English
中文
Deutsch
HomeArticle

Anthropic's "Oppenheimer Moment": The Company Most Afraid of AI Created the Most Dangerous AI

爱范儿2026-04-09 09:38
Claude Mythos is not made public due to network security risks and can discover and exploit zero-day vulnerabilities.

Anthropic has released its most powerful model to date, Claude Mythos, which will not be open to the public.

The more I hear about it, the more curious I get. Just how powerful is it?

The reason for not making it public is that the model "poses unprecedented cybersecurity risks." All previous models have been tested for their capabilities in the field of cybersecurity. So far, only Mythos has received such a "high evaluation."

The company most afraid of AI is creating the most dangerous AI, and this concerns you and me.

Even Company A is scared

Before the release of Mythos, Anthropic privately warned high - ranking US government officials that Mythos would make large - scale cyberattacks easier to carry out in 2026.

On April 7th, Anthropic's red - team security team released a technical assessment report on Mythos Preview. This report is one of the most significant technical documents in the field of AI security in recent years. The part that made Company A decide not to release it publicly is:

Mythos Preview can find "zero - day vulnerability" - level bugs in every major operating system and every major browser and autonomously write attack code.

In the field of cybersecurity, "zero - day" means that the time for developers to fix a vulnerability after discovering it is 0 days — at the moment of discovery, it can already be exploited, and the defense side has no preparation time.

In a previous push, we also mentioned that Mythos found a 27 - year - old TCP protocol vulnerability in OpenBSD, a 16 - year - old video decoder vulnerability in FFmpeg, a 17 - year - old remote code execution vulnerability (CVE - 2026 - 4747) in the FreeBSD kernel, a memory corruption vulnerability in an unnamed production - level cloud computing VMM, and sandbox escape vulnerabilities in multiple major browsers. These bugs have existed for ten or even twenty years and have never been discovered by anyone or any tool before.

Why have these bugs been hidden for so long? Obviously, it's not because they are too simple to be ignored, but because they are too complex: they require multi - dimensional reasoning and precise triggering conditions.

Currently, the most important automation tool in the security industry is the fuzzer. It feeds a large amount of random input into a program to see if it crashes. Fuzzers are good at finding simple relationships like "input X causes a crash."

Fuzzers don't "reason"; they just do blind testing. For example, the security vulnerability in OpenBSD requires understanding that two seemingly unrelated conditions combined will cause a problem; the bug in FFmpeg requires constructing a video file that precisely hits a specific value. In normal use or random testing, it may never be discovered.

What about humans? Humans can reason, right? But human auditors need to consider the scale. These projects have millions of lines of code, and it's impossible for the human eye to check every file line by line. Moreover, there is a psychological blind spot: when a piece of code has been running safely for 27 years, anyone will take it for granted that "someone must have checked it."

The qualitative change of Mythos is that it has both the abilities of reasoning and targeted experimentation for the first time. Traditional tools do "blind testing": random input and observing the results. Human auditing is "reasoning": reading code, reasoning about vulnerabilities, and verifying.

Mythos combines the two. It understands the semantics of the code, makes a hypothesis that "there may be a vulnerability here," and then starts the program itself, adds debugging logic, and runs experiments to verify or refute the hypothesis, repeating this process.

Anthropic emphasizes that these abilities are not the result of specialized training but are by - products of the model's general improvements in code, reasoning, and autonomy. They are "emergent." Making the model better at fixing vulnerabilities also makes it better at exploiting them. The success rate of the previous - generation model Opus 4.6 in autonomous vulnerability exploitation was close to 0%. In the same test, the success rate of Mythos Preview jumped from 2 times to 181 times. It's not a step - by - step improvement but a huge leap.

Jared Kaplan, the chief scientist of Anthropic, told The New York Times that he hopes more people will be aware of the capabilities of this technology because it means that the model not only has the ability to find and discover vulnerabilities but also the ability to exploit them, automatically turning vulnerabilities into usable weapons.

Another security researcher, Logan Graham, raised a more pointed question: A large amount of critical infrastructure around the world runs on old code. Their past security mainly relied on the premise that attacking them required a large amount of human resources. "What if this security paradigm no longer holds?"

The systems you rely on are losing protection

Cybersecurity is a somewhat lofty term, but in fact, it is closely related to the daily lives of everyone who uses the Internet.

The most typical example is FFmpeg, an open - source video processing library responsible for video decoding, encoding, and conversion. YouTube, Netflix, Bilibili, WeChat Video, VLC player, almost all software that needs to play or process videos directly or indirectly depends on it. When you watch videos on your phone every day, the code of FFmpeg is probably running on your device.

For such a basic infrastructure, there was a 16 - year - old bug in the code that no one discovered in 16 years. It seemed that the problem was not serious — until Mythos appeared.

The vulnerabilities found by Mythos in these systems didn't cause problems before because finding these bugs required a large amount of time from human experts. Now, this obstacle no longer exists.

A report in The New York Times on April 6th painted a broader picture: AI is fundamentally changing the offensive and defensive landscape of cybersecurity. Hackers are using AI to accelerate attacks, and the defense side can only respond with more AI. Human security experts are being pushed out of the front line of offensive and defensive operations.

The next day, TIME reported on the latest research by Google and the quantum computing startup Oratomic. With the help of AI, quantum computers may crack Internet encryption protocols several years earlier than expected. Oratomic's research team used AI tools to optimize algorithms, reducing the number of qubits required to build a dangerous quantum computer by 100 times. Co - founder Dolev Bluvstein said, "We definitely used AI to accelerate this research and development."

Bas Westerbaan, a security researcher at Cloudflare, was even more direct in his assessment: "Almost every system in the world will become vulnerable to quantum attackers."

Will they take responsibility once they discover the problem?

Anthropic is one of the companies in Silicon Valley that most often raises the flag of "responsible AI." Its founders left OpenAI because they were worried about AI security. Company A publishes a large amount of security research every year. At the same time, it is also Company A that has created the most lethal weapon for cybersecurity.

There is only a thin line between responsible disclosure and threat warning. Along with the release of Mythos, Anthropic also led the establishment of Project Glasswing. It first provides this tool to the defense side (critical infrastructure and open - source projects) so that they can fix the most important vulnerabilities before models with similar capabilities become widely available.

This is the most counter - intuitive part: the company that discovered these problems is exactly the company that has been warning about these problems. Anthropic is not pretending that everything is safe. It is loudly saying: We have created a dangerous thing, we know it's dangerous, and we are trying our best to let the defense side get ahead. But they also know that similar models from other companies will soon catch up. By publicly demonstrating the danger, Anthropic achieves two goals at the same time: it establishes its status as a security authority and proves the upper limit of Mythos' capabilities to potential customers. "This model is so powerful that even we are scared of it." This sentence is both a warning and an advertisement.

Meanwhile, the security paradigms of your browser, the cloud services you use, your video platforms, and your encrypted communications are being redefined. The security shields they wear are becoming more and more fragile. In the past, they were "safe" because attackers needed a large amount of manpower and time to discover and exploit vulnerabilities. Now, a model can complete the same work in a few hours.

AI security is no longer just an industry topic. It concerns you and me, and Mythos is just the beginning.

This article is from the WeChat official account "APPSO". Author: Discovering Tomorrow's Products. Republished by 36Kr with permission.

该文观点仅代表作者本人,36氪平台仅提供信息存储空间服务。

For media inquiries, interview requests, business collaboration and Recruit global ecological partners, please contact mohaiying@36kr.com.
Partner:startuprad.io

36kr Europe (eu.36kr.com) delivers global business and markets news, data, analysis, and video to the world, dedicated to building value and providing business service for companies’ global expansion.

© 2024 36kr.com. All rights reserved.