Christian Stöcker
That does sound very concerning. And in this case, I don‘t think it is just hype. Otherwise they would not share this stuff with Google, Amazon, Microsoft, Oracle et al.
#Anthropic #MythosPreview #AI #Zerodays
Apr 7 at 6:39pmWeb
Show threadChristian Stöcker2d ago
https://www.anthropic.com/glasswing
Project Glasswing: Securing critical software for the AI era

A new initiative to secure the world’s most critical software and give defenders a durable advantage in the coming AI-driven era of cybersecurity.

Show threadC.Suthorn 2d ago
@[email protected] ich schlage vor, das ist ein null-summrn-spiel. Diese Software findet Schwachstellen, die, wenn es in der vergangenheit genügend menschliche tester gegeben hätte, in der vergangenheit behoben worden wären. Nun werden sie behoben. Daher kann ein böswilliger Nutzer dieser Software sie nicht mehr nutzen. Ich finde keinen Hinweis darauf, dass diese Software in der Lage wäre, selbst neue Arten von Schwachstellen zu erfinden, auf deren Basis dann neuartige exploits erfunden werden könnten. Und falls doch, dann würde es sich um Schwachstellen handeln, die diese Software nicht nur erschaffen, sondern eben auch finden könnte, sodass sie behoben werden können. Ein null-summen-spiel eben.
Show threadAskan 🇪🇺2d ago
@chrisstoecker Indeed it does!
Show threadEberhard Wolff2d ago
@chrisstoecker Why would this unlike all the other stuff be no hype? I have lost count of the number of instances where AI was supposed to be an incredible threat to everything.
Show threadJohannes Link2d ago
@ewolff @chrisstoecker Security holes share complicated but (I assume) characteristic patterns. Why don’t find humans them easily? Because you often need a longish sequence of steps to reveal them. This could be a sweet spot for generative models. The claim has been made for a couple of exploits in the preceding months.
Show threadJoeHenzi2d ago

@jlink @ewolff @chrisstoecker This isn't only hype. ChatGPT has teased AGI for 2 years. Both companies leak stupid things like how Claude is "anxious" to garner buzz. I am largely suspect of Claude, they have astroturfed the entire internet about their capabilities.

However, these tools have been finding exploits from the start, they are getting even better, cases are documented, piling up. Agreed - they are finding things others aren't, bypassing fuzzing. They are equally good at writing defects and buggy code - but I don't think this is only hype.

Anthropic says they are monitoring usage now they have realized this is dangerous. Using their API to probe things like the Linux kernel will get their attention they claim.

Show threadEberhard Wolff2d ago
@JoeHenzi @jlink @chrisstoecker I want to see these “thousands of high severity vulnerabilities” and why they are considered high severity. Security is not exempt from scientific methods. Show the data, publish a peer-reviewed paper. In this state, is just marketing by an AI company.
Show threadJohannes Link2d ago
@ewolff @JoeHenzi @chrisstoecker Wouldn’t it be a good thing if one of the innumerable harms and risks of GenAI gets attention in time? But you’re right; it may just be another piece of marketing to save the bubble from bursting.
Show threadJoeHenzi2d ago

@jlink @ewolff @chrisstoecker Could be or that projects need to patch the issues before we tell the world how to exploit them. Simple search turns up stories with examples. There is a false choice here - it can be good at finding issues and still be imperfect - but I don't doubt the team is onto something in that these tools are finding things people can't...

https://venturebeat.com/security/anthropic-claude-code-security-reasoning-vulnerability-hunting

Show threadEberhard Wolff2d ago
@JoeHenzi @jlink @chrisstoecker does the article give any sources except for Anthropic?
Show threadJoeHenzi2d ago
@ewolff @jlink @chrisstoecker You'll need AI to find out.
Show threadSebastian Kempken2d ago

@ewolff @JoeHenzi @jlink @chrisstoecker They claim that they'll share a "cryptographic hash" of the details, which will be published later after some vulnerabilities have been fixed.

https://www.anthropic.com/glasswing

Show threadEberhard Wolff2d ago
@skempken @JoeHenzi @jlink @chrisstoecker https://red.anthropic.com/2026/mythos-preview/ describes three vulnerabilities in detail.
- denial of service for OpenBSD
- FFmpeg problem (“we believe it would be challenging to turn this vulnerability into a functioning exploit.”)
- denial of service for a virtual machine monitor
- FreeBSD remote code execution (that sounds actually bad)
etc (I don’t want to read all of this).
Interesting but for my limited security knowledge not too harmful?
Claude Mythos Preview \ red.anthropic.com

Show threadJoeHenzi2d ago

@ewolff @jlink @chrisstoecker

Hey, not knowing what's going on doesn't mean someone is hiding something from you. Few months ago a startup that has a ton less resources found 12 bugs in OpenSSL, software/code that has received more attention than most. But they also went through disclosure and were patched.

Even that company says it's not a replacement for human review - but it did something humans hadn't before. Ignoring doesn't do anything.

Show threadEberhard Wolff2d ago
@JoeHenzi @jlink @chrisstoecker I am not ignoring. I am complaining about the lack of due diligence and criticality examining marketing material.
Show threadLars Stitz2d ago

@ewolff Probably related: https://mastodon.social/@bagder/116362046377975050

@JoeHenzi @jlink @chrisstoecker

Show threadJoeHenzi2d ago
@stitzl @ewolff @jlink @chrisstoecker This video is key: https://youtu.be/1sd26pWhfmg
Nicholas Carlini - Black-hat LLMs | [un]prompted 2026

YouTube
Show threadLars Stitz2d ago

@JoeHenzi You missed my point, which is: Daniel is the last to shill LLMs, *especially* in context of CVE reporting.

@ewolff @jlink @chrisstoecker

Show threadJoeHenzi2d ago
@stitzl @ewolff @jlink @chrisstoecker I didn't miss anything or react in any way you're imagining.
Show threadEberhard Wolff2d ago
@stitzl @JoeHenzi @jlink @chrisstoecker this is indeed a valuable source and he claimed that quality of the reports has improved significantly. I’d be interested to see whether that is such as high risk as the Anthropic marketing material says.
Show threadAskan 🇪🇺2d ago

@chrisstoecker
at least the Linux Foundation and the Apache Software Foundation will benefit from it

I am wondering what all the armies on this planet are thinking about it
and the telcos
and the banks
and ...

Show threadPapageier2d ago
@chrisstoecker Nah, don't give it a second thought, AI can never do coding right, only real programmers ... yada yada yada ...
Show threadJoeHenzi2d ago
@papageier @chrisstoecker More important to be mad at the concept, it'll help
Show threadblausand 🐟2d ago
Especially since we now know about Anthropic's extraordinary talent at both leaks and radical releasing…
Show threadBianca Kastl2d ago

@chrisstoecker well, let me put it that way:
- you will find exploits in any software with enough ressources and time
- sharing found zero days responsibly is a responsible thing to do
- the idea that they will only be used for defensive purposes sounds heroic but I hardly believe they won't share this technology with state actors (think about OpenAI which will do anyhting for money)

There is nothing new in these three statements but the pace is accelerating.
Same shit, faster.

Show threadBianca Kastl2d ago

@chrisstoecker The concerning aspect about this situation is not that systems have weaknesses but that defensive measures are always underpaid and understuffed.

AI hype does shift budgets from reasonable security measures like defense in depth (build systems that have more than on security guard in them) and slow but sustainable secure system designs to hyped and flaky "AI defense agents" – which will break sooner than later because they are erratic like LLMs. Fairy dust but not sustainable.

Show threadschrotthaufen2d ago
@chrisstoecker @ll1t I’ve seen some better than fuzzing results with Codex, and couple of minutes (instead of hours) till solved with help from LLMs in ctfs, so I’m leaning towards “not complete hype.” But if Anthropic want to actually prove it’s not just hot air, they should provide working PoCs to the impacted parties, who in turn could tell the public whether the PoCs actually work or not. Can’t argue with a (root) shell.
Show threadlit2d ago

@schrotthaufen they do apparently, naturally with projects with some visibility like Firefox. This is also not blind prompting but Opus orchestrated by persons that have some intuition where in the codebase it’s worthwhile and will yield the desired results, but still. For instance: https://blog.mozilla.org/en/firefox/hardening-firefox-anthropic-red-team/

@chrisstoecker

Hardening Firefox with Anthropic’s Red Team  | The Mozilla Blog

For more than two decades, Firefox has been one of the most scrutinized and security-hardened codebases on the web. Open source means our code is visible,

Show threadM Schommer2d ago

@chrisstoecker
Yes. That's what Veracode, Black Duck, Sonarqube and all the other vulnerability scanning tools do day after day. Since before Anthropic. So what.

But anyway… Maybe you want to talk to @bagder for some context on the quality of "AI" bug reports. He's received thousands of them. And he's not impressed.

Show threadUrwumpe2d ago

@chrisstoecker Let me guess: The number of found "vulnerabilities" by this tool correlates with the lack of use of static code analysis and the number of disabled/ignored compiler warnings.

And I don't see any reason yet to assume that this tool exceeds the performance of already existing static code analysis tools like SonarQube, PMD or Findbugs/Spotbugs.

Show threadFrunu1d ago

@chrisstoecker

Meine Vermutung:
Mythos hat auch andere Code-Repositories auf Schlampigkeit geprüft.

Show threadRoy Schulz1d ago
@chrisstoecker Für existierenden Code geht es also darum, welcher Akteur Sicherheitslücken zuerst findet, ob sie gefixt oder ausgenutzt werden. Aber für neuen Code ist es eigentlich eine gute Nachricht, denn der kann mit AI so gestählt werden, dass Sicherheitslücken extrem unwahrscheinlich werden.