WASHINGTON (TNND) — A powerful new artificial intelligence model is drawing attention in the tech and cybersecurity world — not just for what it can do, but for how it could be used if it falls into the wrong hands.
Anthropic, one of the leading AI firms, is developing an experimental system known as “Mythos.” Unlike consumer-facing AI tools, this model is not publicly available. Instead, it’s being quietly tested with a small group of major companies due to concerns over its capabilities.
A Tool Built for Cybersecurity — and Potential Exploitation
At its core, Mythos is designed to excel at cybersecurity tasks. According to Anthropic, the model has already identified thousands of high-severity software vulnerabilities, including flaws in widely used operating systems and web browsers.
In some cases, the system has even demonstrated the ability to identify and exploit so-called “zero-day” vulnerabilities — previously unknown weaknesses that can be especially dangerous if discovered by malicious actors.
Independent testing by the UK AI Security Institute underscores both the promise and the risk. Evaluators found the model succeeded in expert-level cybersecurity challenges roughly 73% of the time and, in certain scenarios, could carry out complex, multi-step simulated cyberattacks from start to finish.
However, those tests were conducted in controlled environments — not against real-world, highly defended systems.
Why Access Is Being Restricted
Because of these capabilities, Anthropic and other AI companies are taking a cautious approach.
Rather than releasing Mythos publicly, access is limited to a small group of major tech firms, including Google, Amazon, Apple, and Microsoft. The goal is to test the system while minimizing the risk of misuse.
The company has also launched “Project Glasswing,” an initiative focused on using advanced AI capabilities for defensive cybersecurity purposes.
As part of that effort, firms are conducting extensive “red teaming,” where security experts attempt to break the system and uncover potential vulnerabilities before a wider rollout. Companies also say they are monitoring how these tools are used in real time — with the ability to shut down access if abuse is detected.
Still, experts warn that as AI systems become more powerful, the risk of misuse grows.
A Growing Cyber Threat Landscape
Those concerns come at a time when cyberattacks are already a major global issue, targeting everything from hospitals to government agencies.
In a recent example, hackers linked to Iran reportedly accessed emails connected to FBI Director Kash Patel. While officials said no sensitive information was exposed, the incident highlights ongoing vulnerabilities.
Security researchers warn that advanced AI could make these threats even more dangerous — allowing attackers to identify weaknesses faster and carry out more sophisticated operations.
In the U.S., the Cybersecurity and Infrastructure Security Agency, or CISA, leads efforts to defend against cyber threats. The agency is responsible for protecting critical infrastructure, including power grids, election systems, and financial networks.
But challenges remain. Concerns about staffing and resource constraints have raised questions about whether current defenses can keep pace with rapidly evolving threats — especially as AI enters the equation.
