1 hour. While Nick Adam from State Street warned that criminals will quickly overcome current computing barriers, experts agree that artificial intelligence is simply a new tool in a very old war.
