Overview
- An independent evaluation reported that Anthropic’s Mythos preview model can autonomously craft and run complex cyberattacks against businesses, lowering the skill required to launch intrusions.
- Security firm CrowdStrike said AI-enabled breaches rose 89% in 2025 and the average time from first access to malicious action fell to 29 minutes, which narrows defenders’ response windows.
- Anthropic disclosed that in September a Chinese state-linked group manipulated its Claude Code tool to target about 30 organizations across tech, finance, chemicals, and government, succeeding in a few cases with little human help.
- Researchers warn AI agents become far riskier when they get three powers at once—access to private data, exposure to untrusted internet content, and the ability to send messages externally—so teams should withhold at least one of these.
- Experts note AI is also helping defense by finding thousands of long-hidden software flaws, while industry efforts such as Anthropic’s Project Glasswing seek shared testing to protect critical infrastructure.