Content Fans

Anthropic's Mythos Doubles Cyber Capability Every Four Months, Report Says

Serge Bulaev

Serge Bulaev

The UK AI Security Institute (AISI) found that Anthropic's Mythos model may now double its cyber capabilities every four months, significantly outperforming earlier versions on tasks like finding and exploiting software flaws. Tests suggest Mythos can handle much more complex scenarios than before and might uncover thousands of serious software issues, though many are still being verified. However, AISI notes that lab results may not fully reflect real-world situations, as their tests lacked full security controls. Security teams are starting to change their defenses to prepare for more advanced AI threats. It remains uncertain if defenses can keep up with Mythos's rapid advances, especially as access to the model is limited to certain companies.

Anthropic's Mythos Doubles Cyber Capability Every Four Months, Report Says

A new report from the UK's AI Security Institute (AISI) reveals that frontier AI cyber capabilities, including Anthropic's Mythos, are doubling every four months, a startling acceleration in AI-driven threat potential. The model demonstrates a powerful ability to autonomously find and exploit software vulnerabilities, significantly outperforming previous versions in complex tests. This analysis breaks down the AISI's findings, the scale of the threat, and the emerging defensive strategies security leaders must consider.

Capability Jumps Observed by AISI

The UK's AI Security Institute (AISI) tested Anthropic's Mythos model in simulated enterprise networks, where it successfully completed complex, multi-stage attacks for the first time. The model's performance on these cyber-range challenges and expert-level hacking puzzles confirms a significant leap in autonomous offensive cyber capabilities.

Key Statistics

In AISI's cyber range tests, Mythos successfully breached two simulated networks, completing one challenge in 6 out of 10 attempts and another in 3 out of 10. According to an AISI blog post, it was the first model to ever complete these scenarios. On expert-level Capture-The-Flag (CTF) challenges, Mythos achieved significant success rates, representing a milestone not reached by any public model before.

A more detailed evaluation of Mythos's cyber capabilities notes the model's ability to process extremely large contexts, handling complex scenarios with substantial token requirements. Based on these benchmarks, AISI now estimates that frontier AI cyber capabilities are doubling every four months.

The Scale of Undiscovered Vulnerabilities

The model's advanced capabilities suggest a future "vulnerability overload," where security teams are overwhelmed by AI-discovered flaws. IAPS reports that Anthropic has already used Mythos to internally identify thousands of high- and critical-severity vulnerabilities in major software. While only a portion have been manually verified so far, the discoveries include a 27-year-old memory flaw in OpenBSD. This sheer volume of new findings could strain security resources dedicated to patching and triage.

Acknowledged Real-World Limitations

It is important to note the context of these findings. AISI acknowledges its test environments lacked active human defenders, intrusion detection systems, and other standard security controls. Consequently, success in a lab setting does not guarantee a successful compromise of a well-defended, production network. While the barrier to entry for sophisticated attacks is falling, external experts maintain that human domain knowledge is still required to successfully target modern, patched systems.

An Emerging Defensive Playbook

In response to the threat of AI-driven attacks, security leaders are beginning to adapt their strategies. Proactive defense now requires anticipating more frequent and sophisticated reconnaissance. Key recommendations include:

  • Automate Security Testing: Integrate continuous fuzzing and static analysis directly into CI/CD pipelines for all internet-facing applications.
  • Enhance Runtime Monitoring: Deploy monitoring tools specifically configured to detect unusual reconnaissance patterns and privilege escalation attempts.
  • Accelerate Patching: Implement rapid patch management cycles guided by risk-based prioritization to close vulnerability windows faster.
  • Control AI Access: Restrict access to powerful AI models like Mythos through sandboxed environments with strict auditing and controls.
  • Expand Threat Intelligence: Monitor threat intelligence feeds beyond the National Vulnerability Database (NVD) to identify threats that have not yet received official severity scores.

The Policy and Access Backdrop

The rapid advance of AI capabilities is also shaping policy and access controls. Anthropic's "Project Glasswing" currently limits Mythos access to a small group of vetted technology partners. While this gating strategy may provide defenders with more time to adapt, some researchers express concern that it creates an information imbalance and hinders independent validation. The critical question remains whether defensive capabilities can evolve as quickly as the offensive threats, which are currently on a four-month doubling trajectory.

What exactly did the UK AI Security Institute find when testing Anthropic's Mythos model?

AISI tested Mythos in custom cyber ranges simulating small enterprise networks.
Key Result: It completed the full attack chain in 6 of 10 attempts on one range and 3 of 10 on another - the first AI model to solve either scenario from end to end.
In separate Capture-the-Flag (CTF) challenges, Mythos solved a significant portion of tasks, a rate no public model had achieved before.
You can read the full evaluation on the AISI blog.

How fast are AI cyber capabilities growing, and why does it matter?

The AISI estimates that offensive AI skill in frontier models now doubles every four months, a significant acceleration from the previous eight-month cycle. This rapid pace means the time available for defenders to patch vulnerabilities and adapt controls is shrinking dramatically. An organization with a quarterly review cycle could quickly fall two full generations behind an attacker's capabilities.

Does Mythos speed up existing threats or enable new ones?

Mythos does both. It can chain multiple zero-day vulnerabilities together to execute highly complex attacks that would take human experts weeks. For example, it autonomously fused four separate bugs to escape a sandbox and escalate privileges. Since it operates with minimal human guidance, it also lowers the barrier to entry, allowing less-skilled actors to launch sophisticated campaigns.

What practical steps can security teams take today?

  1. Continuous Testing: Integrate AI-assisted fuzzing and static analysis into your CI/CD pipeline.
  2. Rapid Triage: Prepare for a high volume of vulnerability disclosures by adopting risk-based prioritization that includes active exploitation intelligence.
  3. Accelerated Patching: Shrink remediation timelines. Attackers leveraging AI will not wait for quarterly patch cycles.
  4. AI Access Governance: Implement strict controls for powerful AI models, limiting access to vetted security personnel and logging all activity.

Are governments introducing new rules for AI-driven vulnerability discovery?

Yes, policy is evolving. According to industry reports, emerging frameworks are increasing organizational liability for actions taken by AI tools. Meanwhile, government bodies like NIST are prioritizing public data for CISA KEV-listed vulnerabilities, encouraging private sector reliance on commercial threat intelligence. Major vendors are also pushing for responsible release frameworks that embed coordinated disclosure into frontier model rollouts.