Anthropic’s Project Glasswing aims to improve online security
Jonathan Raa/NurPhoto via Getty Images)
The past few weeks have brought apparently alarming news of Mythos, an AI that can identify cybersecurity flaws in a matter of moments, leaving operating systems and software vulnerable to hackers. The cybersecurity community is now beginning to get a better sense of how Mythos may change the face of cybersecurity – and not necessarily for the worse.
What is Mythos and why are people concerned by it?
Mythos is an AI created by Anthropic. Its existence was accidentally revealed last month when people unearthed content on the company’s website, not due for publication, which had been left unsecured for anyone to see.
According to Anthropic, there’s a good reason the model had been kept behind closed doors: it is – by accident rather than design – extremely good at hacking. It can allegedly discover flaws in virtually any software, if asked, that would allow the user to break in.
The company says that Mythos found thousands of high- and critical-severity vulnerabilities in operating systems and other software. Anthropic did not respond to New Scientist’s request for comment, but the company said on its website that “the fallout—for economies, public safety, and national security—could be severe.”
The company says it took the responsible step of keeping it hidden.
So nobody at all is able to use it?
Not quite. Anthropic has decided to make it available to a select group of technology and finance giants like Amazon Web Services, Apple, Google, JPMorganChase, Microsoft and NVIDIA under something called Project Glasswing so that they can uncover any bugs in their own software before someone else does.
Members of a private online forum have also managed to gain unauthorised access to the trial. Reports suggest that they simply made an “educated guess” about where the model would be hosted online – the same sort of issue that led to the revelation of the existence of Mythos in the first place. Perhaps a company so concerned about cybersecurity should pay more attention to their own.
While the model was initially due to be kept under wraps and out of use, it’s now gaining huge attention and being tested by some of the world’s best cybersecurity experts. Many of those companies are also Anthropic’s largest potential customers, of course – and hype about the power of Mythos will certainly do Anthropic no harm.
Security expert Davi Ottenheimer summed up the situation in a blog post as “a legitimate technological capability, reframed as civilisational threat, by a party that benefits from the reframing”.
Is it as dangerous as people are making out?
Kevin Curran at Ulster University, UK, says that the revelation of Mythos and what it might be able to do “triggered alarm across the security industry”, although researchers were divided on how serious the threat actually was. “What happens when a machine can do in seconds what a skilled human hacker takes months to accomplish?” he wonders.
But there are indications that it isn’t time to panic yet. Bobby Holley at Firefox – one of those organisations being given access to Mythos – wrote in a blog post that the model helped his team find 271 vulnerabilities in the web browser, which is certainly quite a haul, but that none were so ingenious, impenetrably complex or sophisticated that a human couldn’t have dug them out.
“Just one such bug would have been red-alert in 2025, and so many at once makes you stop to wonder whether it’s even possible to keep up,” wrote Holley. “Encouragingly, we also haven’t seen any bugs that couldn’t have been found by an elite human researcher.”
The AI Security Institute (AISI) – set up under then-UK Prime Minister Rishi Sunak after the UK’s AI Summit in 2023 – has also investigated Mythos. In tests, it was found to be capable of attacking only “small, weakly defended and vulnerable enterprise systems” and there was no indication that a really secure bit of software or network would be at risk, although it was a step up in ability from previous models. And AISI did warn that these things are improving fast. AISI did not comment when asked by New Scientist to discuss the threat.
Alan Woodward at the University of Surrey, UK, has a pragmatic view of the threat posed by Mythos – and all other AI models in general, which also have the ability to spot cyber vulnerabilities to varying degrees. “The AI is not necessarily capable of finding vulnerabilities that a human wouldn’t, but it’s just so much faster, thorough and relentless. Hence it’s finding vulnerabilities that humans have missed,” he says. “AI, as demonstrated by Mythos, is making the attacker’s job more efficient and giving them a speed and agility that make defence harder, but not impossible.”
So it seems that while Mythos can find flaws at scale and speed, it isn’t finding anything devastatingly dangerous yet. And there are even reasons to believe that it could actually be a good thing.
How can a hacking AI be positive?
“The defects are finite, and we are entering a world where we can finally find them all,” wrote Holley. In essence, if you make or maintain software then you can also use Mythos to pick apart your own code and patch it – perhaps even before it’s released.
AI will almost certainly get more capable of finding flaws and malicious attackers will almost certainly benefit from this to some extent. But this will also help software-makers – although those who maintain ageing, clunky government software written decades ago may find keeping up challenging.
Even Anthropic believes that hacking AIs will eventually benefit defenders more than attackers – but then again, saying the opposite would make it hard to justify making them.
Essentially, AI is making – and will continue to make – both hacking and defending from hackers easier, but those who ignore the technology will find themselves at a big disadvantage.
“Treat Mythos as the warning shot it is,” says Curran. “And assume that within 18 months, comparable capabilities will be in the hands of adversaries. The window to get ahead of this is open, but it is closing fast.”
Topics: