惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Apple Machine Learning Research
Apple Machine Learning Research
The GitHub Blog
The GitHub Blog
Hugging Face - Blog
Hugging Face - Blog
阮一峰的网络日志
阮一峰的网络日志
爱范儿
爱范儿
量子位
宝玉的分享
宝玉的分享
人人都是产品经理
人人都是产品经理
博客园_首页
博客园 - 【当耐特】
Last Week in AI
Last Week in AI
Martin Fowler
Martin Fowler
Microsoft Azure Blog
Microsoft Azure Blog
美团技术团队
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
aimingoo的专栏
aimingoo的专栏
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
GbyAI
GbyAI
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
腾讯CDC

The Decoder

Cloudflare CEO Prince says builders and sellers are safe but AI is coming for the measurers OpenAI launches a ChatGPT Powerpoint plugin and warns it might accidentally delete your content Deepseek reportedly prioritizes AGI research over quick profits despite billions in funding OpenAI Appshots turn any Mac window into context for Codex OpenAI burned through $1.22 per dollar earned even after stripping out stock-based compensation California governor signs first US executive order to protect workers from AI job loss Trump pulls AI safety order after last-minute calls from Musk, Zuckerberg, and Sacks Google checks websites for llms.txt in new agentic browsing audit OpenAI shifts the boundary of automated reasoning with a "milestone in AI mathematics" that experts are now unpacking US Cyber Command races to deploy AI on top-secret networks Cohere open-sources its strongest model yet Anthropic is about to become the first profitable AI lab OpenAI could file confidential IPO paperwork within days SpaceX IPO filing shows billions in AI losses, a $2 trillion valuation target, and turbine spending that signals more data center conflicts ahead SAP taps Mistral AI to help customers migrate legacy software Deepseek wants to take on Claude Code and OpenAI's Codex with "Deepseek Code" LinkedIn's war on AI slop is not just a policy update—it is an admission that the platform lost control of its feed Google tests the app market version of the SaaSpocalypse Stability AI launches Stable Audio 3.0 with up to six-minute tracks and open weights Google pairs its Genie world model with Street View to create explorable AI worlds based on real places Google's Gemini 3.5 Flash follows Anthropic and OpenAI in making newer AI models significantly pricier Google overhauls its AI subscriptions at I/O 2026 with three tiers starting at $10 a month Sorry for the outages: Bot spam is pushing our servers to the limit Google's I/O announcements: new models, a cloud agent that never sleeps, and a redesigned Gemini app Prominent AI researcher Andrej Karpathy picks Anthropic over former home OpenAI to get back into frontier LLM research Agora-1 turns the N64 classic GoldenEye into a playable AI simulation for four players Mistral AI acquires Viennese physical AI startup Emmi AI Cloudflare says Anthropic's Mythos Preview finds exploit chains that earlier frontier models missed Anthropic adds self-hosted sandboxes and MCP tunnels to Claude Managed Agents Elon Musk appeals $134 billion OpenAI loss, calls verdict a "calendar technicality" Elon Musk loses his $134 billion lawsuit against OpenAI after jury deliberates for just two hours Cursor's Composer 2.5 matches Opus 4.7 and GPT-5.5 benchmarks at a fraction of the cost Pope Leo XIV presents first AI encyclical, Anthropic co-founder invited as guest speaker A Stanford student reflects on his ChatGPT class and a culture of "just a little bit of fraud" MAGA-aligned groups want government oversight of frontier AI models Anthropic to brief global financial regulators on cyber flaws found by Claude Mythos AI startup revenue hits $80 billion, but Anthropic and OpenAI take almost all of it World Action Models give robots the ability to simulate consequences before they move Greg Brockman consolidates OpenAI's product teams to build an "agentic future" Mistral CEO Arthur Mensch warns France against letting Anthropic's Mythos scan military code bases New math benchmark reveals AI models confidently solve problems that have no solution Four AI models ran radio stations for six months and the results ranged from competent to unhinged Oppo open-sources Android AI agent X-OmniClaw that uses your camera, screen, and voice without leaving the phone New benchmark shows Claude Mythos and GPT-5.5 can develop real browser exploits autonomously YouTube opens its deepfake face-swap detection tool to all adult creators New benchmark confirms AI video generators look stunning but still can't reason about the world OpenAI bought a voice cloning startup famous for celebrity imitations For $1.3 million a month, OpenClaw founder Peter Steinberger runs 100 AI agents that code, review PRs, and find bugs AI made a tiny slice of Silicon Valley filthy rich and left the rest wondering why they bother Researchers train AI model that hits near-full performance with just 12.5 percent of its experts Google says GEO and AEO are a myth and traditional SEO is all you need for AI search Google busts the myth that AI search needs its own SEO playbook ChatGPT now wants access to your bank account so it can tell you to stop ordering takeout Anthropic's $900 billion valuation would make it more valuable than OpenAI for the first time x.AI plays catch-up with Grok Build, its first terminal-based coding agent Microsoft pulls Claude Code licenses and pushes developers back toward its own AI tool Arxiv cracks down on unchecked AI-generated content in research papers Anthropic frames AI competition with China as a now-or-never moment for Washington OpenAI makes its AI coding assistant Codex available on iOS and Android Americans would rather live next to a nuclear plant than an AI data center, Gallup poll finds Microsoft pits more than 100 AI agents against each other to find Windows vulnerabilities Ten Chinese firms including ByteDance reportedly get US clearance for AI chips they're not allowed to accept Alibaba's Qwen-Image-2.0 doubles compression and cuts generation steps from 40 to 4 ChatGPT's web traffic share dropped from 78% to 54% in one year as Gemini quietly tripled its reach New Claude Mythos becomes the first AI model to clear all cyberattack simulations from Britain's AI safety agency Microsoft's Edge Copilot can now read all your open tabs at once and write for you on LinkedIn Claude subscriptions get separate budgets for programmatic use, billed at full API prices Tencent plans to ramp up AI spending as China's chip supply allegedly improves Anthropic overtakes OpenAI in B2B adoption for the first time according to Ramp spending data Meta AI gets a private mode where no conversation data is stored on servers Anthropic launches Claude for Small Business to embed AI into the tools you forgot you pay for Luma opens Uni-1.1 image model API at prices and quality matching OpenAI and Google China's AI suppliers can't keep up as critical component shortages hit production AI startup Recursive emerges from stealth with $650 million to build self-improving AI Google is hiring hundreds of engineers to help customers adopt its AI From Prompt to Pointer Engineering: Deepmind tries to reinvent the mouse cursor for the AI era Android gets AI agents that book trips, fill forms, and clean up your texts Anthropic expands legal AI offerings with new Claude Cowork plugins Google says it stopped a mass cyberattack after AI was used to discover a zero-day exploit Alphabet's Isomorphic Labs raises $2.1 billion to scale AI drug discovery toward clinical trials Microsoft ousts its Israel chief following reports that Azure quietly powered military AI targeting in Gaza "Tokenmaxxing" spreads at Amazon as employees game internal AI leaderboards Thinking Machines Lab ships its first model and argues interactivity is what OpenAI gets wrong about voice Sam Altman's personal investments face political scrutiny ahead of OpenAI's planned IPO The EU wants to regulate AI but needs OpenAI and Anthropic to let regulators through the door Baidu's Ernie 5.1 cuts 94 percent of pre-training costs while competing with top models OpenAI's DeployCo subsidiary adopts Palantir's playbook, building a moat from workflows no lab can simulate Lawsuit claims ChatGPT coached FSU shooter on gun operation, timing, and victim thresholds AI turns patches into working exploits in 30 minutes, and the 90-day disclosure window is the casualty Generative AI turns identity theft into an industrial-scale operation Nvidia pumps over 40 billion dollars into AI partners so far in 2026 OpenAI's internal share sale minted roughly 75 multimillionaires who each cashed out the $30 million cap AI agents that hack computers and replicate themselves, and they're getting better fast AI agents can now hack computers and copy themselves, and they're getting better fast Anthropic and OpenAI sit down with religious leaders to seek ethical advice ByteDance plans over $30 billion for AI expansion, bets big on Chinese chips METR says it can barely measure Claude Mythos, Palo Alto Networks warns of autonomous AI attackers GPT-5.5 costs 49 to 92 percent more than its predecessor, depending on the input length Researchers may have found a way to stop AI models from intentionally playing dumb during safety evaluations Fields Medalist says ChatGPT 5.5 Pro delivered "PhD-level" math research in under two hours with zero human help
Anthropic warns Claude Mythos Preview finds bugs faster than developers can patch them
Matthias Bas · 2026-05-23 · via The Decoder

A month after launching Project Glasswing, Anthropic is sharing its first results. The company says its Claude Mythos Preview AI model, working with about 50 partners, has found more than 10,000 high- or critical-severity vulnerabilities in system-critical software.

The model now spots security flaws faster than teams can verify, disclose, and patch them, Anthropic writes in a blog post. The company is holding back specific technical details, since the standard industry deadline for disclosing new vulnerabilities is 90 days and most findings can't be described yet without putting end users at risk.

Partners report a tenfold jump in bug discovery

Anthropic says the Glasswing partners run and build software that's core to the internet and other critical infrastructure. Each has found hundreds of critical vulnerabilities. Several also say their bug-finding rate jumped more than tenfold.

Cloudflare says it flagged 2,000 bugs, 400 of them high or critical severity. Its false positive rate beat human testers. Mozilla found and fixed 271 vulnerabilities in Firefox 150, more than ten times what its predecessor, Claude Opus 4.6, caught in Firefox 148.

Outside reviews back up these numbers. The UK's AI Security Institute says the latest Mythos Preview checkpoint is the first model to fully solve both of its in-house cyber ranges—simulated multi-stage cyberattacks. Independent security platform XBOW calls the model a major step beyond all prior models, citing "unprecedented precision." Anthropic says Mythos Preview also tops the academic benchmarks ExploitBench and ExploitGym, with GPT-5.5 being close in most of these benchmarks and already openly available.

The impact is also showing up in patch volumes, according to Anthropic: Palo Alto Networks shipped five times as many patches as usual in its latest release. Microsoft said the number of new patches will "continue trending larger for some time."  Oracle claims it's finding and fixing flaws several times faster than before.

Mythos Preview has also proven useful beyond just hunting bugs. At one partner bank, the model helped catch and block a fraudulent wire transfer worth over $1.5 million, Anthropic says.

Over 6,000 potential flaws in open-source projects

Alongside partner work, Anthropic says it scanned more than 1,000 open-source projects with Mythos Preview. The model estimates it found 6,202 high- or critical-severity vulnerabilities, with 23,019 total findings across all severity levels.

Independent security firms—and partly Anthropic itself—have reviewed 1,752 of the high- or critical-severity findings so far. 90.6 percent turned out to be true positives. 62.4 percent were confirmed as genuinely high or critical. Based on those triage rates, Anthropic estimates Mythos Preview has uncovered close to 3,900 confirmed high- or critical-severity vulnerabilities in open-source code. The company plans to keep scanning.

Flowchart by Anthropic showing the triage pipeline for open-source vulnerabilities: of 23,019 candidates discovered, 1,900 were reviewed by external security firms, 1,726 confirmed valid, and 467 reported to maintainers. Another 1,129 findings were sent directly to maintainers at their request without extra review. In total, 1,596 findings were reported to maintainers, 1,451 acknowledged, but only 97 actually patched and 88 given public security advisories. Counts as of May 22, 2026.
Of 23,019 vulnerabilities found in open-source projects, only 97 have actually been patched. The diagram shows the steep drop-off from discovery to triage to disclosure to patching. | Image: Anthropic

Several open-source maintainers have asked Anthropic to slow down disclosures because "they need more time to design patches," the blog post says. On average, fixing a high- or critical-severity bug takes two weeks. So far, 530 such bugs have been reported to maintainers. Of those, 75 have been patched and 65 got public advisories. Another 827 confirmed vulnerabilities are still waiting to be disclosed. Making things worse, maintainers are already drowning in low-quality, AI-generated bug reports.

Anthropic warns of a high-risk transition period

Anthropic says models with similar cybersecurity skills will soon be widely available. Some likely already are. OpenAI's GPT-5.5 fits the profile, and there's also a more specialized variant called GPT-5.5 Cyber, though it's unclear what exactly sets the two apart.

Either way, these new capabilities create a transition period where vulnerabilities get found fast but patched slowly. That gap brings new risks, Anthropic says. Mythos-class models slash the time and cost of finding and exploiting flaws. No company, Anthropic included, has built safeguards strong enough to stop misuse of these models and prevent serious damage.

Over time, these models should help developers build far more secure software by catching bugs before code ships. Currently, Anthropic says software teams should shorten their patch cycles and make updates as easy as possible for users. Network defenders should stick to the basics: multi-factor authentication, hardened configs, and thorough logging.

AI News Without the Hype – Curated by Humans

Subscribe to THE DECODER for ad-free reading, a weekly AI newsletter, our exclusive "AI Radar" frontier report six times a year, full archive access, and access to our comment section.

Subscribe now

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。