Overview
- India’s CERT-In warned that frontier AI can scan codebases, craft exploits, map networks and run multi‑stage intrusions, urging tighter monitoring, multifactor login, log preservation and near‑immediate patching for newly disclosed flaws.
- Anthropic is investigating reports that unauthorized users reached the Mythos preview through a third‑party contractor, and the company continues to restrict the model to a roughly 50‑member Project Glasswing consortium rather than a public release.
- Anthropic and early testers say Mythos has uncovered thousands of severe weaknesses across major operating systems and browsers, including a 27‑year OpenBSD crash bug, a 16‑year FFmpeg issue and 271 serious Firefox vulnerabilities that defenders are now racing to fix.
- Access is concentrated with large custodians such as AWS, Apple, Google, Microsoft, NVIDIA, Cisco, CrowdStrike, Palo Alto Networks and JPMorgan, a setup that could give top vendors a head start in detection while widening the gap for smaller firms that lack similar tools.
- Security leaders differ on how novel the risk is, with some calling the model a step change in speed and others saying it mainly automates known bug classes, yet most advisories stress basic defenses like zero‑trust, continuous monitoring and rapid updates because legacy systems remain slow to patch.