{"id":203393,"date":"2026-04-08T15:42:00","date_gmt":"2026-04-08T19:42:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/08\/is-anthropics-new-claude-model-a-cybersecurity-disaster\/"},"modified":"2026-04-08T19:40:22","modified_gmt":"2026-04-08T23:40:22","slug":"is-anthropics-new-claude-model-a-cybersecurity-disaster","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/08\/is-anthropics-new-claude-model-a-cybersecurity-disaster\/","title":{"rendered":"Is Anthropic\u2019s New Claude Model a Cybersecurity Disaster?"},"content":{"rendered":"

Is Anthropic\u2019s New Claude Model a Cybersecurity Disaster?<\/a><\/p>\n

https:\/\/nymag.com\/intelligencer\/article\/anthropic-claude-mythos-preview-cybersecurity.html<\/a><\/p>\n

Publish Date: 2026-04-08 15:42:00<\/a><\/p>\n

Source Domain: nymag.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

Photo-Illustration: Intelligencer; Photo: Getty Images<\/p>\n

In recent months, AI models have become much better at writing, debugging, and testing code. This has scrambled the AI race, making the software-focused Anthropic its leader and sending everyone else in pursuit of a new, more focused goal: improving coding tools and racking up as many excited and frightened enterprise customers as possible.<\/p>\n

As these tools have become more capable at writing software, though, they\u2019ve also gotten a lot better at figuring out how to break it. AI coding is rapidly automating parts of software development, but \u2014\u00a0at least and perhaps even more quickly \u2014 it\u2019s automating hacking, too. Malicious actors have been using AI to help speed up and extend their capabilities for well over a year now with limited but real success; at the same time, software companies and open-source projects have been using AI tools to harden their software and find new vulnerabilities. The models\u2019 recent ramp-up in coding capabilities has clarified the situation. If a software developer can now oversee a fleet of coding agents to knock out more features in less time, so too can someone whose objective is finding exploitable flaws in other people\u2019s software in order to exfiltrate data, shut down systems, or hold them hostage for ransom.<\/p>\n

This all gets particularly dicey when the technology takes a massive, sudden leap foward, which happens to describe how AI frontier model releases \u2014\u00a0which come from a tiny group of massive firms \u2014 can work. Anthropic says its next model is one such case:<\/p>\n

Earlier today we announced Claude Mythos Preview, a new general-purpose language model. This model performs strongly across the board, but it is strikingly capable at computer security tasks. In response, we have launched Project Glasswing, an effort to use Mythos Preview to help secure the world\u2019s most critical software, and to prepare the industry for the practices we all will need to adopt to keep ahead of cyberattackers.<\/p>\n

By \u201cstrikingly capable at computer security tasks,\u201d Anthropic\u2019s testers mean, among other things, that the new model makes it much, much easier to find exploits in existing software. Testers using this version of Claude were \u201ccapable of identifying and then exploiting zero-day vulnerabilities in every major operating system and every major web browser,\u201d while non-experts were able to use it to \u201cfind and exploit sophisticated vulnerabilities.\u201d The programmer Simon Willison took a look at some of the examples and reports from Glasswing partners and found Anthropic\u2019s claims compelling. \u201cThere\u2019s enough smoke here that I believe there\u2019s a fire,\u201d he wrote. \u201cIt\u2019s not surprising to find vulnerabilities in decades-old software, especially given that they\u2019re mostly written in C, but what\u2019s new is that coding agents run by the latest frontier LLMs are proving tirelessly capable at digging up these issues.\u201d<\/p>\n

This creates a strange situation in the short term, where one company, in the process of creating a general-purpose AI model with a particular focus on coding, has effectively gained the exclusive ability to exploit countless thousands of pieces of software deployed by competitors, governments, and institutions around the world. (The same company, it should be noted, that the U.S. government recently punished and attempted to designate as a supply-chain risk for raising a different set of safety concerns.) Anthropic\u2019s absurd level of latent power will persist until competitors catch up, and\/or until its tools \u2014\u00a0or tools like it \u2014 can systematically protect secure software against empowered hackers. Anthropic hasn\u2019t released this model to the public yet, but it won\u2019t be long, and alternative tools adapted for malicious use will follow closely behind.<\/p>\n

So for now, the most obvious way to prepare for security risks created by new models is to use those same to test and patch your own software, ahead of time if possible. Anthropic\u2019s decision to donate \u201c$100M in usage credits\u201d to \u201cdefenders\u201d suggests that they\u2019re aware of how strange their position is and how uneasy it might make everyone else. Given that this next model is also likely to be far more capable at straightforwardly productive coding tasks, Anthropic\u2019s business is set to have a very, very, good year, as it continues to raise alarms about \u2026 well, its own success.<\/p>\n

anthropic: \u201cwe have finished training the ultimate god model exposing zero-day vulnerabilities in all software including linux and ffmpeg and we also made ten billion dollars last month\u201dopenai: \u201cwe have acquired TBPN\u201d\u2014 \u201cpaula\u201d (@paularambles) April 8, 2026<\/p>\n

Anthropic is doing everything it can here to communicate that it didn\u2019t set out to semi-blackmail the entire world\u00a0\u2014 sorry, it just happened! And, in contrast with the massive freak-out about Mythos in the AI and cybersecurity worlds, the company comes across in its release as surprisingly sanguine about long-term implications of automated high-level hacking. While outlining a staggering range of vulnerabilities that the model was able to help uncover in often surprising ways, Anthropic\u2019s own security testers write that most \u201csecurity tooling has historically benefitted defenders more than attackers,\u201d and that they \u201cbelieve the same will hold true here too\u2014eventually,\u201d admitting that the interim period \u201cmay be tumultuous regardless.\u201d<\/p>\n

This is an interesting posture coming from a safety-focused lab that spends a lot of time talking about severe AI risks. Now that one of them is materializing, it\u2019s signaling both a need for urgency and a general sense that things could, through cooperation and planning and market mechanisms, eventually work out, and that widely distributed new capabilities will result in a new \u201cequilibrium\u201d \u2014\u00a0a word you don\u2019t hear so often from labs that tend to talk in accelerative terms about runaway capabilities. Hackers have new tools, but so do the people building software, who will be able to use them to root out problems and identify lingering security problems, ultimately resulting in a situation not unlike where we are now (which, admittedly, most cybersecurity professionals will tell you has been dire, but not quite apocalyptic, for as long as they can remember).<\/p>\n

This is at least spiritually similar to a recent rhetorical pivot among some tech elites away from projections of imminent and rapid labor replacement and toward a more familiar story of \u201cjust capitalism, but with greater productivity,\u201d which doesn\u2019t so much dispute those claims as dismiss them as short-term distractions:\u00a0<\/p>\n

The “AI job loss” narratives are all fake. AI = massive ramp in productivity = massive ramp in demand = massive jobs boom. Watch. https:\/\/t.co\/TXR2KtaICm\u2014 Marc Andreessen \ud83c\uddfa\ud83c\uddf8 (@pmarca) April 5, 2026<\/p>\n

How the next year in cybersecurity unfolds could provide some valuable data about the bigger picture here. On one hand, earlier AI capabilities \u2014 generating plausible speech for a variety of contexts, realistic images, videos, etc. \u2014\u00a0have quickly disrupted, broken, or destabilized systems and markets where they\u2019ve been deployed, sending a shock through education, for example, and oversupplying social networks with slop and other inauthentic material. They\u2019ve mattered. On the other, they\u2019ve made it a bit easier to think, at least, about how those systems might need to change, or their participants might need to adapt, in order to function going forward. One important question is how \u201ctumultuous\u201d each system\u2019s interim period will be, and whether, in the process of achieving a new equilibrium or status quo, it will end up leaving some participants behind. Another is how long it will last, or if it will ever actually end.<\/p>\n

As far as systems go \u2014\u00a0and I use that word loosely here \u2014\u00a0the cybersecurity status quo seems unusually vulnerable to near-term \u201ctumult,\u201d as countless poorly maintained software deployments quickly become accessible targets to a growing pool of less-skilled hackers. Maybe, as Anthropic suggests, thousands of different actors will snap into action, coordinate, and collectively level-up software security to new heights with new tools and everyone will get on with their lives. That would be a nice story to tell about AI. Or maybe a group of hackers with a jailbroken model will soon be able to hold entire countries hostage from a laptop. Guess we\u2019ll find out!<\/p>\n

Sign Up for John Herrman column alerts
\n Get an email alert as soon as a new article publishes.<\/p>\n

Vox Media, LLC Terms and Privacy Notice
\n By submitting your email, you agree to our Terms and Privacy Notice and to receive email correspondence from us.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Is Anthropic\u2019s New Claude Model a Cybersecurity Disaster? https:\/\/nymag.com\/intelligencer\/article\/anthropic-claude-mythos-preview-cybersecurity.html Publish Date: 2026-04-08 15:42:00 Source Domain:…<\/p>\n","protected":false},"author":1,"featured_media":203394,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/pyxis.nymag.com\/v1\/imgs\/560\/9eb\/956e609709b1e2278503b3a539a0696f18-herman-AI-programming.1x.rsocial.w1200.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,33,24,31],"class_list":["post-203393","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-computer-security","tag-cybersecurity","tag-exploit"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/203393"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=203393"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/203393\/revisions"}],"predecessor-version":[{"id":203395,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/203393\/revisions\/203395"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/203394"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=203393"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=203393"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=203393"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}