惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
Vulnerabilities – Threatpost
T
The Blog of Author Tim Ferriss
S
SegmentFault 最新的问题
D
DataBreaches.Net
博客园_首页
罗磊的独立博客
B
Blog
T
Threat Research - Cisco Blogs
C
Cisco Blogs
GbyAI
GbyAI
Engineering at Meta
Engineering at Meta
WordPress大学
WordPress大学
G
GRAHAM CLULEY
H
Help Net Security
酷 壳 – CoolShell
酷 壳 – CoolShell
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
爱范儿
爱范儿
SecWiki News
SecWiki News
T
Threatpost
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Schneier on Security
Schneier on Security
T
The Exploit Database - CXSecurity.com
Google Online Security Blog
Google Online Security Blog
T
Tor Project blog
小众软件
小众软件
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Y
Y Combinator Blog
H
Hacker News: Front Page
V
V2EX
Security Latest
Security Latest
Cloudbric
Cloudbric
Simon Willison's Weblog
Simon Willison's Weblog
Attack and Defense Labs
Attack and Defense Labs
D
Darknet – Hacking Tools, Hacker News & Cyber Security
P
Proofpoint News Feed
博客园 - 三生石上(FineUI控件)
NISL@THU
NISL@THU
S
Secure Thoughts
Blog — PlanetScale
Blog — PlanetScale
博客园 - 司徒正美
V2EX - 技术
V2EX - 技术
Vercel News
Vercel News
P
Palo Alto Networks Blog
IT之家
IT之家
MyScale Blog
MyScale Blog
有赞技术团队
有赞技术团队
Application and Cybersecurity Blog
Application and Cybersecurity Blog
D
Docker
Google DeepMind News
Google DeepMind News
Webroot Blog
Webroot Blog

Forbes - Innovation

Why Do Humans Have Fingerprints? Hint: It’s Not What You Think Booking.com Confirms Data Breach, Reservation PIN Codes Changed Why Major News Sites Are Blocking The Internet Archive’s Wayback Machine iPhone Fold Release Date: New Report Details Frustrating Apple News Comet Tracker: How To See Pan-STARRS And Three Planets On Wednesday NYT Mini Crossword Today: Tuesday, April 14 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Tuesday, April 14 (It’s A Little Unclear) Today’s Wordle #1760 Hints And Answer For Tuesday, April 14 Most Of The Microplastics In Urban Air Come From Tires Today’s Wordle #1759 Hints And Answer For Monday, April 13 NYT Mini Crossword Today: Monday, April 13 Hints And Answers NYT Pips Today: Hints, Answers And Walkthrough For Monday, April 13 The YC Chief Who Codes 10,000 Lines A Day Has A Simple Secret Samsung Expands One UI 8.5 Beta To More Galaxy Owners Why You Should Stop Using Your iPhone If It’s On This List Chamath Says Firms That Treat AI As A Strategy Hand Rivals Their Edge 3 Unexpected Habits Of Secure Couples, By A Psychologist The First Lamp That Folds Your Clothes Samsung’s Disappointing Price Update For Galaxy Phone Buyers 3 Subtle Signs Someone Is Falling In Love With You, By A Psychologist Do Mantis Shrimp See More Colors Than Humans? A Biologist Explains NYT Connections Answers Explained For Monday, April 13 (#1,037) NYT Connections Hints Today: Monday, April 13 Clues And Answers (#1,037) LEGO Luigi & Mach 8 (72050) Review: 2026’s Best Set Yet? Marc Andreessen Says AI Productivity Will Trigger A Hiring Boom 3D Printing Is The Ultimate Hack To Reduce Household Spending Apple iPhone Fold: Striking Design Revealed In Leaked Photos Apple Smart Glasses: New Leak Reveals A Major Design Twist To Beat Meta Tested: The AI Coming To The Rivian R2 Quordle Hints Today: Monday, April 13 Clues And Answers Companies And H-1B Employees Endure Immigration Waits At Consulates 3 Easy Ways To Turn Anxiety Into Sustained Focus, By A Psychologist Here’s The Most Affordable Humanoid Robot You Can Buy Now UFC 327 Results: 5 Biggest Takeaways From A Wild Night In Miami UFC 327 Results, Bonus Winners, Highlights And Reactions Dana White Announces Huge New Fight For UFC White House Today’s NYT Strands Hints, Spangram, Answers: Sunday, April 12 (Get Ready) Tesla ‘Model 2’ Rises From The Ashes Today’s Wordle #1758 Hints And Answer For Sunday, April 12 NYT Pips Today: Hints, Answers And Walkthrough For Sunday, April 12 Tyson Fury Vs. Arslanbek Mahkmudov Results: Highlights and Reaction NYT Mini Crossword Today: Sunday, April 12 Hints And Answers How Shadow AI Culture Is Destroying Your Business Venture Capital Funds That Market Like Startups Win More Deals Conor Benn Vs. Regis Prograis Results: Highlights and Reaction Samsung’s Disappointing Price Update For Galaxy Phone Buyers Artemis Reached The Moon. The Grid Can Reach The 21st Century A Biologist Explains How Archerfish Shoot Down Prey. Hint: Their Aim Rivals Human Throwing Is It Time For Apple To Forget About The MacBook Air NYT Connections Hints Today: Sunday, April 12 Clues And Answers (#1036) Trump’s 2027 Budget To Reshape U.S. Environmental And Energy Policy CDC Delays Reporting Of COVID-19 Vaccine Benefits—Here’s What To Know Oura Has Designed A Solution To A Big Smart Ring Problem Netflix’s Best New Show Has A Near-Perfect 95% Rotten Tomatoes Score Coachella 2026 Is Being Taken Over By Creator Streams Quordle Hints Today: Sunday, April 12 Clues And Answers This Startup Wants To Use AI To Help Digitize History How To Get The Best Shield In ‘Crimson Desert’ Microsoft Venom Attack Targets C-Suite Executives ‘Maul: Shadow Lord’ Sets Even More Star Wars Rotten Tomatoes Records 3 Ways Happy Couples Argue Differently, By A Psychologist Success For Leapmotor Might Have Negatives For Stellantis New Names Surface As Potential Rogue And Wonder Woman In The MCU And DCU 4 Reasons Artemis Mission Matters Even If You Think It Is Wasteful Fast ‘Crimson Desert’ Patch Adds New Moves, Shield Hiding And One Great Feature Why Do Humans Blush? An Evolutionary Biologist Explains The Signal We Can’t Control Apple iPhone Fold: Striking Design Revealed In Leaked Photos Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update iOS 26.4.1 Release: Crucial iPhone Feature Update Arrives, But No Security Fix Fury vs. Makhmudov Full Card, Ring Walk Times and How to Watch Can’t Stand Liquid Glass? This New Hidden iPhone Setting Is A Game-Changer Test-Driving The 2026 Changan Deepal S05: Italian Style Made In China NSA Warning—Reboot Your Internet Router Now Ways That Human-AI Collaboration Slides People Into ‘AI Brain Fry’ And Cognitive Downturns Stop Using These Networks—Google, NSA And TSA Warn NASA Changes Moon Plan: Landing Now Depends On SpaceX Or Blue Origin Samsung Expands One UI 8.5 Beta To More Galaxy Owners The Evolution Of Programmable Hardware At Xilinx NYT Mini Today: Saturday, April 11 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Saturday, April 11 (You’re Putting Me On) Splashdown! NASA’s Artemis II Returns To Earth After Moon Mission Attention Is All You Need. The Human Kind Is Still The One That Counts Today’s Wordle #1757 Hints And Answer For Saturday, April 11 NYT Pips Today: Hints, Answers And Walkthrough For Saturday, April 11 Android Circuit: Galaxy S27 Pro Emerges, Honor 600 Pre-Order Offers, Pixel 11 Display Leaks Apple Loop: iPhone 18 Pro Leak, Urgent iOS Update, MacBook Neo Issues Morgan Stanley Has Mostly Positive Outlook On Tesla Robotaxi, FSD V15 Running Out Of AI Tokens Faster Than Ever? Here’s Why CoreWeave Shares Pop 13% After Anthropic Deal ‘Euphoria’ Season 3’s Rotten Tomatoes Score Crashes, Has Lost Key Player People Don’t Agree On What AI Can Do, But They Don’t Even Use The Same Product ‘Overwhelming’—Google Issues Gemini Update For Gmail Users NYT Connections Hints Today: Saturday, April 11 Clues And Answers (#1035) Quordle Hints Today: Saturday, April 11 Clues And Answers The Costly Dream Of Space-Based AI Infrastructure Can You See The Watcher In This ‘Daredevil: Born Again’ Shot? Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update You Just Watched The Backdoor Pilot For ‘The Pitt: Night Shift’ Are Nicotine Pouches Like Zyn And VELO Safe To Use? A Doctor Answers Human Resources (HR) Is The Key To AI Success Per WalkMe ( SAP)
Alleged Claude Mythos Breach Raises Questions About AI Security
Tim Keary, C · 2026-04-23 · via Forbes - Innovation
Claude Mythos hacking Illustration

Hacker Claude Mythos (Photo by Jakub Porzycki/NurPhoto via Getty Images)

NurPhoto via Getty Images

An unauthorized group of users gained access to Anthropic’s Claude Mythos model on the same day it was announced, according to a Bloomberg report released Tuesday. The users are said to be part of an online Discord group that searches for information about unreleased AI models.

The report says that one of the users had privileged access as a worker at a third-party contractor to Anthropic.

I requested comment from Anthropic on the incident, and a spokesperson responded via email that “we’re investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments.” The company also noted there was no evidence at this time that the reported activity extended beyond the third-party vendor environment or that Anthropic systems are affected.

In any case, this alleged incident highlights the risk of frontier AI models being targeted by unauthorized actors. While Bloomberg notes the users don’t appear to have been malicious, if powerful models like Mythos were to fall into the hands of a cyber gang or nation-state, there could be serious security complications for enterprises.

Frontier AI Companies Need Frontier Security

The news comes just two weeks after Anthropic announced Claude Mythos Preview and Project Glasswing, a program that offered access to select organizations involved in building or maintaining critical software. Greenwing made a big deal of controlling access to this powerful new model, and the idea that a group of users could sidestep these controls and access the model anyway would raise serious questions about Anthropic’s security controls.

It’s worth noting that news of Mythos first went public in a data leak, when descriptions of the model were stored in a publicly accessible data cache. The company also accidentally released part of the source code for its AI-powered assistant, Claude Code, due to “human error.”

MORE FOR YOU

Taken together, these incidents suggest that organizations can’t rely on frontier AI companies to restrict access to their most powerful models. Frontier AI companies are just as susceptible to human error and breaches as any other vendor, and given the offensive vulnerability discovery potential of Mythos, organizations need to become much faster at discovering and patching vulnerabilities.

“The Mythos incident is a warning that the biggest risk with advanced AI systems isn’t just model capability, it’s access control around the humans, vendors and systems that surround it. The minute a restricted AI system can be reached through a third-party pathway, you’re no longer dealing with an AI safety issue alone, you’re dealing with a systemic security failure that spans identity, supply chain and infrastructure,” John Paul Cunningham, chief information security officer at identity security vendor Silverfort, told me via email.

“AI won’t need to ‘break in’ if it can inherit access through poorly governed identities, over-trusted integrations or weak vendor controls. But the real risk isn’t just how access is gained; it’s what the system is allowed to do once it has it. These systems need strong guardrails that explicitly define their lane: what they can access, what actions they can take and where those permissions must stop,” Cunningham said.

Cunningham said that powerful AI systems like Mythos must be secured like critical infrastructure, with continuous identity verification and strong runtime enforcement over what they can access and execute, so that access doesn’t automatically translate into unrestricted action.

Enterprises Need To Up Their Game Following Mythos

The drama surrounding Mythos highlights that enterprises can’t count on frontier AI companies to control risk. The moment models like Mythos or even OpenAI’s GPT-5.4 Cyber are announced, defenders need to begin preparing to address the next generation of threats. It’s not just a question of these models being leaked to bad actors, but other providers developing models with similar capabilities that introduce new threats.

“There has been significant attention following reporting that Anthropic is investigating unauthorized access to Mythos, an AI system capable of identifying critical software vulnerabilities. While the investigation focuses on access and controls, the broader security implications are more important — and predictable,” Nicole Carignan, senior vice president of security and AI strategy and field CISO at AI security firm Darktrace, told me via email.

“This highlights the continued weaponization of commercial tooling. Frontier and near‑frontier models are increasingly dual‑use by default. Capabilities designed to improve software quality and security can be repurposed with minimal friction to accelerate vulnerability discovery for malicious ends. This is not a failure of intent; it is an outcome of scale, accessibility and capability diffusion,” Carignan said.

These models will continue to be a target for threat actors who can exploit them to gain initial access to other organizations, Carignan added. Given that many critical vulnerabilities are not yet publicly known, access to models like Mythos can enable threat actors to exploit “unknown” vulnerabilities and enter a company’s internal environment.

From this perspective, security teams must assume that advanced vulnerability discoveries will continue to proliferate, as the window between discovery and exploitation continues to shrink. While it appeared that Project Glasswing might offer a grace period for the security community to come to terms with the risks of next-generation frontier AI models, this alleged breach suggests more immediate action could be required.

Time To Compromise

The most immediate risk is the contraction of time to exploitation. Models like Mythos give threat actors the capability to discover vulnerabilities faster than defenders can patch them, lowering the overall time-to-compromise.

“This isn’t a theoretical future risk. The wave is already forming offshore, and most organizations are still debating whether to build a seawall. AI hasn’t just made attackers faster, it has fundamentally changed the economics of exploitation," Adam Arellano, field chief technology officer of AI DevOps company Harness, valued at $5.5 billion, told me via email.

"What once required a skilled threat actor, weeks of reconnaissance and significant resources can now be automated, scaled and deployed by someone with a capable model and a motivated prompt. Zero-day vulnerabilities that previously had a window of days or weeks before widespread exploitation are now being weaponized in hours. The asymmetry between attack and defense has never been more extreme,” Arellano said.

While the exposure presented by tools like Mythos and GPT-5.4-Cyber is limited, the situation is changing fast. Security leaders can’t afford to rely on frontier AI vendors to contain the risks of these powerful models. Now more than ever, organizations need to develop the ability to identify and remediate vulnerabilities at machine speed.