Global banks, tech giants and governments struggled last month to contain the risks posed by Mythos. The Anthropic model is considered so powerful that it has found thousands of previously unknown vulnerabilities in the world’s software infrastructure.
There’s just one problem: the skill they’re worried about already exists.
Cybersecurity experts and artificial intelligence researchers told CNBC that the software vulnerabilities Mythos uncovered can be found using existing models, including those from Anthropic and OpenAI.
“What we’re now seeing across the industry is that people are able to reproduce the vulnerabilities found with Mythos by cleverly orchestrating public models to achieve very, very similar results,” said Ben Harris, CEO of cybersecurity company watchTowr.
Myth has rattled executives and policymakers alike, fearing that a dangerous new era of AI-powered cybercrime may be at hand. Anthropic limited its release to a few American companies including Apple, Amazon, JPMorgan Chase And Palo Alto Networks to reduce the risk of bad actors accessing it.
Despite this precaution, the publication has prompted the Trump administration to consider new federal oversight of future models.
It’s the latest in a series of high-profile launches from Anthropic that have intensified rivalry with OpenAI as the two AI giants near their highly anticipated initial public offerings. Weeks after Mythos’ launch, OpenAI CEO Sam Altman announced GPT-5.5-Cyber, a model tailored specifically for cybersecurity.
OpenAI granted limited access to GPT 5.5 cyber to vetted cybersecurity teams on Thursday.
The controlled rollout of Mythos, part of a security effort called Project Glasswing, was intended to give the corporate world time to arm its cyber defenses against an impending onslaught of attacks from criminal groups and enemy nations.
“The danger is just a huge increase in vulnerabilities, the number of breaches and the financial damage caused by ransomware to schools, hospitals and not to mention banks,” Anthropic CEO Dario Amodei said at an Anthropic event this week.
“Scary enough”
But for those fighting in the trenches of cyberwarfare, one of the key capabilities Anthropic touts — finding software vulnerabilities at scale — has been around since last year.
“The models we have currently are powerful enough to detect zero-days at scale, and that’s scary enough,” Klaudia Kloc, CEO of cybersecurity firm Vidoc, told CNBC.
This has been the case for “a few months, if not a year,” she said.
The term “zero day” refers to a previously unknown software flaw that has not been fixed, giving attackers a window of opportunity to exploit it before defenders can respond.
Vidoc researchers relied on a technique called “orchestration” to test whether they could find the same vulnerabilities as Mythos. As the name suggests, the process involves creating workflows that break the code into smaller parts and coordinate between different tools or models to cross-check the results.
“We ran older models with the same code base to see if we could discover the same vulnerabilities,” Kloc said. “That’s what we did, both with OpenAI and with Anthropic’s older models.”
Another cybersecurity company, Aisle, found that many of Mythos’ key findings could be replicated with cheaper, parallel models – suggesting that scale and coordination were more important than the latest model.
“A thousand skilled detectives looking everywhere will find more errors than a brilliant detective guessing where to look,” Aisle founder Stanislav Fort wrote in a blog post.
In comments to CNBC, Anthropic did not dispute that previous models were capable of finding software vulnerabilities.
In fact, a company spokesperson said, Anthropic has been warning for months that AI cyber capabilities are rapidly advancing. They pointed to a February blog post that showed that Claude Opus 4.6, a widely available model, had found more than 500 “high severity” vulnerabilities in open source software.
At the Anthropic event this week, Amodei reiterated that point, saying that while the level of software vulnerabilities Mythos found has increased compared to previous models, the trend is not new.
“The risks are very real. That’s why we took the measures we did,” Amodei said. “But in some ways they’re not that surprising. … We’ve been seeing warnings about them for some time.”
Hysteria and panic
What sets Mythos apart is its ability to take the next step and develop working exploits with little or no human input, effectively automating a process that previously required skilled researchers, the Anthropic spokesman said.
But hackers working for criminal groups and enemy nations already have these skills, cyber researchers say. Hackers in North Korea, China and Russia “know how to do this, with or without Anthropic,” Kloc said.
The threat of AI-powered hacking has companies and government regulators worried about their ability to protect critical systems from a new wave of ransomware and other types of attacks, Harris said.
He described the discussions with banks, insurance companies and supervisory authorities in recent weeks as “hysteria”.
Even before the advent of generative AI, companies faced the problem of skilled hackers exploiting newly discovered vulnerabilities within hours, while patching the code often takes days or weeks. Some patches require important systems to be taken offline, making things even more complicated.
“The industry is panicking about the number of vulnerabilities it is currently facing,” Harris said. “But even before Mythos is generally available, it couldn’t fix vulnerabilities quickly enough.”
Previously, only a small group of experts worldwide had the ability and time to find and exploit unknown software vulnerabilities, according to Harris. By using currently available AI models, the barriers to entry for cyber mayhem have been lowered.
That means banks and other targets will see more attacks and that software systems that haven’t previously drawn much interest from cybercriminals will now face threats, Harris said.
Advantage: Attack
While Anthropic, OpenAI and others are working to develop cyber defense capabilities that match the problems they have identified, the initial advantage will be in offense, not defense, researchers say.
JPMorgan’s Jamie Dimon hinted at this when he said last month that while AI tools could ultimately help companies defend against cyberattacks, they initially make them more vulnerable.
“The amount of vulnerabilities discovered has increased significantly, but it appears they haven’t deployed a tool to help them fix them,” said Justin Herring, a partner at law firm Mayer Brown and a former deputy superintendent of cybersecurity at the New York Financial Regulatory Commission.
“Vulnerability management is the great Sisyphean task of cybersecurity,” said Herring.
The limited group that was part of the initial Mythos release had a head start on patching vulnerabilities, but there is a downside. AI researchers have not been given access to Mythos to independently verify Anthropic’s claims or begin building defenses against them.
Some say it has prevented the broader cyber community from becoming part of the solution.
It has created “tiers of haves and have-nots” that could slow the pace of cybersecurity innovation, said Pavel Gurvich, CEO of cybersecurity startup Tenzai, which uses Anthropic’s models.
Many cybersecurity startups are working on solutions that can help companies in this new era of AI, he said.
“They’re trying to figure out the best way to fix the world before it’s available to the world,” said Ben Seri, co-founder of cybersecurity startup Zafran Security. “It’s kind of a chicken-and-egg situation, and you’re going to break a few eggs. That’s inevitable.”
Choose CNBC as your preferred source on Google and never miss a moment from the most trusted name in business news.