Anthropic’s latest AI model could let hackers carry out attacks faster than ever. It wants companies to put up defenses first

By Sean Lyngaas, CNN

(CNN) — Anthropic will make the code of its new AI model available to some of the world’s biggest cybersecurity and software firms in an effort to slow the arms race ignited by AI in the hands of hackers, Anthropic said Tuesday.

Amazon, Apple, Cisco, Google, JPMorgan Chase and Microsoft, among other firms, will now have access to Anthropic’s Mythos model for cyber defense purposes. That includes finding bugs in those firms’ software and testing whether specific hacking techniques work on their products.

Mythos (officially dubbed “Claude Mythos Preview”) is not ready for a public launch because of the ways it could be abused by cybercriminals and spies, according to Anthropic — a prospect that has prompted widespread concern in Washington and in Silicon Valley.

Experts have told CNN that the speed and scale of AI agents looking for vulnerabilities, far beyond normal human capabilities, represent a sea change in cybersecurity. A single AI agent could scan for vulnerabilities and potentially take advantage of them faster and more persistently than hundreds of human hackers.

“We did not feel comfortable releasing this generally,” Logan Graham, who heads the team at Anthropic its AI models’ defenses, told CNN. “We think that there’s a long way to go to have the appropriate safeguards.”

Anthropic has also briefed senior US officials “across the US government” on Mythos’ full offensive and defensive cyber capabilities, an Anthropic official told CNN. The firm has also “made itself available to support the government’s own testing and evaluation of the technology,” the official said.

Anthropic executives hope the selected release of Mythos to companies that serve billions of users will help even the playing field with attackers. The goal is to head off major security flaws in widely used internet browsers and operating systems before they are released publicly.

Other firms or organizations that Anthropic said will have access to Mythos include chipmakers Broadcom and Nvidia, the nonprofit Linux Foundation, which supports the popular Linux operating system that powers many phones and supercomputers, and cybersecurity vendors CrowdStrike and Palo Alto Networks.

“If models are going to be this good — and probably much better than this — at all cybersecurity tasks, we need to prepare pretty fast,” Graham told CNN. “The world is very different now if these model capabilities are going to be in our lives.”

A blog post previewing Mythos’s capabilities, which leaked last month claimed that the AI model was “far ahead” of other models’ cyber capabilities. Mythos “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders,” said the blog post, which Fortune first reported.

Some of the concerns around how Mythos’ could be abused by bad actors were overblown, experts previously told CNN. But the leak also pointed to an uncomfortable truth, those sources said: Barring a change in course, the gap between attackers and defenders enabled by AI could widen further.

Anthropic claims Mythos has already produced impactful results. The model has in recent weeks found “thousands” of previously unknown software vulnerabilities — a rate far outpacing human researchers, the firm said. CNN could not immediately verify this figure.

Such software flaws can be painstaking for human researchers to find and are coveted by spy agencies and cybercriminals for conducting stealthy hacks.

But cybersecurity experts have been using AI to protect against exploits long before Mythos arrived. Gadi Evron and other security researchers in December released a tool based on Anthropic’s Claude model to generate fixes for severe software vulnerabilities.

“Unlike attackers, defenders don’t yet have AI capabilities accelerating them to the same degree,” Evron, the founder of AI security firm Knostic, told CNN. “However, the attack capabilities are available to attackers and defenders both, and defenders must use them if they’re to keep up.”

The-CNN-Wire
™ & © 2026 Cable News Network, Inc., a Warner Bros. Discovery Company. All rights reserved.