Anthropic's new cybersecurity model leaked to unauthorized users before the company could lock it down, and now we're watching AI lab executives argue about whether the threat is real or theater.
The Summary
- Unauthorized users accessed Anthropic's Mythos model, which the company claims can enable dangerous cyberattacks, before intended release controls were in place
- Mozilla used Mythos to find 151 bugs in Firefox in days, demonstrating real offensive capability in security testing
- Sam Altman dismissed the model as "fear-based marketing", escalating the public rivalry between OpenAI and Anthropic
- The leak reveals how AI labs struggle to control access to models they themselves label as dangerous, raising questions about whether safety frameworks can scale
The Signal
The leak happened fast. A small group gained unauthorized access to Mythos before Anthropic's access controls were fully implemented. The company hasn't disclosed how many users, how they got in, or whether the access has been revoked. What we know: Anthropic classified this model internally as high-risk for cybersecurity applications, meaning it crossed internal red lines for offensive capability. Then it leaked.
This isn't theoretical risk. Mozilla's Firefox team deployed Mythos and found 151 bugs in their browser within days, work that would normally take security researchers weeks or months. The model didn't just find low-hanging fruit. It identified vulnerabilities across the codebase systematically, acting more like an autonomous penetration tester than a code review tool.
"Software developers are likely in for a rocky transition."
Here's the market signal beneath the technical drama:
- AI models can now do offensive security work at scale
- Even models designed for "defensive" use become dual-use the moment they ship
- Access control failures are happening at the model level, not just the application level
Altman's response was blunt: fear-based marketing. He's arguing Anthropic is overstating Mythos's capability to differentiate in a crowded market. That's strategic, but it also misses the point. Whether Mythos is 10x better than GPT-4 at finding bugs or just 2x better doesn't matter if unauthorized users can access it before the company putting its name on the model has controls in place. The leak is the story.
Mozilla's warning is more grounded. Their security team doesn't think this upends cybersecurity long-term. Defenders will adapt. Tooling will catch up. But the transition period, where attackers have AI-assisted exploit discovery and most defenders don't, creates asymmetric risk. That window is opening now.
The Implication
If you're building software, assume AI-powered vulnerability discovery is already in the wild, not coming soon. Mythos might get locked down, but the capability it represents won't. Every AI lab is racing toward models that can read code, reason about security contexts, and automate exploitation. The leak just moved the timeline up.
For AI companies, this is the access control problem you can't patch your way out of. You can red-team models before release. You can rate-limit APIs. But if a model leaks pre-launch or users find jailbreaks post-launch, your safety framework is a press release, not a defense. Anthropic will fix this specific leak. The underlying problem, building models too capable to safely distribute but too valuable not to, remains unsolved.