The National Security Agency (NSA) has reportedly been testing Anthropic\u2019s Mythos model to identify cybersecurity vulnerabilities in Microsoft software.<\/p>\n
The agency, which was one of the 40 organizations granted access to Mythos, has been running tests to identify security flaws and comparing the process with other tools it uses. In early trials, the NSA has reportedly been impressed by the Mythos model\u2019s speed and efficiency in finding vulnerabilities, which aligns with what other organizations with access have said about the model.<\/p>\n
It was first reported last week that the NSA had access to Mythos<\/a> and was using it to scan its own environments for potential weaknesses. As Microsoft is one of the world\u2019s largest software vendors, it is almost certain that some of these environments use its products.<\/p>\n The officials who spoke to Bloomberg<\/a> did not say what bugs Mythos had found, or whether the NSA was already aware of any of these vulnerabilities. It is also unclear whether the NSA or any other department in the Trump administration has used Mythos for offensive operations.<\/p>\n The use of Anthropic\u2019s Mythos model comes despite the Trump administration\u2019s designation of Anthropic as a \u201csupply chain risk,\u201d which effectively banned its models from being used by state departments.<\/p>\n Anthropic reportedly briefed the administration on the model<\/a>, and there has been a notable shift, at least internally, toward redeploying Anthropic across many operations. This is despite Anthropic taking the government to court<\/a> over the designation. In some quarters, Claude reportedly never stopped being used, as it was part of the preparations for the Iran War<\/a>.<\/p>\n Microsoft is most likely also assessing the performance of Mythos, as one of the 40 organizations involved in Project Glasswing<\/a>. The company already uses automated systems to identify zero-day vulnerabilities in Windows and Microsoft program patches, alongside a large team of security experts and hackers who publish vulnerabilities.<\/p>\n The company recently patched several Microsoft Defender vulnerabilities<\/a> that allowed hackers to gain access to Windows systems.<\/p>\n Even with the rollout to a select group of organizations, Mythos has reportedly been accessed by at least one unauthorized group<\/a>.<\/p>\n Goldman Sachs bankers tied to Hong Kong also had their access removed<\/a> due to concerns about the Chinese government gaining access. Anthropic has also warned that Chinese AI developers are using model distillation to mimic the performance and functionality of its models without incurring the same research and training costs.<\/p>\n It is unclear whether Anthropic will ever release Mythos to the wider public. It launched Opus 4.7 a few days after the Mythos announcement, while holding back some cybersecurity and agentic AI capabilities.<\/p>\n It may launch an AI model under the Mythos name in the future, as this model reportedly outperforms Opus and other AI models in agentic coding, coding, and visual recognition, but may add heavy safeguards to prevent its use by bad actors.<\/p>\n For more on Anthropic\u2019s global ambitions, read how <\/strong>the company is scaling its London presence<\/strong><\/a> with plans for a new office supporting up to 800 employees and a major UK hiring push.<\/strong><\/p>\n The post NSA Tests Anthropic\u2019s Mythos Model on Microsoft Security Flaws<\/a> appeared first on eWEEK<\/a>.<\/p>","protected":false},"excerpt":{"rendered":" The National Security Agency (NSA) has reportedly been testing Anthropic\u2019s Mythos model to identify cybersecurity vulnerabilities in Microsoft software. The agency, which was one of the 40 organizations granted access to Mythos, has been running tests to identify security flaws and comparing the process with other tools it uses. In early trials, the NSA has […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-8079","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8079"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8079"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/8079\/revisions"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8079"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8079"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8079"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Mythos use raises questions about government AI access<\/h2>\n
Trying to keep a tight lid on Mythos\u00a0\u00a0<\/h2>\n