Claude Mythos is too dangerous for public consumption...

TL;DR

Anthropic's unreleased Claude Mythos model found decades-old zero-day exploits in FFmpeg, OpenBSD, browsers, and Linux, prompting restricted access via Project Glass Wing.

Key Points

• 1.Mythos discovered critical vulnerabilities across major software stacks. It found a 16-year-old FFmpeg bug, a 27-year-old OpenBSD null-pointer crash, browser sandbox escapes in every major browser, and a Linux kernel bit-flip exploit granting full root access.
• 2.Anthropic is restricting Mythos via Project Glass Wing instead of public release. The initiative gives access exclusively to large paying companies and banks, arguing the model is too dangerous for general users but safe in the hands of trillion-dollar corporations.
• 3.The capabilities claims face legitimate skepticism. The OpenBSD exploit required ~1,000 parallel agent runs costing nearly $20,000; the 84% Firefox exploit success rate was tested against a sandboxed SpiderMonkey shell with mitigations disabled, not actual Firefox.
• 4.US government officials are taking Mythos seriously despite the hype cycle. Treasury Secretary Scott Bessant and Fed Chair Jerome Powell held an urgent meeting with bank CEOs to warn of security dangers, though critics compare Anthropic's rollout to familiar AI fear-marketing playbooks.