Anthropic Investigates Unauthorized Access to Cybersecurity AI

Hey tech enthusiasts! We've got some interesting news from the AI front today. Anthropic, the company behind the Claude family of large language models, is currently investigating a report claiming unauthorized access to its powerful Mythos model. This particular AI tool has been making waves for its impressive ability to identify cybersecurity vulnerabilities.

According to a report by Bloomberg, a group managed to gain access to the Mythos model. It seems they did this by exploiting a third-party contractor portal and employing some clever internet sleuthing techniques. However, the good news, or at least the less alarming part, is that the individuals involved are reportedly only interested in exploring the model's capabilities and not in using them for any malicious purposes.

Anthropic confirmed the investigation in a statement, saying, "We're investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments."

The Claude Mythos Preview was launched earlier this month as part of Anthropic's "Project Glasswing," an initiative aimed at preventing AI-driven cyberattacks. The preview was initially released to a select group of trusted companies, including giants like Amazon, Microsoft, Apple, and Cisco. Mozilla, for instance, reported that Mythos helped them discover and patch a whopping 271 Firefox vulnerabilities. Many banks and government agencies have also been eager to get their hands on the model to bolster their own system security.

Despite these security-focused intentions, the report suggests that several unauthorized users, possibly communicating via a private Discord chat, managed to access Mythos. They apparently did this through a developer portal and by making educated guesses about the model's location. There's even a suspicion that this same group might have access to other unreleased Anthropic models.

The Mythos model has recently gained attention for its potential to uncover security flaws in operating systems and web browsers. While this has sparked some skepticism among security experts, it has also raised concerns about the growing threat of AI-generated cyberattacks. This development comes at a time when Anthropic itself has been flagged by the US Department of Defense as a "supply chain risk," though the company has been in discussions to have this designation removed.