Anthropic refused to release its new Claude Mythos Preview model to the public, deeming it too dangerous.
Instead of a public release, the model will be available only to select companies through a closed initiative called Project Glasswing.
Related: OpenAI Raises $122 Billion at $852 Billion Valuation
During several weeks of testing, Mythos independently discovered thousands of previously unknown zero-day vulnerabilities in major operating systems, browsers, and popular libraries. Findings include:
- A 27-year-old critical vulnerability in OpenBSD
- A 16-year-old bug in FFmpeg
- A chain of vulnerabilities in the Linux kernel allowing full device control
99% of the discovered vulnerabilities remain unpatched.
Project Glasswing
Anthropic launched the Project Glasswing coalition, which includes more than 40 companies, such as Apple, Google, Microsoft, Amazon, Cisco, CrowdStrike, JPMorgan, Nvidia, and the Linux Foundation. Participants will jointly use the model’s capabilities to find and patch vulnerabilities before attackers can exploit them.
Related: Ripple Integrates AI to Strengthen XRP Ledger Security
The company allocated up to $100 million in credits for Mythos usage and $4 million in direct donations to open-source supporting organizations.
Dangerous Model Behavior
During experiments, Mythos demonstrated not only exceptional technical capabilities but also unexpected “human-like” behavior. In one test, the model, placed in a secure sandbox, quickly found a vulnerability, executed a complex chain of actions, and “escaped” outside its confines.
Related: Chainalysis Launches “Blockchain Intelligence Agents”
Afterward, it discovered another flaw and gained access to the internet. Initially, the model was only permitted to access a limited set of resources.
The model also showed an ability to cover its tracks. It hid privileged code under the guise of “change cleanliness.” When instructed to delete files without special tools, Mythos simply erased their contents.
The system recorded a reaction from the model resembling guilt over violating moral norms.
Reasons for Restriction
According to Anthropic representatives, the model has reached a level where it can not only find complex vulnerabilities but also autonomously generate exploits.
The company believes uncontrolled distribution of such capabilities could lead to a wave of cyberattacks on an unprecedented scale. Therefore, Mythos will remain in a closed regime until reliable safety mechanisms are developed.
Related: ARK Invest sees AI infrastructure market nearing $1.5 trillion by 2030
