InvestMarketplaceEquityNews
Anthropic investigating report of 'unauthorized access' of powerful Mythos model
Company Updates

Anthropic investigating report of 'unauthorized access' of powerful Mythos model

Yahoo! Finance1d ago

Anthropic (ANTH.PVT) is investigating a report that unauthorized individuals have gained access to its powerful Claude Mythos Preview AI model, the company said Wednesday.

The move comes after Bloomberg reported that a small group of users had accessed Mythos through various methods, including one person's access to Anthropic via a third-party vendor they worked for.

Anthropic announced its Mythos Preview model on April 7, describing it as an unreleased general-purpose frontier AI that the company found especially good at identifying software vulnerabilities. It then used those vulnerabilities to develop exploits to break into programs.

In some cases, Anthropic claimed that Mythos Preview found vulnerabilities that had gone undetected for decades. The company said the model could also find holes in every major operating system and web browser.

The company said it was so concerned about Mythos Preview's ability to crack into software that it was releasing it only to a handful of companies via its Project Glasswing initiative, which will give developers time to use the model to find vulnerabilities in their products before similar AI models inevitably hit the market.

If Mythos Preview fell into the hands of outsiders and Anthropic's statements about its capabilities are correct, it could pose a serious threat to companies around the world.

Developers are only human, and when they write code, they occasionally make mistakes. Despite their best efforts and strenuous testing, those errors can go overlooked and eventually ship with software released to the public.

Hackers spend their time scouring programs and applications for bugs in the hopes of using them to break into a piece of software.

But AI moves far faster than humans, enabling hackers to search for vulnerabilities at speeds unheard of just a few years ago.

The problem for cybersecurity defenders, in particular, is so-called zero-day exploits. These are vulnerabilities that hackers find and exploit, and for which there are no known fixes.

Developers have to create patches for those vulnerabilities to kill the exploit that gave the attackers access to the software that's been hacked. Even more unsettling is the fact that cybersecurity defenders are only made aware of zero-day exploits when researchers locate them and inform them of the issues, or when they discover hackers have been using them.

And unfortunately, hackers can go undetected, siphoning information from a company or stealing data from users before they're found.

Email Daniel Howley at [email protected]. Follow him on X at @DanielHowley.

Originally published by Yahoo! Finance

Read original source →
Anthropic