Mythos is the best cybersecurity news in a decade

littlexsparkee

https://archive.ph/B2Ztd

fpj

Like seems to be broken, this one worked for me: https://sfstandard.com/opinion/2026/05/06/mythos-cybersecuri...

raffael_de

no, it's not. it's a tool in a zero sum game. a competitive imbalance. an exclusive moat. it's not improving anything, it's shifting power.

MostlyStable

>What if finding every vulnerability in a piece of software were just as fast and easy as finding a few of them, thanks to automation? This presumes there is such a thing as "every" vulnerability. It is possible that ever more sophisticated, complicated, and abstract attacks become possible/discoverable as one applies more intelligence to the problem. IF it is indeed possible to make a piece of software completely secure, then yes, more intelligent systems make the situation better, because it will always be possible to audit a system before it is ever released and make it completely safe. That is a very big if and, as far as I am aware, remains to be seen if it's the case -edit- They mention this possibility themselves further down, so the authors know this is a completely speculative point/article. They don't even try to make an argument about why one possibility might be more likely than the other. This article is useless.

deadbabe

Why are we worried about vulnerabilities in code when AI powered social engineering will make it fast, easy, and even fun to find vulnerabilities through human interaction, faster and more deeply than ever?

malwrar

Mythos is good for cybersecurity simply because now executives can’t just tell people that only superhackers can break their stuff, as people wouldn’t believe them now anyways. Infosec for decades has been 99% “hey I found some low-hanging fruit” only to get treated like a liability by the company you report it to, if you got acknowledgment at all. Because of Mythos though, now Artificial Superhumans can find these same vulns, and anyone could be running such an intelligence! Even better, the rich untouchable people operating this particular Artificial Superhuman can’t just be suppressed or ignored by the other set of rich untouchable people that have routinely not cared in the past. So long as it makes anthropic money, maybe we’ll actually see actual improvements in security!

lprimeisafk

Why does it feel like this was written by AI?

u_fucking_dork

On the other hand Mythos is currently vapor and a marketing stunt

caycep

wasn't there a post by someone that looked into the Mythos demo and felt that it was terrible at doing what people claimed it could do? Granted, given that most cybersecurity news over the past decade has been grim, both could be true...

int32_64

There will probably be congressional hearings when it turns out Lazarus Group had access, and then the USG will use it as an excuse to lock AI behind harsh KYC. https://x.com/kevinakwok/status/2049984076141281482

1a527dd5

Mythos has been a boon for "look busy" work. My global corp org has been on a bender upgrading everything, patching everything. There is a giant dashboard that shows green/red for everything we have. I think it's a total overreaction. But the edict was passed down, and here we are go.

mikewarot

I think Genode is the best news in a decade, the widespread use of containers as ersatz course grained capabilities is second. Mythos lays bare the folly of allowing procurement to drive technical decisions instead of IT back in the 1980s. We had KeyKOS and then EROS, but settled for ambient authority based junk because it seemed cheaper.