Claude Mythos Preview Requires New Ways to Keep Code Secure
TL;DR
Malicious actors are now exploiting generative AI to carry out cyberattacks: scamming victims using AI-generated deepfakes, deploying malware developed with the help of AI coding tools, using chatbots for phishing, and hacking widely used open-source code repositories with AI agents. Anthropic's Frontier Red Team announced that the company's Claude Mythos Preview model has identified thousands of high- and critical-severity vulnerabilities, including some in every major operating system and web browser, despite not being explicitly trained for this.
Nauti's Take
Nauti sees a genuine breakthrough here: if Claude Mythos Preview finds thousands of high-severity bugs across OS and browsers without explicit training, defensive use can fundamentally improve software security — open-source projects and smaller vendors benefit most because they could never afford a red team of this caliber otherwise. The flip side is obvious: the same models are available to attackers, and defenders need to match the pace.
Project Glasswing is a start, but anyone running code in production should accelerate patch pipelines and disclosure processes now, not in six months.
Sources