A small group of unauthorised users accessed the Mythos AI model developed by Anthropic, raising concerns about the potential misuse of a system the company itself says could enable dangerous cyberattacks, according to a Bloomberg report.
What Anthropic Has Said: Anthropic confirmed it is looking into the incident. “We’re investigating a report claiming unauthorised access to Claude Mythos Preview through one of our third-party vendor environments,” a company spokesperson said. The firm added that it has “no evidence” so far that the breach has affected its core systems or extended beyond a vendor environment.
The access appears to have happened on the same day Anthropic announced limited testing of Mythos under its Project Glasswing initiative. The model is being selectively shared with companies to help them identify and fix vulnerabilities in their own systems. Anthropic has said Mythos can identify and exploit weaknesses “in every major operating system and every major web browser when directed by a user to do so.”
How the Access Happened: According to the Bloomberg report, the users gained entry through a mix of methods. One individual had legitimate access through contract work linked to a third-party vendor connected to Anthropic. This access was combined with basic online investigation techniques, including scanning publicly available information and unsecured code repositories to locate the model’s endpoint. Details exposed in a separate data breach at an AI startup, Mercor, may have also helped them guess the system’s location.
The group, operating through a private Discord channel focused on tracking unreleased AI models, has reportedly been using Mythos since gaining access. However, there is no evidence that they used it for cybersecurity exploits. Instead, they ran low-risk tasks like building simple websites, likely to avoid detection.
Anthropic has officially granted access to a limited set of organisations, including Apple Inc., Amazon, and Cisco Systems, while Amazon is also offering the model through its Bedrock platform to approved users. At the same time, financial institutions and government agencies in the US and Europe are seeking early access to test their defenses.
The incident highlights a key challenge: even tightly controlled releases of advanced AI systems can leak through indirect access points such as vendors, exposed data, or predictable infrastructure patterns. It also leaves open questions about whether others may have accessed the model without authorisation and how such risks can be contained.
Read more:
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
