Anthropic rolled out Mythos Preview in April, positioning the model as a glimpse of the next wave of AI that can generate code, discover vulnerabilities and craft exploits with a level of creativity previously unseen in machine‑learning systems. "We need to prepare now for a world where these capabilities are broadly available in 6, 12, 24 months," said Logan Graham, Anthropic’s frontier red‑team lead, during the model’s launch.
The announcement sent ripples through the cybersecurity community. Tarah Wheeler, chief security officer at the consulting firm TPO Group, warned that Anthropic is not alone in the race. "It’s myopic in the extreme to think that no other competitors to Anthropic will develop similar capabilities to Mythos or even that they have not already done so," she told WIRED. She added that other firms are likely keeping comparable technology in reserve, watching how regulators respond.
OpenAI, a direct rival, entered the fray a few weeks earlier with a private release of a model tailored for cybersecurity tasks. The company also announced an expanded strategy aimed at integrating AI into its defensive offerings. Together, the two releases signal a broader industry trend: AI tools that once assisted developers are now being repurposed to hunt for software flaws and automate exploit development.
Researchers highlighted that even today’s less advanced models can be coaxed into sophisticated vulnerability‑hunting with refined prompting techniques. A coalition of cybersecurity leaders voiced this concern in an open letter to the administration on Sunday, calling the White House’s recent export‑control directive misguided. They argued that the policy, which seeks to limit the dissemination of advanced AI models, could inadvertently slow the development of defensive technologies while failing to stop malicious actors.
Policy debate intensifies
Bruce Schneier, a researcher affiliated with Harvard University and the University of Toronto, framed the issue as a systemic shift rather than a single‑model problem. "Smaller, cheaper, open‑source models, sometimes by themselves and sometimes in concert with each other, can match Mythos/Fable’s performance with more sophisticated prompting," he noted. Schneier expects open‑source alternatives to reach comparable levels of creativity and tenacity within months, a timeline that could compress the window for effective regulation.
Chris Wysopal, co‑founder of cloud‑security firm Veracode, echoed the sentiment that policy must focus on outcomes, not on abstract risk. "The policy question is not whether a technology has risk," he said. "The question is whether a specific restriction meaningfully reduces that risk or whether it mainly slows down the people trying to make systems safer."
The dialogue underscores a paradox: as AI accelerates defensive capabilities, it simultaneously lowers the barrier for attackers. Industry insiders stress the need for transparent, democratic planning that balances innovation with security. Without coordinated action, the next generation of AI could empower threat actors as quickly as it equips defenders.
Anthropic, OpenAI and other AI developers have not yet detailed concrete steps to mitigate misuse, leaving governments and private security firms to fill the gap. The coming months will likely see heightened scrutiny of AI export controls, more collaborative threat‑intel sharing, and perhaps new standards for responsible AI deployment in the cyber realm.
Este artigo foi escrito com a assistência de IA.
News Factory APP - notícias agênticas para impulsionar seu SEO e AEO.