Bloomberg reveals Claude Mythos has been subject to unauthorized access! The hardest vulnerability for Anthropic to defend against will always be "people."

📄Full Article· Automatically extracted by trafilaturaGemini 翻譯1101 words

Bloomberg reported that Anthropic's Claude Mythos Preview was accessed by an unauthorized group on the day of its announcement. Anthropic stated that it is investigating the matter and has found no evidence of system impact so far. (Context: Anthropic announced the Glasswing security initiative, partnering with 12 giants including Apple and Microsoft, with the powerful Claude Mythos model uncovering thousands of vulnerabilities.) (Background: Anthropic's new model Mythos is so powerful that the company dared not release it: it can autonomously breach global Linux systems and chain together complete vulnerability exploits in hours.) According to reports, on the day Anthropic announced the launch of the Mythos Preview, an unidentified group was already using it. It wasn't a gradual infiltration over weeks; it happened on the day of the announcement. According to the latest Bloomberg report this morning, the group gained access through two different channels simultaneously. The first path was human. A member of the group was employed by a third-party contractor providing services to Anthropic. This position granted them credentials to access the Mythos environment, which they shared with others in the group. The second path was the URL. Anthropic uses a fixed naming convention when deploying other models; based on their understanding of this format, the group directly guessed the access location for the Mythos Preview, requiring no "hacking" in the traditional sense. Anthropic responded: "We are investigating a report of unauthorized access to the Claude Mythos Preview via a third-party vendor environment." They also stated that they have not yet found any evidence that these unauthorized activities have impacted their systems. It is understood that the group's core activity hub is a Discord channel dedicated to tracking unreleased AI models. In their own words, their goal is to "explore new models, not to cause destruction." Anthropic's own assessment indicated that Mythos has the capability to breach mainstream operating systems within hours, which is one of the core reasons why Project Glasswing chose not to release it publicly, limiting access to 12 partners including Apple and Microsoft. Bloomberg confirmed that the group submitted screenshots and live demonstrations proving they could indeed operate the model. Although Anthropic stated that no systems were affected, the gap between "not yet found" and "did not happen" is one that could be bridged at any time. Anthropic put significant effort into designing the release architecture for Mythos: keeping it private, limiting it to partners, and conducting risk assessments. However, the premise of this design is that every person with access to the Mythos environment will not become a point of leakage. Today, that premise seems to have failed on the very first day of the announcement: a contractor employee shared the access credentials. This is the oldest problem in AI security, and the hardest to solve from a technical standpoint: no matter how deep the moat, one can always bypass it through the side door.

Data Status✓ Full text extractedRead Original (動區 BlockTempo)

🔍Historical Similar Events· Keyword + Asset Matching6 items

2026-04-23

OpenAI CEO Sam Altman slams Anthropic: Fear-mongering Claude Mythos is just to monopolize AI

2026-04-23

Anthropic Using ‘Fear-Based Marketing’ to Promote Claude Mythos: Sam Altman

2026-04-22

Anthropic's Claude Mythos AI Finds 271 Vulnerabilities in Firefox—Yes, It's Seriously Powerful

2026-04-20

NSA Is Using Anthropic's Powerful Claude Mythos AI as CEO Meets With White House: Report

2026-04-22

Claude Mythos helped Firefox identify 271 security vulnerabilities; how does Mozilla view this "AI vs. Human" result?