Anthropic, the artificial intelligence company that recently fought the Pentagon over the use of its technology, has built a new A.I. model that it claims is too powerful to be released to the public.
Instead, Anthropic said on Tuesday, it will make the new model — known as Claude Mythos Preview — available to a consortium of more than 40 technology companies, including Apple, Amazon and Microsoft, which will use the model to find and patch security vulnerabilities in critical software programs.
Anthropic said it had no plans to release its new technology more widely, but was announcing the new model’s capabilities in one area in particular — identifying security vulnerabilities in software — in an effort to sound the alarm over what the company believes will be a new, scarier era of A.I. threats.
“The goal is both to raise awareness and to give good actors a head start on the process of securing open-source and private infrastructure and code,” Jared Kaplan, Anthropic’s chief science officer, said in an interview.
The coalition, known as Project Glasswing, will include some of Anthropic’s competitors in A.I., such as Google, as well as hardware providers like Cisco and Broadcom, and organizations that maintain critical open-source software, such as the Linux Foundation. Anthropic is committing up to $100 million in Claude usage credits to the effort.
Logan Graham, the head of an Anthropic team that tests new models for dangerous capabilities, called the new model “the starting point for what we think will be an industry change point, or reckoning, with what needs to happen now.”
Anthropic occupies an unusual position in today’s A.I. landscape. It is racing to build increasingly powerful A.I. systems, and making billions of dollars selling access to those systems, while also drawing attention to the risks its technology poses. The company was deemed a supply-chain risk this year by the Pentagon for demanding certain limitations to the use of its technology. A federal judge later stopped the designation from going into effect.
Anthropic has not released much new information about the model, which was code-named “Capybara” during development. But after some details were inadvertently leaked last month, the company acknowledged that it considered it a “step change” in A.I. capabilities, with improved performance in areas like coding and cybersecurity research.
The company’s decision to hold back Claude Mythos Preview, while giving access only to partners out of concern for how it might be misused, has some precedent. In 2019, OpenAI announced it had built a new model, GPT-2, but was not releasing the full version right away. The company claimed that its text-generation capabilities could be used to automate the mass-production of propaganda or misinformation. (It later released the model, after conducting additional safety testing on it.) Many of the leaders of the GPT-2 project later left OpenAI to start Anthropic.
This time, Anthropic is making a different, more urgent claim. The company’s executives say Claude Mythos Preview is already capable of carrying out autonomous security research, including scanning for and exploiting so-called zero-day vulnerabilities in critical software programs, flaws that are unknown even to the software’s developer. These efforts can often be triggered by amateurs with simple prompts. The company claims that the new model has already identified “thousands” of bugs and vulnerabilities in popular software programs, including every major operating system and browser.
One of the vulnerabilities Claude found, the company said, was a 27-year-old bug in OpenBSD, an open-source operating system that was designed to be difficult to hack. Many internet routers and secure firewalls incorporate OpenBSD’s technology. Another was a longstanding issue in a piece of popular video software that automated testing tools had scanned five million times, without finding any problems.
“This model is good at finding vulnerabilities that would be well understood and findable by security researchers,” Mr. Graham said. “At the same time, it has found vulnerabilities, and in some cases crafted exploits, sophisticated enough that they were both missed by literally decades of security researchers, as well as all the automated tools designed to find them.”
Anthropic announced on Monday that its projected annual revenue had more than tripled in 2026, to more than $30 billion from $9 billion. The growth has come largely because of the popularity of Anthropic’s Claude as a tool for programming.
Anthropic has focused on making Claude good at completing lengthy coding tasks, in hopes of making it more useful to professional programmers and amateur “vibecoders.” But an A.I. system designed to be good at coding is also good at spotting the flaws in code — running automated scans for bugs and vulnerabilities that can allow hackers to take control of users’ machines, expose sensitive user information or wreak other havoc.
The cybersecurity industry has been bracing for years for what more capable A.I. models could do to critical tech infrastructure. Until recently, only expert human researchers with access to specialized tools were capable of finding the most severe security vulnerabilities. Now, the fear is that a powerful A.I. model could discover them on its own.
“Imagine a horde of agents methodically cataloging every weakness in your technology infrastructure, constantly,” Nikesh Arora, the chief executive of Palo Alto Networks, wrote in a blog post last week.
Mr. Graham said one of the unanswered questions about Claude Mythos Preview, and other future models that will be capable of doing similar things, was whether most or all of the world’s critical software would need to be patched or rewritten as a result of these new models.
“There are a lot of really critical systems around the world, whether it’s physical infrastructure or things that protect your personal data, that are running on old versions of code,” Mr. Graham said. “If these previously were mostly secure because it took a lot of human effort to attack them, does that paradigm of security even work anymore?”
It is wise to take claims about unreleased model capabilities from A.I. companies with a grain of salt. In this case, though, cybersecurity researchers who have been given access to Claude Mythos Preview have characterized the model as a significant cybersecurity risk.
Elia Zaitsev, the chief technology officer of CrowdStrike, a cybersecurity firm with access to the new model through Project Glasswing, said in a statement accompanying Anthropic’s announcement that the model “demonstrates what is now possible for defenders at scale, and adversaries will inevitably look to exploit the same capabilities.”
“What once took months now happens in minutes with A.I.,” Mr. Zaitsev said.
Project Glasswing takes its name from the glasswing butterfly, Mr. Kaplan said, which uses transparent wings to hide in plain sight. Similarly, he said, many of today’s most critical software programs contain bugs and vulnerabilities that have existed in the open for years, but were buried in such complex technical systems that no human ever found them.
According to Mr. Kaplan, the cybersecurity capabilities of Claude Mythos Preview are not a result of special training. Rather, they are just one of many areas in which the model is better than previous ones. He predicted that similar cybersecurity capabilities would exist in other models soon. As that happens, he said, the arms race between hackers and the companies racing to defend their systems will only escalate.
“As the slogan goes, this is the least capable model we’ll have access to in the future,” he said.
Kevin Roose is a Times technology columnist and a host of the podcast “Hard Fork.”
The post Anthropic Claims Its New A.I. Model, Mythos, Is a Cybersecurity ‘Reckoning’ appeared first on New York Times.
