The fact that Claude Mythos found so many Firefox vulnerabilities is not surprising. WhenAnthropic released Mythos, the AI giant said the new frontier model can autonomously discover thousands of zero-day vulnerabilities.That is why the company decided to withhold its public release and instead offer it only to a relatively small number of major organizations through a program called Project Glasswing.The list of companies in Project Glasswing includes AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks.[ Read:OpenAI Widens Access to Cybersecurity Model After Mythos Reveal]Palo Alto Networks has also shared some preliminary data fromtesting Mythos, saying that in terms of vulnerability discovery it accomplished the equivalent of a year’s worth of pentesting in less than three weeks.The cybersecurity company also noted that the AI has impressive vulnerability-chaining capabilities, combining medium- and low-severity issues into a critical exploit.In addition, Mythos can identify logic-based issues that traditional tools may not detect.“Within six months, advanced AI models with deep cybersecurity capabilities will become commonplace. Organizations that have not put appropriate safeguards in place will face an entirely new class of risk across their enterprise and critical infrastructure,” said Lee Klarich, chief product and technology officer at Palo Alto Networks.Klarich pointed out that similar advances will likely come from other AI companies and the models may not be as restricted as Mythos.In addition, there are already some reports of Mythos beingaccessed by unauthorized users.Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain AttacksRelated:‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI ThreatsRelated:CoChat Launches AI Collaboration Platform to Combat Shadow AI
That is why the company decided to withhold its public release and instead offer it only to a relatively small number of major organizations through a program called Project Glasswing.The list of companies in Project Glasswing includes AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks.[ Read:OpenAI Widens Access to Cybersecurity Model After Mythos Reveal]Palo Alto Networks has also shared some preliminary data fromtesting Mythos, saying that in terms of vulnerability discovery it accomplished the equivalent of a year’s worth of pentesting in less than three weeks.The cybersecurity company also noted that the AI has impressive vulnerability-chaining capabilities, combining medium- and low-severity issues into a critical exploit.In addition, Mythos can identify logic-based issues that traditional tools may not detect.“Within six months, advanced AI models with deep cybersecurity capabilities will become commonplace. Organizations that have not put appropriate safeguards in place will face an entirely new class of risk across their enterprise and critical infrastructure,” said Lee Klarich, chief product and technology officer at Palo Alto Networks.Klarich pointed out that similar advances will likely come from other AI companies and the models may not be as restricted as Mythos.In addition, there are already some reports of Mythos beingaccessed by unauthorized users.Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain AttacksRelated:‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI ThreatsRelated:CoChat Launches AI Collaboration Platform to Combat Shadow AI
The list of companies in Project Glasswing includes AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks.[ Read:OpenAI Widens Access to Cybersecurity Model After Mythos Reveal]Palo Alto Networks has also shared some preliminary data fromtesting Mythos, saying that in terms of vulnerability discovery it accomplished the equivalent of a year’s worth of pentesting in less than three weeks.The cybersecurity company also noted that the AI has impressive vulnerability-chaining capabilities, combining medium- and low-severity issues into a critical exploit.In addition, Mythos can identify logic-based issues that traditional tools may not detect.“Within six months, advanced AI models with deep cybersecurity capabilities will become commonplace. Organizations that have not put appropriate safeguards in place will face an entirely new class of risk across their enterprise and critical infrastructure,” said Lee Klarich, chief product and technology officer at Palo Alto Networks.Klarich pointed out that similar advances will likely come from other AI companies and the models may not be as restricted as Mythos.In addition, there are already some reports of Mythos beingaccessed by unauthorized users.Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain AttacksRelated:‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI ThreatsRelated:CoChat Launches AI Collaboration Platform to Combat Shadow AI
[ Read:OpenAI Widens Access to Cybersecurity Model After Mythos Reveal]Palo Alto Networks has also shared some preliminary data fromtesting Mythos, saying that in terms of vulnerability discovery it accomplished the equivalent of a year’s worth of pentesting in less than three weeks.The cybersecurity company also noted that the AI has impressive vulnerability-chaining capabilities, combining medium- and low-severity issues into a critical exploit.In addition, Mythos can identify logic-based issues that traditional tools may not detect.“Within six months, advanced AI models with deep cybersecurity capabilities will become commonplace. Organizations that have not put appropriate safeguards in place will face an entirely new class of risk across their enterprise and critical infrastructure,” said Lee Klarich, chief product and technology officer at Palo Alto Networks.Klarich pointed out that similar advances will likely come from other AI companies and the models may not be as restricted as Mythos.In addition, there are already some reports of Mythos beingaccessed by unauthorized users.Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain AttacksRelated:‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI ThreatsRelated:CoChat Launches AI Collaboration Platform to Combat Shadow AI
Palo Alto Networks has also shared some preliminary data fromtesting Mythos, saying that in terms of vulnerability discovery it accomplished the equivalent of a year’s worth of pentesting in less than three weeks.The cybersecurity company also noted that the AI has impressive vulnerability-chaining capabilities, combining medium- and low-severity issues into a critical exploit.In addition, Mythos can identify logic-based issues that traditional tools may not detect.“Within six months, advanced AI models with deep cybersecurity capabilities will become commonplace. Organizations that have not put appropriate safeguards in place will face an entirely new class of risk across their enterprise and critical infrastructure,” said Lee Klarich, chief product and technology officer at Palo Alto Networks.Klarich pointed out that similar advances will likely come from other AI companies and the models may not be as restricted as Mythos.In addition, there are already some reports of Mythos beingaccessed by unauthorized users.Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain AttacksRelated:‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI ThreatsRelated:CoChat Launches AI Collaboration Platform to Combat Shadow AI
The cybersecurity company also noted that the AI has impressive vulnerability-chaining capabilities, combining medium- and low-severity issues into a critical exploit.In addition, Mythos can identify logic-based issues that traditional tools may not detect.“Within six months, advanced AI models with deep cybersecurity capabilities will become commonplace. Organizations that have not put appropriate safeguards in place will face an entirely new class of risk across their enterprise and critical infrastructure,” said Lee Klarich, chief product and technology officer at Palo Alto Networks.Klarich pointed out that similar advances will likely come from other AI companies and the models may not be as restricted as Mythos.In addition, there are already some reports of Mythos beingaccessed by unauthorized users.Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain AttacksRelated:‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI ThreatsRelated:CoChat Launches AI Collaboration Platform to Combat Shadow AI
In addition, Mythos can identify logic-based issues that traditional tools may not detect.“Within six months, advanced AI models with deep cybersecurity capabilities will become commonplace. Organizations that have not put appropriate safeguards in place will face an entirely new class of risk across their enterprise and critical infrastructure,” said Lee Klarich, chief product and technology officer at Palo Alto Networks.Klarich pointed out that similar advances will likely come from other AI companies and the models may not be as restricted as Mythos.In addition, there are already some reports of Mythos beingaccessed by unauthorized users.Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain AttacksRelated:‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI ThreatsRelated:CoChat Launches AI Collaboration Platform to Combat Shadow AI
“Within six months, advanced AI models with deep cybersecurity capabilities will become commonplace. Organizations that have not put appropriate safeguards in place will face an entirely new class of risk across their enterprise and critical infrastructure,” said Lee Klarich, chief product and technology officer at Palo Alto Networks.Klarich pointed out that similar advances will likely come from other AI companies and the models may not be as restricted as Mythos.In addition, there are already some reports of Mythos beingaccessed by unauthorized users.Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain AttacksRelated:‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI ThreatsRelated:CoChat Launches AI Collaboration Platform to Combat Shadow AI
Klarich pointed out that similar advances will likely come from other AI companies and the models may not be as restricted as Mythos.In addition, there are already some reports of Mythos beingaccessed by unauthorized users.Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain AttacksRelated:‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI ThreatsRelated:CoChat Launches AI Collaboration Platform to Combat Shadow AI
In addition, there are already some reports of Mythos beingaccessed by unauthorized users.Related:‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain AttacksRelated:‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI ThreatsRelated:CoChat Launches AI Collaboration Platform to Combat Shadow AI
Source: SecurityWeek
