Anthropic's AI Cybersecurity Initiative Finds Thousands of Vulnerabilities
L'essentiel
- Anthropic's Project Glasswing, using its unreleased Claude Mythos Preview AI model, has identified over 10,000 software vulnerabilities for partners, significantly increasing bug-finding rates.
- The initiative aims to prevent AI-driven cyberattacks.
Résumé généré par IA
Pourquoi c'est important
Anthropic launched Project Glasswing in April to use AI to prevent AI-driven cyberattacks. The initiative utilizes the company's unreleased Claude Mythos Preview model.
Anthropic has published an initial report for Project Glasswing, the cybersecurity initiative it launched in April that aims to prevent AI cyberattacks with, well, AI. The initiative is powered by Claude Mythos Preview, the company's unreleased model, which Anthropic says has already helped its partners find more than ten thousand vulnerabilities overall just a month after Glasswing's launch. In addition, it says most of its partners have "each found hundreds of critical- or high-severity vulnerabilities in their software" using the model. The company said that its partners' rate of bug-finding has increased by more than a factor of ten. Cloudflare found 2,000 bugs, 400 of which are high or critical in severity. Mozilla previously reported that it found and fixed 271 vulnerabilities in Firefox, 10 times more what it found in an older version of the browser using another Claude model. Microsoft's recent announcement that its patch releases will "continue trending larger for some time" is apparently because of the bugs it found through Mythos Preview. Anthropic also used Mythos Preview to scan 1,000 open-source projects over the past few months and found 6,202 high- and critical-severity vulnerabilities out of 23,019. While the company didn't include it in the report, a security research firm recently claimed that it found a way to breach macOS, an operating system known for having tight security, with help from Mythos' bug-finding capabilities. The company explained in its report that it hasn't released Mythos Preview to the public yet, because no company (including itself) has developed safeguards strong enough to prevent models like it from being misused. It intends to release "Mythos-class models" in the future, though, when those safeguards become available. For now, it's planning to work with partners like the US and other governments to expand the availability of Project Glasswing. That indicates that the company may be on its way to repairing its relationship with the US government. The company is already working with several partners at the moment, including Amazon Web Services, Apple, CrowdStrike, Google, JPMorganChase, NVIDIA and Palo Alto Networks, in addition to the others we've already mentioned.
À surveiller
Perspective IA — des possibilités, pas des certitudes
Anthropic will release 'Mythos-class models' in the future when safeguards are developed.
Probable · Moyen terme
Anthropic will continue to work with partners like the US and other governments to expand Project Glasswing's availability.
Très probable · Court terme
Questions ouvertes
- When will Mythos Preview be released to the public?
- What specific safeguards are being developed to prevent misuse of Mythos-class models?
- What is the exact nature of the "breach" of macOS found with Mythos' help?
- What are the specific terms of the partnerships with Amazon Web Services, Apple, CrowdStrike, Google, JPMorganChase, NVIDIA, and Palo Alto Networks?






