The new AI model from OpenAI rival Anthropic has found, among other things, a 27-year-old security hole in a widely used operating system. Now other companies also want to benefit from it.
Apr 08, 2026, 05:29Apr 08, 2026, 05:29
The new AI model is so good at finding previously undetected software vulnerabilities that it could become a devastating cyber weapon in the wrong hands. That’s why Anthropic doesn’t make it public, but rather lets companies like Apple, Amazon and Microsoft use it to plug security gaps in their programs.
A new Claude model amazes with its software capabilities.Image: www.imago-images.de
The Claude Mythos Preview AI model found, among other things, a 27-year-old vulnerability in the OpenBSD operating system, which is considered particularly secure, as Anthropic announced. Overall, Mythos has already discovered “thousands” of serious vulnerabilities – including in every widely used operating system and web browser. The model discovered a gap that had been lying dormant for 16 years in the FFmpeg video software.
Worrying skills
Mythos Preview was also able to develop programs to exploit these vulnerabilities within a few hours – which experts say would have taken several weeks.
An early version of the software was given the task of breaking out of a shielded computer environment and reporting this to the tester in an attempt. According to Anthropic, the software bypassed security measures, gave itself more extensive Internet access and sent the employee a surprising email while he was sitting in the park with a sandwich.
Myth not publicly available
The company did not specifically train the model to be able to do all of this, it said. With the rapid progress in artificial intelligence, it can be assumed that such capabilities could soon also be available to online attackers, Anthropic warned.
In a cooperation called “Project Glasswing”, companies should have access to Mythos in order to find security gaps in their software. Anthropic does not plan to make Mythos generally available. Other cooperation partners include the Linux Foundation, the IT security companies Crowdstrike and Palo Alto Networks, and the network specialist Cisco.
Anthropic is best known for AI software Claude, which competes with OpenAI’s ChatGPT. The company recently hit the headlines due to a dispute with the Pentagon: Anthropic rejected the use of its AI in autonomous weapons or for mass surveillance in the USA. The Defense Department then declared Anthropic a supply chain risk, which would largely block the company’s ability to do business with the US government. Anthropic is taking action against this in court. (sda/dpa)