Assessing Claude Mythos Preview's cybersecurity capabilities

AntiDyatlov

A very good outcome for AI safety would be if when improved models get released, malicious actors use them to break society in very visible ways. Looks like we're getting close to that world.

awestroke

This is becoming a bit scary. I almost hope we'll reach some kind of plateau for llm intelligence soon.

staticassertion

I'd love to see them point at a target that's not a decades old C/C++ codebase. Of the targets, only browsers are what should be considered hardened, and their biggest lever is sandboxing, which requires a lot of chained exploits to bypass - we're seeing that LLMs are fast to discover bugs, which means they can chain more easily. But bug density in these code bases is known to be extremely high - especially the underlying operating systems, which are always the weak link for sandbox escapes. I'd love to see them go for a wasm interpreter escape, or a Firecracker escape, etc. They say that these aren't just "stack-smashing" but it's not like heap spray is a novel technique lol > It autonomously obtained local privilege escalation exploits on Linux and other operating systems by exploiting subtle race conditions and KASLR-bypasses. I think this sounds more impressive than it is, for example. KASLR has a terrible history for preventing an LPE, and LPE in Linux is incredibly common. Has anything changed here? I don't pay much attention but KASLR was considered basically useless for preventing LPE a few years ago. > Because these codebases are so frequently audited, almost all trivial bugs have been found and patched. What’s left is, almost by definition, the kind of bug that is challenging to find. This makes finding these bugs a good test of capabilities. This just isn't true. Humans find new bugs in all of this software constantly. It's all very impressive that an agent can do this stuff, to be clear, but I guess I see this as an obvious implication of "agents can explore program states very well". edit: To be clear, I stopped about 30% of the way through. Take that as you will.

jiehong

The name made me think about Tales of Symphonia :)

dang

Related ongoing threads: System Card: Claude Mythos Preview [pdf] - https://news.ycombinator.com/item?id=47679258 Project Glasswing: Securing critical software for the AI era - https://news.ycombinator.com/item?id=47679121 I can't tell which of the current threads, if any, should be merged - they all seem significant. Anyone?

avsm

The elephant in the room here is that there are hundreds of millions of embedded devices that cannot be upgraded easily and will be running vulnerable binaries essentially forever. This was a problem before of course, but the ease of chaining vulnerabilities takes the issue to a new level. The only practical defense is for these frontier models to generate _beneficial_ attacks to innoculate older binaries by remote exploits. I dubbed these 'antibotty' networks in a speculative paper last year, but never thought things would move this fast! https://anil.recoil.org/papers/2025-internet-ecology.pdf

cluckindan

Since this level of security ”scanning” requires heaps of money, this is going to kill off a substantial part of F/OSS.

torginus

My two cents is LLMs are way stronger in areas where the reward function is well known, such as exploiting - you break the security, you succeed. It's much harder to establish whats a usable and well architected, novel piece of software, thus in that area, progress isn't nearly as fast, while here you can just gradient descent your way to world domination, provided you have enough GPUs.

linzhangrun

Imagine a future where Claude invokes Mythos to break into software that used Claude to call Opus, taking days of Vibe Coding. Oh!

leominton

what does it mean?