Is Anthropic’s Claude Mythos an AI nightmare waiting to happen?

00:00 Speaker A

Final story of the day, Anthropic. So, we were talking about project Glasswing uh yesterday or the day before and that’s where their Claude model is so powerful. It’s going through all this code of existing code, like operating systems and big world-class enterprise systems. It’s finding all kinds of bugs. And so they were not releasing their Claude Mythos. I’m not sure if I’m pronouncing it Mythos.

00:27 Speaker B

I think it’s Mythos.

00:27 Speaker A

All right. They did not uh release that to the public because it was so good at finding these bugs and you know, there’s a whole big market out there on the black market for zero day vulnerabilities, et cetera. So tell us what we’re what we’re learning here.

00:41 Speaker B

Yeah, I mean, this is just kind of a a scary look into where we’re headed when it comes to AI. and basically, you know, as you said, this this mythos was able to go in, find bugs that are 26 years old that, you know,

00:58 Speaker A

Everybody missed, but now, now suddenly they’re

01:00 Speaker B

Software that’s around for 26 years. And it’s not as though you just release software and you’re like, oh, that’s it, you know, people are constantly trying to, you know, find bugs, patch them and despite all of that over the years, this was able to go through and say, oh, found it. And it it was able to uh find other exploits throughout all the operating systems out there as well as all the web browsers out there. This was not trained for cyber attacks. This was a general purpose model.

01:29 Speaker A

Just emerged.

01:29 Speaker B

It’s yes, they just said, oh no, that’s not great. So they are kind of only releasing it to their partners and saying, look, uh you guys use this to find bugs, fix them before other big models like this come out. And you know, eventually we may see a a stripped down version hit the market, but you know, I was speaking to experts even before Mythos was announced and their takeaway was, look, you know, there’s a number of issues that AI uh introduces to cybersecurity. There’s the ability like we’ve we’re seeing here with Mythos that it can scan for vulnerabilities much faster than hackers and then they can just implement that.

02:08 Speaker B

The flip side is everybody’s moving a lot faster, so that also adds vulnerabilities.

02:16 Speaker A

Yes.

02:16 Speaker B

It’s not just regular folks though. Attackers are also moving a lot faster. Uh there was one uh there was the uh uh project Light LLM. Uh and uh that ended up uh part of a supply chain attack on Mercor. The reason why that was found was a security researcher, uh their computer crashed when it when uh they accidentally downloaded this this uh uh malware and they looked at it and they said, oh, this was vibe coded. So somebody just made a piece of malware using

02:49 Speaker A

that was vibe coded which had additional errors inside it. Okay, that’s great.

02:54 Speaker B

And so that’s that’s where they caught it. Yeah. And so this is going to be, think about how, you know, malware already. Exactly. But it’s now it’s like everybody’s drinking too much Red Bull or whatever or Celsius, I guess if you’re Brian Sozzi and it now it’s just going to be so much faster and hitting so much quicker. And so it’s up to companies like, you know, uh Anthropic, Open AI, Microsoft is big in the space, obviously, then the big the big uh companies uh CrowdStrike, uh Palo Alto Network to be on top of this and include AI in their own offerings as part of the defense mechanism.

03:42 Speaker B

It’s not this isn’t something that I think we’re just going to be able to outsource to software. You need people involved as well to be able to say, okay, we need to do this, we should be watching this.

03:51 Speaker A

And it’s already hitting Palo Alto stock and a number of others in the cybersecurity space.