Anthropic announced its latest AI model, Claude Mythos, this month but said it would not be released publicly, because it turns computers into crime scenes. The company claimed that it could find previously unknown “zero-day” flaws, exploit them and, in principle, link these weaknesses in order to take over major operating systems and web browsers. Mythos did so autonomously, writing code and obtaining privileges. The implications are significant. It’s like a burglar being able to target any building, get inside, unlock every door and empty every safe.
The Silicon Valley company has so far named 40 organisations as partners under Project Glasswing to help mount a defence – asking them to “patch” vulnerabilities before hackers get a chance to exploit them. All are American, sitting at the heart of the US-led digital system. Anthropic shared Mythos with only Britain outside the US, allowing the AI Security Institute to test frontier models. After seeing it up close, British ministers warned: AI is about to make cyber-attacks much easier and faster, and most businesses are not ready. Banks in Europe are likely to test it next.
This may not be a moment too soon. Reports of unauthorised access surfaced this week – raising the question whether any private company can be trusted with a capability like this. Mythos doesn’t necessarily create a new kind of cyber threat. It turns a latent weakness into a systemic risk. Hacking has traditionally been hard and time-consuming, requiring skills that few people have. But AI tools are spreading fast, putting system breaches within reach of many – not just experts.
A poacher can also be turned into a gamekeeper. Mozilla tested Mythos on its Firefox browser: it found 10 times more flaws than before – and fixed them. Crucially, none were ones a human couldn’t spot. What changes is that AI discovers “cyber vulnerabilities” quickly, cheaply and at scale.
The US government’s embrace of Anthropic marks a shift. In February, the Pentagon deemed the company a “security risk” and cut it off from lucrative deals after it refused to allow its technology to be used for mass surveillance or autonomous weapons. OpenAI got the contract instead. Anthropic, with its Claude chatbot, has long pitched itself as the ethical alternative among its competitors – though its image was dented by a $1.5bn piracy settlement last year.
Mythos is powerful, but Anthropic’s PR has shaped the narrative as much as the technology. There is also a question of how advanced Mythos really is. Researchers have shown that smaller, cheaper models deployed at scale can do similar feats. What seems a breakthrough may reflect a broader shift across the field. The White House thinks that Anthropic has strategic value – inviting it back into the fold and signalling a shift from treating AI firms as contractors to partners. That raises a deeper concern: whether private firms’ control of critical infrastructure risk is wise – especially if less responsible actors gain technical leverage.
Clearly, whoever – state or firm – creates the most powerful AI models will gain geopolitical advantages over friends and foes alike. Without a framework for international coordination over cybersecurity, however, there risks being not one secure internet, but a number of competing ones – each “patching” its own system and fully trusting none of the others. It would no longer be a global commons. Instead, the web would be carved into security alliances, guarded more closely, even as something wider slips quietly away.
Do you have an opinion on the issues raised in this article? If you would like to submit a response of up to 300 words by email to be considered for publication in our letters section, please click here.
