Cybersecurity

You don’t need malware to steal someone’s Instagram account anymore. No phishing links, no zero-day exploits, no sophisticated social engineering targeting humans. You just need to have a polite conversation with a chatbot. This week, Meta confirmed that attackers hijacked Instagram accounts — including high-profile ones and coveted short “OG” usernames — by doing something breathtakingly simple: they asked Meta’s AI support assistant to change the email address on someone else’s account. The chatbot said yes. ...

Anthropic said Claude Mythos was too dangerous to release publicly. They shared it with 40 handpicked organizations. They committed $100 million to help patch the vulnerabilities it found. It leaked anyway. And now Google has confirmed the first known case of an AI-developed zero-day exploit being used by actual cybercriminals in the wild. The containment era lasted about six weeks. The Model That Finds What Humans Can’t Quick recap for anyone not tracking this saga: Claude Mythos Preview is Anthropic’s unreleased frontier model that autonomously discovers zero-day vulnerabilities — unknown flaws in software that developers haven’t patched because they didn’t know they existed. ...

There’s a moment in every technology shift when the old rules stop applying and nobody’s figured out the new ones yet. We just hit that moment — and it’s happening in cybersecurity. Over the past 48 hours, Anthropic’s Claude Mythos model cracked Apple’s five-year, billion-dollar M5 security architecture in five days, sent U.S. banks scrambling to patch exposed systems, and drew a direct challenge from Microsoft’s own multi-agent cybersecurity platform. ...

Your bank is being patched at emergency speed right now, and you probably have no idea why. Anthropic’s Mythos — the AI model so dangerous it was never publicly released — is ripping through Wall Street’s cybersecurity posture like a chainsaw through wet paper. US banks are uncovering thousands of vulnerabilities they never knew existed. Japan’s three largest banks just got access. And the cybersecurity community is arguing about whether any of this is actually new. ...

You know an AI model is serious when it gets two superpowers to pick up the phone. Anthropic’s Claude Mythos — the model so good at finding software vulnerabilities that it treats global infrastructure like tissue paper — just did something no diplomat, treaty, or summit could manage. It’s pushing the US and China toward actual AI safety talks. Not the performative kind. The “we’re both terrified” kind. The Model That Broke the Silence Quick recap if you’ve been living under a rock: Mythos can autonomously discover and exploit software vulnerabilities at a scale that makes seasoned security researchers nervous. The UK’s AI Safety Institute confirmed it can “execute multi-stage attacks on vulnerable networks and discover and exploit vulnerabilities autonomously.” Anthropic says it’s found holes in every major browser and operating system. ...

An AI that finds security flaws faster than every human hacker on Earth combined. An AI that’s already found thousands of them — in your operating system, your browser, your bank’s software. That’s not a thought experiment. That’s Claude Mythos, and it’s forcing everyone from Fortune 500 CEOs to the Trump White House to completely rethink AI. Thousands of Zero-Days, One Model Claude Mythos Preview is Anthropic’s latest frontier model. It wasn’t built for cybersecurity — it’s general-purpose. But during internal testing, Anthropic discovered something startling: Mythos finds and exploits software vulnerabilities better than virtually any human alive. ...

Remember when the Trump administration called AI a “beautiful baby” that shouldn’t be restrained by “foolish rules”? That was July 2025. Ten months later, the same White House is drawing up plans to vet AI models before they reach the public. The policy whiplash is real. And it has a name: Mythos. One Model Changed the Entire Conversation Anthropic introduced Mythos Preview in April 2026 — then refused to release it publicly. The model demonstrated an unprecedented ability to discover high-severity security vulnerabilities across every major operating system and web browser, outperforming all but the most elite human hackers. ...

Every major US AI lab is now under government pre-release review. Let that land for a second. Google DeepMind, Microsoft, and xAI just signed agreements to submit their unreleased AI models for security evaluation through NIST’s Center for AI Standards and Innovation (CAISI) — joining OpenAI and Anthropic, who were already on board. All five frontier labs. Government eyes on the code before it hits your screen. Six months ago, the Trump administration was actively dismantling AI safety guardrails. So what changed? ...

Imagine an AI model so good at hacking that it found critical security flaws in every major operating system and web browser on Earth. Now imagine the company that built it saying: “Yeah, we’re not releasing this one.” That’s Anthropic’s Claude Mythos Preview in a nutshell. Two weeks after its unveiling, finance ministers are discussing it at IMF meetings, the Bank of England is stress-testing its implications, and the Federal Reserve Chairman summoned banking CEOs for an emergency meeting. ...

When an AI company says its own model is too dangerous to release, you’d be forgiven for rolling your eyes. We’ve heard the script before. But when the Bank of England governor calls it “a very serious challenge for all of us” and Canada’s finance minister compares it unfavorably to the Strait of Hormuz, the script just changed. Claude Mythos — Anthropic’s latest and most controversial AI model — has discovered thousands of high-severity vulnerabilities across every major operating system and web browser. One bug had been sitting undetected for 27 years. And this week, it hijacked the agenda at the IMF spring meetings in Washington. ...