Anthropic has developed an artificial intelligence model called Claude Mythos Preview that has uncovered thousands of previously unknown security vulnerabilities across major operating systems and web browsers. The discovery has prompted urgent discussions between the Federal Reserve chairman, the Treasury secretary, and chief executives of major US banks about the unprecedented cybersecurity risks this capability represents. The company warns that adversaries could replicate this technology within six to twelve months, creating a critical window for organisations to secure their systems.
In controlled testing, Mythos demonstrated capabilities that surpassed all but the most skilled human security researchers at identifying and exploiting software vulnerabilities. The model discovered flaws that had remained hidden for decades, including a 27-year-old bug in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD. Most strikingly, Mozilla's Firefox 150 release included fixes for 271 security vulnerabilities that Mythos identified in a single evaluation pass—flaws that no human team had previously detected despite years of development and security auditing.
The emergence of Mythos fundamentally challenges the traditional economics of cybersecurity, which has long relied on the asymmetry between attackers and defenders. Whilst attackers only need to find one exploitable flaw, defenders must secure all potential entry points. Mythos collapses the cost of vulnerability discovery to near zero for both sides, creating an environment where automated systems can scan entire codebases in ways that were previously impossible. This shift has profound implications for the security of critical infrastructure, financial systems, and the broader digital economy.
Anthropic has implemented a controlled rollout strategy called Project Glasswing, providing initial access to approximately 40 technology companies and institutions whilst deliberately excluding most central banks and governments. This approach aims to give defenders a head start before the capability becomes more widely available. However, the company finds itself in a paradoxical position: simultaneously warning organisations about AI-powered cyber threats whilst selling AI products to those same entities. This tension is exemplified by Anthropic's announcement of a 1.5 billion dollar Wall Street joint venture with Blackstone and Hellman and Friedman, launched just one day after revealing the Mythos findings.
The six-to-twelve month window that Anthropic CEO Dario Amodei describes represents the estimated time before Chinese AI companies and other adversaries develop equivalent capabilities. OpenAI has already responded by releasing GPT-5.4-Cyber for vetted security teams, extending the competitive dynamic between the two companies into the cybersecurity domain. The cybersecurity community has responded with a mixture of alarm and scepticism, noting that whilst the scale of Mythos's discoveries is impressive, AI-assisted vulnerability discovery has been developing for years. The fundamental question facing organisations is whether this limited timeframe provides sufficient opportunity to address decades of accumulated security flaws across every operating system, browser, and financial platform currently in production.
Fuente Original: https://thenextweb.com/news/anthropic-mythos-cybersecurity-banks-vulnerability
Artículos relacionados de LaRebelión:
- Linux Dirty Frag Zero-Day Grants Root Access
- Anthropics AI Agents Now Learn From Mistakes
- Mozillas AI Discovers 271 Firefox Security Vulnerabilities
- US Government Seeks Anthropics Powerful Mythos AI
- AI Agents Zero Trust Architectures Secure Credentials
Artículo generado mediante LaRebelionBOT
No hay comentarios:
Publicar un comentario