{"id":35889,"date":"2026-05-12T10:35:08","date_gmt":"2026-05-12T10:35:08","guid":{"rendered":"https:\/\/www.europesays.com\/ai\/35889\/"},"modified":"2026-05-12T10:35:08","modified_gmt":"2026-05-12T10:35:08","slug":"anthropics-mythos-cracked-software-open-like-an-egg-its-just-the-beginning","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/ai\/35889\/","title":{"rendered":"Anthropic\u2019s Mythos cracked software open like an egg. It\u2019s just the beginning"},"content":{"rendered":"

Well before AI company Anthropic told the world that its new Mythos model was scarily good at finding dangerous flaws in computer code, people at cybersecurity company WolfSSL knew something was up.<\/p>\n

Anthony Hu was on duty that week in late March, triaging bug reports for WolfSSL from his home-office desk in Kitchener, Ont. Eighty of them\u2014a staggering number, far more than he\u2019d ever had during his regular rotations minding the inbox.<\/p>\n

Talking Points<\/p>\n

AI tools are compressing the time and cost to find real cyber vulnerabilities, setting up a race between defenders scrambling to patch old bugs and bad actors looking to exploit them
\nCybersecurity experts have seen the tools\u2019 capabilities grow over the past year, but Anthropic\u2019s Mythos and OpenAI\u2019s GPT-5.5 appear to have taken big leaps forward<\/p>\n

\u201cIt was quite a traumatic week for me,\u201d he says.\u00a0<\/p>\n

Not every report was important, or even valid, but they just kept coming. Each needed to be checked out. Several proved to be high-risk vulnerabilities. Before long, as many as 10 WolfSSL engineers at once were assigned to work through them.<\/p>\n

WolfSSL is headquartered in the United States but its team is distributed around the world. The company\u2019s work is very nerdy and very important: its code secures connections between devices on the internet, especially in embedded systems like sensors, machinery, store checkout systems and home-automation devices.<\/p>\n

Like most software companies, WolfSSL invites bug reports. In its line of business, finding and fixing flawed code is particularly important, because bugs in cybersecurity software are very likely to be security holes, too, with bigger consequences than a word-processor crash.<\/p>\n

\t\t\t\t\tRelated Articles<\/p>\n

\t
\n\t\"\"\t<\/a><\/p>\n

\t
\n\t\"\"\t<\/a><\/p>\n

\n\tBy
\n\tLaura Osman and Murad Hemmadi\n\t<\/p>\n

Hu\u2019s specialty is post-quantum cryptography, readying WolfSSL for the day a working quantum computer blows apart<\/a> the foundations of traditional encryption.<\/p>\n

One report he read that week was a monster, a critical vulnerability that could have let a cyberattacker pose as a legitimate user, prompting emergency meetings and fixes to an important part of WolfSSL\u2019s codebase.<\/p>\n

Who sent that terrifying vulnerability report? Nicholas Carlini, an American artificial intelligence researcher of some renown, particularly for work on breaking machine-learning models by feeding them poisoned inputs. Formerly of Google\u2019s DeepMind AI skunkworks, he\u2019s now at Anthropic. \u201cHe\u2019s got quite the reputation,\u201d Hu says.<\/p>\n

Carlini\u2019s bug report said he\u2019d be happy to talk WolfSSL through what he\u2019d found, an offer Hu and a lot of his colleagues jumped on.<\/p>\n

They had heard rumours that Anthropic had a new model that was really good at cracking cyberdefences, though none of them had seen it themselves. They couldn\u2019t wait to ask Carlini about the model, Hu recounts. \u201cIt was like, \u2018Is this that?\u2019 And he\u2019s like, \u2018Yep.\u2019\u201d<\/p>\n

Once WolfSSL\u2019s team knew about the flaw, writing a fix took just hours, but they eventually determined that it had been sitting in their code since 2017.<\/p>\n

The tool Carlini used to find it was Mythos, which Anthropic would reveal publicly about 10 days later. It\u2019s so good at breaking into other computer systems that Anthropic deemed it too dangerous to release publicly in its current form.<\/p>\n

Along with that announcement, Anthropic published a detailed explanation<\/a> of why the model is so worrisome; Carlini led the list of 26 authors.<\/p>\n

Anthropic has restricted access to a handful of companies, so they can secure critical software before bad actors can break it, an effort<\/a> it\u2019s calling Project Glasswing. Some of this is surely a marketing effort by Mythos\u2019s maker. But it freaked out the U.S. government enough that Treasury Secretary Scott Bessent and Federal Reserve chair Jerome Powell warned<\/a> key financial-sector leaders to batten their virtual hatches and Project Glasswing participants like Microsoft said<\/a> they were taking the risks seriously.<\/p>\n

Hackers have been siccing large language models on computer code for years. If an LLM can write code, it can find problems in code. If your intent is to fix those problems, that\u2019s useful. If your intent is to exploit them, it\u2019s dangerous. The surprise isn\u2019t that Mythos can do these things at all, but rather how good it is at them\u2014a major leap forward from what anybody had seen any model do before.<\/p>\n

WolfSSL discloses<\/a> vulnerabilities it\u2019s confirmed in its software. Unlike some software firms, it doesn\u2019t pay cash bounties, but it does give public credit. A couple of years ago, according to the company\u2019s internal figures, a typical update would fix one vulnerability of some kind. The numbers started increasing last year\u2014from one to two, then eight, then 15. The main driver of that increase is AI assistance.<\/p>\n

A new version released in April fixed 22. One of those was the Carlini report, which WolfSSL rated as critical. The other 21 were rated high\u2014one notch less serious, but still urgent. Several of the recently published disclosures credit Anthropic for helping find them.<\/p>\n

\t\t\"A\t<\/p>\n

\tHu\u2019s employer, WolfSSL, invites reports from outsiders who find bugs in its computer coding. Photo: Nick Iwanyshyn for The Logic\t<\/p>\n

\u201cThe thing that all [LLMs] are the best in the world at is programming. This is primarily what they\u2019ve been tuned for,\u201d said Ian L. Paterson, CEO of Canadian cybersecurity company Plurilock. \u201cThe way that you find a vulnerability that you can craft into an exploit is generally you start with a bug and you see what you can do with that bug.\u201d<\/p>\n

An LLM doesn\u2019t care whether you\u2019re tightening up your own work or breaking into somebody else\u2019s system. Paterson said Plurilock uses AI tools when it\u2019s looking for holes in systems it\u2019s paid to secure.<\/p>\n

That doesn\u2019t mean the bugs that LLMs find are necessarily big deals\u2014or even real. Firms that offer bounties for good reports have been inundated with AI slop.<\/p>\n

One of Hu\u2019s WolfSSL co-workers, Daniel Stenberg, wrote cURL, a ubiquitous<\/a> behind-the-scenes tool for online file transfers, and had been steadily paying<\/a> bug bounties since 2019. In January this year, after paying out more than US$100,000 for 87 worthy reports over the years, he stopped<\/a>. The volume of reports had gone up while the quality collapsed. Essentially, Stenberg was being spammed. But unlike junk emails, these reports all had to be taken seriously.<\/p>\n

\u201cThe never-ending slop submissions take a serious mental toll to manage and sometimes also a long time to debunk. Time and energy that is completely wasted while also hampering our will to live,\u201d he wrote.<\/p>\n

Even before Anthropic revealed Mythos\u2019s existence, though, people in the business had been noticing AI tools getting better at breaking into things.<\/p>\n

\u201cWe\u2019ve seen somewhere between a 10 and 100x compression in both time and cost to find real vulnerabilities that\u2019s been building for, certainly, the last six months in public and potentially longer,\u201d says Paterson.<\/p>\n

With Mythos, Anthropic appears to have made two significant leaps compared to previous models. One is that Mythos can find bugs with little guidance\u2014it doesn\u2019t need to be pointed at particular code and nudged toward what to try.<\/p>\n

The other is that it can combine bugs and vulnerabilities. \u201cIt\u2019s able to put multiple attacks together in a way that only advanced security researchers have previously been able to do,\u201d said WolfSSL\u2019s chief technology officer, Todd Ouska.<\/p>\n

\u201cI use the word \u2018stunning\u2019 not to be dramatic. I\u2019m really in awe and surprised and incredulous at what I\u2019m seeing.\u201d<\/p>\n

Mythos is not magical, though, or even uniquely powerful. With much less fanfare, OpenAI released<\/a> a model update in April\u2014GPT-5.5\u2014that the U.K.\u2019s AI Security Institute said<\/a> is just about as good at cyber tasks. Mythos is impressive<\/a> but not a one-off, the government-sponsored research institute concluded, and the curve of capabilities is going to keep rising.<\/p>\n

\u201cIf cyber-offensive skill is emerging as a byproduct of more general improvements in long-horizon autonomy, reasoning, and coding, we should expect further increases in cyber capability from models in the near future, potentially in quick succession,\u201d the institute said in a report on OpenAI\u2019s new model.<\/p>\n

\u201cSome of the stuff I\u2019ve seen is just stunning to me,\u201d says Jonathan Schaeffer, a professor emeritus of computer science at the University of Alberta who left academe to found<\/a> his own AI company, Synsira Software. \u201cI use the word \u2018stunning\u2019 not to be dramatic, but I\u2019m really in awe and surprised and incredulous at what I\u2019m seeing.\u201d<\/p>\n

Schaeffer devoted<\/a> much of his academic career to devising artificial intelligences that could play games, including a checkers-oriented model called Chinook. Chinook was very good. In 1992, it competed<\/a> against the world-champion checkers player in London, having placed<\/a> second to him in a previous major tournament.<\/p>\n

Draws are the norm in top-level checkers. The human, Marion Tinsley, took the best-of-40 series<\/a> by winning four games to Chinook\u2019s two, with 33 ties. However, Tinsley\u2019s win in Game 18 has an unofficial asterisk.<\/p>\n

\u201cIn a drawn position, my program died, and we lost the game on forfeit with hundreds of media there,\u201d Schaeffer says. \u201cIt was horrible. It was embarrassing.\u201d<\/p>\n

To this day, Schaeffer doesn\u2019t know why it happened. He\u2019s convinced that the problem stemmed from having multiple iterations of the checkers AI running at once to come up with optimal moves. The catastrophic bug appeared twice in one day, and then never again.\u00a0<\/p>\n

\u201cThere\u2019s nothing wrong with the program when you run it by itself, but when you get 16 copies working together, all interacting, something happens,\u201d he says.<\/p>\n

This is the kind of bug that Mythos seems adept at finding, he says\u2014subtle ones that might never cause problems on their own.<\/p>\n

\u201cI couldn\u2019t do this,\u201d Schaeffer says. \u201cWe\u2019re talking about millions of lines of code, and you\u2019re looking for needles in haystacks.\u201d<\/p>\n

People working directly in cybersecurity might have been a bit rattled by what Anthropic says Mythos can do, but it\u2019s passing.<\/p>\n

\u201cThere\u2019s never not a crisis happening in cybersecurity,\u201d says Matt Holland, a former federal cyberspy who\u2019s now CEO of Field Effect, an Ottawa cybersecurity company. \u201cPeople who spend a lot of time in the trenches of cybersecurity aren\u2019t necessarily panicking about this.\u201d<\/p>\n

However good AI models get, they aren\u2019t creative. \u201cWe will see a higher volume of what is already known in regards to attack styles and vulnerability types,\u201d Holland said. \u201cWe\u2019re not going to see this thing produce some unknown vulnerability class or attack vector, because that\u2019s not how LLMs work.\u201d<\/p>\n

\t\t\"\"\t<\/p>\n

\tMatt Holland, CEO of Field Effect, said cybersecurity types aren\u2019t panicking about systems like Mythos. Photo: Justin Tang for The Logic\t<\/p>\n

It does seem very likely, though, that we\u2019re starting a period in which Mythos and its equivalents find bugs that have been sitting unnoticed in software for a long time. Bad actors trying to abuse them will race against good ones trying to fix them. Eventually, we\u2019ll reach a new normal in which programmers use these tools to go over code before it goes into the wider world.<\/p>\n

Bigger companies with major cybersecurity teams will get to the end of the bumpy ride first, Paterson expects, because they\u2019ll make best use of Mythos and its AI-model cousins. Small companies that use the big ones\u2019 products will tag along.<\/p>\n

\u201cMy concern is particularly in the mid-market, where organizations are big enough to write their own code, but they\u2019re maybe not big enough to fully staff and empower vulnerability management teams,\u201d Paterson says. \u201cI\u2019d be particularly concerned about them being at risk to the bad guys.\u201d<\/p>\n

Hu says standard cyber hygiene is the best response for people who are trying to use software rather than write it. Programmers can fix their code but that doesn\u2019t help if users don\u2019t download and install the patched versions.<\/p>\n

\u201cThe appropriate message is: \u2018Please, please update. Please update,\u2019\u201d Hu says.<\/p>\n

If cybersecurity pros are taking the arrival of these models with trained equanimity, others, like Schaeffer, are watching the exponential increase in AI\u2019s coding capabilities with more wonder.<\/p>\n

Schaeffer has not hauled Chinook out of virtual storage to see whether a 2026 coding AI can find the problem in his 1992 checkers algorithm. He\u2019s got a company to run. But he has not forgotten.<\/p>\n

\u201cThe bug bothers me. I will definitely go back and find it just because it\u2019s a part of my life, and I want to get closure on that,\u201d he says. \u201cOne day, once I sell out my shares of the company for $1 billion, then I will return back to the checkers project and get AI to answer the question for me.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"Well before AI company Anthropic told the world that its new Mythos model was scarily good at finding…\n","protected":false},"author":2,"featured_media":35890,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[53,25,313,353,781],"class_list":{"0":"post-35889","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-anthropic","8":"tag-anthropic","9":"tag-artificial-intelligence","10":"tag-cybersecurity","11":"tag-mythos","12":"tag-tech"},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts\/35889","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/comments?post=35889"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts\/35889\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/media\/35890"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/media?parent=35889"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/categories?post=35889"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/tags?post=35889"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}