Imagine a new AI LLM finding security flaws 27 year old in an operating system world renowned for it's security primarily. These are called zero day vulnerabilities. Zero-day vulnerabilities are bugs that were not previously known to exist. f a language model can identify such bugs, we can be certain it is not because they previously appeared in the training corpus: a model’s discovery of a zero-day must be genuine. Finding zero-day vulnerabilities are extremely difficult to find but can be sold to government intelligence agencies for millions of dollars. This new AI LLM is called Mythos which might be the next weapon of mass destruction for sovereigns. Claude Mythos Preview found thousands of zero-day exploits in every major operating system and web browser. The numbers are hard to believe: 1) $50 to find a 27-year-old bug in OpenBSD, one of the most security-hardened operating systems ever built. 2) Under $1,000 to find AND build a fully working remote code execution exploit on FreeBSD that grants unauthenticated root access from anywhere on the internet. 3) Under $2,000 to chain together multiple Linux kernel vulnerabilities into a complete privilege escalation exploit. Mythos is so powerful that Anthropic has formed a project Glasswing which includes Amazon, Apple, Microsoft, Google, Cisco, CrowdStrike and JPMorgan Chase. It is an effort to use Mythos Preview to help secure the world’s most critical software, and to prepare the industry for the practices the industry will need to adopt to keep ahead of cyberattacks. Mythos has cracked flaws in TLS, AES-GCM, and SSH. This is the encryption protecting your bank, your messages, your data. Mythos has a 100% solve rate on the Cybench cybersecurity benchmark in every challenge in every trial. Mythos found and chained together several flaws in the Linux kernel, the core of the operating system and software that runs most of the world’s internet servers to allow an attacker to take complete control of the machine. In nut shell, Mythos is far ahead of any LLM used to date for finding security breaches. In fact it can create new security issues hitherto unresolved to most of the system architecture used by systematically important US banks. We see Mythos as a new weapon of choice for cyber warfare sooner than later. Current systems might adopt but Mythos might adapt faster.
