{"id":13451,"date":"2026-04-23T03:09:13","date_gmt":"2026-04-23T03:09:13","guid":{"rendered":"https:\/\/www.europesays.com\/ai\/13451\/"},"modified":"2026-04-23T03:09:13","modified_gmt":"2026-04-23T03:09:13","slug":"anthropic-cyberattack-highlights-how-the-modalities-are-becoming-harder-to-contain","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/ai\/13451\/","title":{"rendered":"Anthropic cyberattack highlights how the modalities are becoming harder to contain"},"content":{"rendered":"

Investigators and researchers are still learning of the scope of the cyberattack which has hit US government agencies and other victims around the world – AFP<\/p>\n

With both OpenAI and Anthropic introducing more \u201ccyber-permissive\u201d models (in tightly controlled releases), this indicates that advanced vulnerability discovery and exploit reasoning are becoming more accessible and potentially harder to contain. A recent incident demonstrates this.<\/p>\n

This week it was announced how unauthorised users were able to access Anthropic\u2019s Mythos model, PC Mag reports<\/a>. The way the rogue agents accessed the server was reportedly by just changing a model name. <\/p>\n

Anthropic\u2019s Mythos model is a powerful AI tool<\/a> capable of identifying undiscovered security holes that have existed for decades.<\/p>\n

Bloomberg has reported<\/a>\u00a0that an as yet unnamed group tried multiple ways to gain access to the AI model, and then finally they were able to get through to the system, via a third-party vendor.\u00a0<\/p>\n

The issue demonstrates how easily such systems can be exposed. This signals that AI capabilities are already out there and in the wrong hands they can accelerate how quickly vulnerabilities can be detected and exploited. <\/p>\n

Consequently, software teams will need to look at how to harden their code so those vulnerabilities cannot be exploited to begin with.<\/p>\n

Several experts reached out to Digital Journal to explain about the ramifications and ongoing significance of the incident.<\/p>\n

Patching is expected<\/p>\n

The first to do so is Steve Povolny, Vice President of AI Strategy & Security Research at Exabeam<\/a>. Povolny focuses on the seeming simplicity of the attack: \u201cThe reality is, Pandora is out of the box. If it was as relatively easy as it sounds to gain access to the world\u2019s most talked-about security model, it\u2019s very likely a much larger group will have access to Mythos far sooner than originally intended.\u201d<\/p>\n

He then turns his attention to the future, considering: \u201cWhat will be most interesting is observing whether researchers or adversaries can leverage the tech more effectively \u2013 will we see widespread exploitation or widespread discovery and patching first? Or will this be another DeepSeek moment? Overreactions and underwhelming impact. Either way, should be interesting to watch this unfold.\u201d<\/p>\n

Difficult steps ahead<\/p>\n

The second IT specialist to pitch in is Isaac Evans, founder and CEO of Semgrep<\/a>. Evans seeks to put the incident in perspective: \u201cThis infiltration is a minor hiccup compared to the idea of someone exfiltrating the models\u2019 weights, which would be a game-changing scenario, and one that has occurred in part before with the distillation of OpenAI models into Deepseek. Anthropic has to protect Mythos against distillation or outright theft.\u201d<\/p>\n

Evans then ponders the future move for Anthropic: \u201cMythos\u2019 ability to find zero-days in so much of the software stack that SaaS vendors rely on is evidence that security bugs are plentiful, not scarce, in the software Anthropic and the broader community use. The security team at Anthropic has a very difficult job: securing the model on a software stack that was designed for high velocity over high assurance, against some of the most sophisticated threat actors in the world.\u00a0<\/p>\n

He is also cautious about what happens next: \u201cUntil we are able to reach a new steady state by patching all of the vulnerabilities LLMs can find, expect a lot of successful offensive activity.\u201d<\/p>\n

Building offensive-grade AI<\/p>\n

The third commentator is Gabrielle Hempel, Security Operations Strategist at Exabeam. Hempel is interested in how the attack was devised: \u201cAny time you build a high-capability system and expose it even to a semi-distributed environment (partners, contractors, \u201ctrusted\u201d ecosystems), you\u2019re expanding your attack surface beyond what you can realistically control. While everyone seems focused on securing against sophisticated nation-state actors, we\u2019ve increasingly seen third-party access paths becoming the weakest link.\u00a0\u201c<\/p>\n

She next looks at the inherent weaknesses that opened the door for the attackers: \u201cFrom a defender\u2019s perspective, this is the point we\u2019ve been reinforcing until we\u2019ve gone blue in the face: your security perimeter isn\u2019t just the infrastructure you own, it\u2019s your entire supply chain.\u201d<\/p>\n

Stepping back, Hempel weighs up the situation of an offensive AI world: \u201cI think the interesting thing is that everyone is going to focus on the headlines touting, \u201cAI tool capable of cyberattacks falls into the wrong hands. The real problem, however, is that this model was never supposed to be broadly accessible, it was intentionally restricted to a small set of orgs due to dual-use risk, and it still leaked almost immediately due to a contractor environment. The uncomfortable truth here is that we are rapidly building offensive-grade AI capability into tooling and assuming that policy, contracts, and limited access lists are going to sufficiently control the sprawl.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"Investigators and researchers are still learning of the scope of the cyberattack which has hit US government agencies…\n","protected":false},"author":2,"featured_media":13452,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[24,53,4322,2501,8210,4018,314],"class_list":{"0":"post-13451","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-anthropic","8":"tag-ai","9":"tag-anthropic","10":"tag-cyberattack","11":"tag-digital","12":"tag-exploitation","13":"tag-hackers","14":"tag-security"},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts\/13451","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/comments?post=13451"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts\/13451\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/media\/13452"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/media?parent=13451"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/categories?post=13451"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/tags?post=13451"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}