When you buy through our links, you’re supporting our mission.

Subscribe
old windows folder icon

The AI Too Dangerous to Release (They Are Releasing It)

Anthropic’s Claude Mythos discovers 6,202 critical bugs in open-source projects while company admits lacking security controls

Annemarije de Boer Avatar
Annemarije de Boer
Annemarije de Boer Avatar
Annemarije de Boer
Annemarije de Boer is a Los Angeles-based director and visual storyteller specializing in technology reviews and digital innovation journalism. Drawing from her BA in Psychology and decades of hands-on tech experience, Annemarije uses her understanding of human behavior to demystify complex gadgets and emerging technologies for everyday users. Her journey began as a video editor on Final Cut Pro First Edition, and her expertise spans blockchain technology, cryptocurrency obsession, and digital security advocacy on X (Twitter).
All Articles by Annemarije de Boer

Annemarije de Boer Avatar

By

Annemarije de Boer
Annemarije de Boer Avatar
Annemarije de Boer
Annemarije de Boer is a Los Angeles-based director and visual storyteller specializing in technology reviews and digital innovation journalism. Drawing from her BA in Psychology and decades of hands-on tech experience, Annemarije uses her understanding of human behavior to demystify complex gadgets and emerging technologies for everyday users. Her journey began as a video editor on Final Cut Pro First Edition, and her expertise spans blockchain technology, cryptocurrency obsession, and digital security advocacy on X (Twitter).

All Articles by

Annemarije de Boer

·

2 min read
Image: Deposit Photos

Key Takeaways

Key Takeaways

  • Claude Mythos automatically discovers 6,202 critical vulnerabilities across 1,000 open-source projects
  • Anthropic admits lacking safeguards to prevent weaponization yet promises future public access
  • Cybersecurity stocks drop 5-11% as AI vulnerability discovery outpaces human security teams

Finding software vulnerabilities used to require teams of security researchers months of painstaking analysis. Anthropic’s Claude Mythos does it automatically—and that’s exactly the problem.

The company admits no one, including itself, has built safeguards strong enough to prevent such models from being weaponized. Yet Anthropic simultaneously promises to make “Mythos-class models” publicly available once it develops “far stronger safeguards.”

This contradiction sits at the heart of AI’s cybersecurity revolution.

When AI Outpaces Human Security Teams

Mythos has already scanned more than 1,000 widely-used open-source projects, surfacing 6,202 high or critical-severity vulnerabilities. Among its discoveries: a 27-year-old bug in OpenBSD that survived decades of manual security review. The model doesn’t just find vulnerabilities—it can weaponize them, constructing working exploits that could enable convincing phishing sites or certificate forgery attacks.

Current access remains tightly controlled through Project Glasswing, limiting the model to vetted organizations like:

  • AWS
  • Apple
  • Microsoft
  • Major cybersecurity vendors

Even so, some open-source maintainers have asked Anthropic to slow down its disclosure rate because they lack resources to patch the flood of legitimate bugs Mythos keeps finding.

The Safeguards That Don’t Exist Yet

Here’s where things get complicated. Anthropic distinguishes between the current “Mythos Preview” (which will never go public) and future “Mythos-class models” that supposedly will. The company offers no concrete timeline beyond “near future” and no technical specifics about what “far stronger safeguards” would actually look like.

Meanwhile, unauthorized access has already occurred due to internal security lapses—raising questions about whether Anthropic can secure such powerful AI internally, let alone control its external distribution. The White House has intervened to block proposed access expansion from 50 to 120 organizations over national security concerns, creating a system of informal AI licensing through government pressure rather than legal frameworks.

The vulnerability discovery arms race has officially gone algorithmic. Cybersecurity stock prices dropped 5-11% when Mythos capabilities became public, while governments from Japan to India ordered emergency surveillance reviews. Your security team may soon need AI-powered tools just to keep pace with AI-powered attackers—assuming you can access them first.

Share this

You Might Also Like_

Our Editorial Process

At Gadget Review, our guides, reviews, and news are driven by thorough human expertise and use our Trust Rating system and the True Score. AI assists in refining our editorial process, ensuring that every article is engaging, clear and succinct. See how we write our content here →

Join over 100k Readers

Join 100,000+ readers discovering the coolest gadgets, smart buying guides, and the tech news that actually matters.

LATEST Lists_

Why Trust Gadget Review

With over 25 years of experience, our editorial process is built on human expertise, ensuring that every article is reliable and trustworthy. AI helps us shape our content to be as succinct and engaging as possible.

Learn more about our commitment to integrity in our Code of Ethics.

LATEST NEWS_

Latest Buying Guides_

Latest Reviews_

LATEST Resource Articles_