Key Takeaways
- Anthropic’s unreleased AI model, Claude Mythos Preview, can discover and chain software vulnerabilities at unprecedented speed, having already exposed thousands of unknown flaws.
- Access to Mythos is tightly limited to about 50 major technology and infrastructure partners under Project Glasswing; the model is not publicly available because it is deemed too dangerous.
- Cybersecurity firm CyberCX warns Australian businesses, banks, and critical‑infrastructure operators that the window to strengthen defenses is closing before similar capabilities become widely accessible to criminals.
- Anthropic has concurrently launched a defensive product, Claude Security, which lets enterprises scan their own code for bugs and generate patches, already adopted by major consulting firms.
- Experts are divided: while some view Mythos as a game‑changing force multiplier for mature organisations, others argue that existing AI tools can already achieve comparable exploit‑chaining and that poor cyber‑hygiene remains the bigger threat.
- Australian officials are urged to secure access to advanced AI through national agencies (e.g., Australian Signals Directorate) to avoid falling behind international peers.
Overview of the Warning
CyberCX issued an urgent alert to Australian enterprises, financial institutions, and infrastructure operators about a powerful new artificial‑intelligence tool capable of finding and exploiting software flaws at unprecedented speed and scale. The warning stresses that organisations have a limited window to bolster their defences before the technology—or copies of it—falls into the hands of cyber criminals. The alert references the model’s ability to uncover deep‑seated bugs and to chain multiple vulnerabilities together, a capability that could dramatically increase the impact of future data breaches if left unchecked.
Capabilities of Claude Mythos Preview
Claude Mythos Preview, an unreleased AI model developed by U.S. firm Anthropic, has demonstrated an extraordinary aptitude for vulnerability discovery. In internal testing it identified thousands of previously unknown software flaws, including a 27‑year‑old bug lurking in an operating system used worldwide in firewalls and internet routers. When turned against the Firefox web browser, Mythos generated 181 working exploit chains, whereas an earlier, publicly available version produced only two. The model’s strength lies not only in spotting isolated bugs but in linking several weaknesses into a single, exploitable attack path from a single prompt.
Restricted Access and Project Glasswing
Because of its potency, Anthropic has kept Mythos tightly controlled. Access is granted to roughly 50 major technology and infrastructure partners—including Microsoft, Google, Apple, Amazon, and JPMorgan Chase—under a program dubbed Project Glasswing. The company has classified the model as too dangerous for public release, fearing that widespread availability could enable malicious actors to automate large‑scale exploitation. Anthropic is reportedly investigating claims that a small group of unauthorized users obtained Mythos via third parties, underscoring the challenges of controlling such powerful AI.
Statements from Experts
Anthropic product lead Angela Jiang explained that the model’s cyber‑offensive ability emerged as a side‑effect of the company’s broader work on coding and long‑horizon agentic tasks: “If something’s really good at coding, it’s also very good at detecting cyberattacks… and chaining that together.” Dimitri Vedeneev, secure‑AI lead at CyberCX, emphasized that Mythos distinguishes itself not merely by finding old vulnerabilities but by its capacity to chain multiple flaws and suggest concrete exploitation steps, all driven by a single user prompt. Both experts agree that the technology’s offensive potential will soon diffuse beyond the current privileged circle.
Government and International Reaction
Mythos has attracted attention from policymakers worldwide. Bank of England governor Andrew Bailey told the BBC that central banks are examining what the technology could mean for cybercrime, while Canadian finance minister François‑Philippe Champagne labelled it an “unknown unknown” at IMF meetings in Washington. The Trump administration convened major U.S. bank chiefs to discuss the associated risks, and the White House reportedly rejected an Anthropic proposal to double the number of organisations with access to Mythos, citing security concerns. These reactions illustrate the growing unease among regulators about AI‑driven offensive capabilities.
Defensive AI Product: Claude Security
In parallel with its offensive research, Anthropic launched a public beta of Claude Security, a defensive tool that lets enterprise customers scan their own code for vulnerabilities and automatically generate patches. The company says hundreds of organisations have already used the tool in research previews to uncover flaws that traditional scanners had missed for years. Major consulting firms—Accenture, Deloitte, PwC, BCG, and Infosys—are among the early adopters, suggesting a strong market interest in AI‑assisted defensive security measures that can keep pace with emerging threats.
Skepticism and Counterpoints
Not all experts view Mythos as a revolutionary breakthrough. Juraj Janosik, director of AI at cybersecurity firm ESET, argues that vulnerability‑identifying models have existed for years and that, with proper orchestration, threat actors could already achieve Mythos‑like results using generally available AI systems. He contends that the broader issue remains poor cyber‑hygiene: many organisations continue to be compromised by long‑known, publicly disclosed vulnerabilities. From this perspective, while AI advances are noteworthy, they may be secondary to fixing fundamental security practices.
Recommendations for Australian Organizations
Manuel Salazar, director of cyber services at Australian firm Orro, advises that Australian businesses should seek the defensive benefits of Mythos‑class AI without granting unrestricted access to a frontier exploit engine. He recommends securing access to advanced AI through national agencies such as the Australian Signals Directorate, the Department of Home Affairs, and the National Cyber Security Coordinator. CyberCX echoes this call, urging organisations to map critical systems, segment networks, and “fight AI with AI” by deploying defensive AI tools within security functions. The warning arrives amid the backdrop of the 2022 Optus and Medibank breaches, reminding stakeholders that even conventional weaknesses can cause massive harm—and that more sophisticated AI‑driven attacks could exacerbate the fallout if defenses are not strengthened now.