I had not heard about this, as I’ve been paying attention to politics and I keep ignoring “AI”, or machine learning. NewScientist (2 May 2026, paywall) has me covered:
According to Anthropic, there’s a good reason the model [called Mythos] had been kept behind closed doors: it is – by accident rather than design – extremely good at hacking. It can allegedly discover flaws in virtually any software, if asked, that would allow the user to break in.
The company says that Mythos found thousands of high- and critical-severity vulnerabilities in operating systems and other software. Anthropic did not respond to New Scientist’s request for comment, but the company said on its website that “the fallout—for economies, public safety, and national security—could be severe.” [“Do you need to worry about Mythos, Anthropic’s computer-hacking AI?“]
But this is … reassuring, I suppose:
But there are indications that it isn’t time to panic yet. Bobby Holley at Firefox – one of those organisations being given access to Mythos – wrote in a blog post that the model helped his team find 271 vulnerabilities in the web browser, which is certainly quite a haul, but that none were so ingenious, impenetrably complex or sophisticated that a human couldn’t have dug them out.
“Just one such bug would have been red-alert in 2025, and so many at once makes you stop to wonder whether it’s even possible to keep up,” wrote Holley. “Encouragingly, we also haven’t seen any bugs that couldn’t have been found by an elite human researcher.”
No magic here, at least not yet.
