Back

Anthropic's Claude Mythos Preview Sparks Cybersecurity Revolution

Severity: High (Score: 69.9)

Sources: Linkedin, Readlion, Theverge, Itnews.Au, Nz.Finance.Yahoo

Summary

Anthropic has announced the launch of Project Glasswing, utilizing its unreleased AI model, Claude Mythos Preview, to identify and exploit thousands of critical software vulnerabilities across major operating systems and web browsers. This model has demonstrated the ability to autonomously discover zero-day vulnerabilities, including a 27-year-old flaw in OpenBSD and a 16-year-old vulnerability in FFmpeg. The initiative involves over 40 partner organizations, including tech giants like Amazon, Apple, and Microsoft, who will use the model defensively to patch vulnerabilities before malicious actors can exploit them. Anthropic has committed up to $100 million in usage credits and $4 million in donations to open-source security organizations. The decision to restrict public access to Mythos is due to concerns about its potential misuse, as it can enable even non-experts to exploit vulnerabilities. The model's capabilities represent a significant shift in cybersecurity, as it can automate vulnerability discovery faster than human experts. With 99% of the vulnerabilities found still unpatched, the urgency for defensive measures is critical. Key Points: • Claude Mythos Preview can autonomously discover and exploit critical zero-day vulnerabilities. • Project Glasswing involves over 40 major tech companies working together to enhance cybersecurity defenses. • Anthropic has committed $100 million in usage credits and $4 million in donations to bolster open-source security.

Key Entities

  • Apt28 (apt_group)
  • GRU (apt_group)
  • Cross-site request forgery (vulnerability)
  • Cross-site Scripting (attack_type)
  • Phishing (attack_type)
  • Sql Injection (attack_type)
  • Supply Chain Attack (attack_type)
  • Zero-day Exploit (attack_type)
  • Axios Supply Chain Attack (campaign)
  • Project Glasswing (campaign)
  • Amazon Web Services (company)
  • Anthropic (company)
  • Apple (company)
  • Capita (company)
  • Cisco (company)
  • China (country)
  • Iran (country)
  • North Korea (country)
  • Russia (country)
  • CVE-2024-1086 (cve)
  • Energy (industry)
  • Financial (industry)
  • Government (industry)
  • Healthcare (industry)
  • Technology (industry)
  • T1021 - Remote Services (mitre_attack)
  • T1068 - Exploitation for Privilege Escalation (mitre_attack)
  • T1071 - Application Layer Protocol (mitre_attack)
  • T1078 - Valid Accounts (mitre_attack)
  • T1195 - Supply Chain Compromise (mitre_attack)
  • Aes-gcm (platform)
  • Amazon Bedrock (platform)
  • Claude Mythos (platform)
  • Claude Mythos Preview (platform)
  • Flowise (platform)
  • Claude (tool)
  • Claude API (tool)
  • Claude Code (tool)
  • Ffmpeg (tool)
  • Microsoft Foundry (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed