Firefox has received the Claude Mythos Preview treatment, leading to fixes for 271 vulnerabilities. As the Mozilla team describes a sense of “vertigo” when faces with these previously undiscovered flaws, a report suggests an unauthorized group has gained access to the Mythos model. If true, the effects could be deeply concerning.
Mozilla thinks AI is enabling cyber defense teams to win “decisively”. There’s some reason to believe security teams currently have a leg up on attackers. For the first time, a frontier AI model is available only to security researchers and legitimate IT organizations. Claude Mythos Preview, perhaps framed as dangerous to emphasize its supposedly stellar intelligence, is intended to only give the likes of Mozilla time to prepare for Mythos-equipped attackers. It may already be too late.
Unauthorized access
Bloomberg reports that a “private online forum” has gained access to Mythos Preview through an undisclosed third party vendor. In conversation with TechCrunch, an Anthropic spokesperson said the company is investigating the claim. Critically, no evidence has turned up just yet to verify the Bloomberg assertion.
Regardless, evidence has been shown to Bloomberg that suggests continued access was achieved. Through an “educated guess about the model’s online location”, the group could fulfill its self-professed interest in “playing around with new models, not wreaking havoc with them.”
Unknown unknowns
If we take the leap towards believing Mythos Preview is indeed the potential security apocalypse in LLM form, the seeming ease with which the forum gained access should sound the alarm. Unlike the unintentional release of Meta’s first Llama model to the outside world, generative AI is now understood to be a boost for both security researchers and threat actors.
Project Glasswing, the Anthropic-led initiative to find security flaws before another AI model can trace them on behalf of cyberattackers, therefore seems on shaky ground. The problem is that the forum may not be the only unauthorized user. If any bad actor is able to find the Mythos Preview results from automated scans, they will have a comprehensive threat landscape for a given organization.
Again, this is speculation. But the point is that once a frontier LLM reaches a certain capability, no artificial bounds can guarantee its safe use. Individual workers at authorized third parties may well misuse access, too. The genie is out of the bottle. For enterprises currently unable to access Mythos Preview, they won’t have time to prepare for its eventual release. And if Anthropic decides to never venture beyond the supposed Mythos Preview capabilities, someone else very likely will. A sense of vertigo, or even one of dread, is therefore perfectly legitimate.
Also read: Claude Opus 4.7 is no Mythos, and that’s a good thing