Mythos and the AI Cybersecurity Debate: Anthropic’s Hacking Model and the Glasswing Access

The Guardian Science Weekly episode examines Anthropic’s Mythos, a model described as highly capable at discovering and exploiting zero‑day vulnerabilities, and the implications for security, policy, and industry we live with today. The discussion covers why Mythos was not released widely, the Glasswing access program that grants select firms a testbed, and how experts view the true transformative potential of these capabilities. The hosts argue for thoughtful regulation and evidence‑based debate rather than doomsday rhetoric or marketing hype.

• Mythos capabilities and limits: zero‑day vulnerability discovery and potential autonomous exploits across major OS and browsers
• Project Glasswing: access for Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, and banks, with no public papers released
• Expert assessment: capabilities echo frontier research but lack full methodological transparency
• Regulation vs hype: call for intelligent, nuanced AI governance beyond fear‑mongering

Overview and Mythos claims

The podcast opens with a look at Anthropic’s Mythos, a model described by the company as capable of locating zero‑day vulnerabilities and chaining them to perform complex hacks, potentially autonomously. Mythos is said to be able to identify bugs in operating systems and browsers and to execute cyber kill chain steps, including ATT&CK phases. The discussion emphasizes how this has sparked a mix of alarm and curiosity in policymakers and industry alike, with some officials reportedly taking notice of the risks.

“Mythos found thousands of high severity vulnerabilities in every major operating system and web browser” - Ian Sample

Project Glasswing and access

Anthropic has limited Mythos access through what it calls Project Glasswing, granting a handful of large firms and security researchers hands‑on experience. The list includes major tech companies and financial institutions, with a plan to give access to the British banking sector. The company has not published technical papers detailing its methods, leaving independent security researchers and analysts without a public blueprint to verify the results.

“They've created what they've called a project Glasswing and given access to a few big companies” - Ian Sample

Expert assessment and limitations

Experts acknowledge a meaningful shift in capabilities but caution against sensational framing. Prior studies show other models can reproduce similar exploits, and some researchers demonstrated eight successful exploits across different models in controlled testing. The conversation highlights gaps in Anthropic’s public communications, such as whether reported exploits were found cheaply or after extensive prompting, and how false positives were managed.

“I would most want to see is an intelligent debate” - Aisha Down

Regulation, governance, and marketing

The discussion turns to regulation and the risk of marketing narratives that position AI as an existential threat or a market-based cure‑all. The speakers call for a balanced, evidence‑driven dialogue about responsibilities, risk management, and the specifics of who is responsible for AI‑enabled cybersecurity outcomes. The White House meeting and MI5 involvement are noted as signals that policy attention is mounting, but there is skepticism about whether these interactions translate into practical, nuanced policy.

“This is a Manhattan Project level narrative on doomsday AI, a narrative that could drive regulation in ways that may not reflect the actual mechanics” - Ian Sample

Conclusion

The episode closes by arguing that while Mythos and Glasswing warrant serious scrutiny, it is essential to avoid doomsday rhetoric and to pursue effective regulation grounded in specific risk models, accountability, and practical governance.

“Hacking is basically destroying other people's infrastructure” - Aisha Down