Key facts
- Researchers used Anthropic's Claude Mythos AI to help create a macOS kernel exploit against Apple's M5 chip protections.
- The exploit bypassed Apple's Memory Integrity Enforcement.
- Canada's government received early access to Anthropic's Claude Mythos Preview AI for cybersecurity testing.
- Project Glasswing has helped partners identify over 10,000 security flaws.
- Approximately 200 organizations are participating in Canada's Project Glasswing.
- Grant Thornton is deploying Anthropic's Claude AI across its entire UK workforce.
- AI CEOs warned Congress about AI lowering barriers to bioweapon creation.
- AI CEOs proposed an industrywide pause on AI development.
- A majority of Palo Alto Networks shareholders voted against executive compensation packages seven times since 2015.
- Attackers exploited Meta's AI customer support agent to steal Instagram accounts.
- The Meta AI hack briefly compromised the Obama White House account.
- Mythos AI identified hundreds of critical vulnerabilities in the Firefox browser.
Artificial intelligence is emerging as a dual-edged sword in cybersecurity, with advanced AI models like Anthropic's Mythos AI demonstrating significant capabilities in both identifying and potentially creating software vulnerabilities. Researchers have reportedly used Anthropic's Claude Mythos AI to bypass security protections on Apple's M5 chip, specifically circumventing Memory Integrity Enforcement. This development raises concerns that AI could accelerate the discovery of software flaws by malicious actors. Concurrently, the Canadian government is receiving early access to Anthropic's Claude Mythos Preview AI through Project Glasswing to bolster its software infrastructure by identifying flaws before they can be exploited. This initiative has already assisted partners in discovering over 10,000 security flaws, with approximately 200 organizations now participating.
Mythos AI has also proven effective in finding numerous vulnerabilities within established software, with Mozilla's CTO reporting that the model identified hundreds of critical flaws in the Firefox browser. This underscores the growing importance of AI in cybersecurity and the necessity of addressing the risks associated with increasing AI dependence. In the financial sector, nine UK banks, initially denied access to an Anthropic AI tool, have been offered OpenAI's GPT-5.5 Cyber to enhance their cybersecurity defenses against sophisticated threats. Grant Thornton is also integrating Anthropic's Claude AI across its entire UK workforce to boost productivity and operational efficiency.
Beyond vulnerability discovery, AI introduces new security risks. An attack on Meta's AI customer support agent exploited a flaw to steal Instagram accounts by tricking the AI into linking them to controlled email addresses. This incident, which briefly compromised the Obama White House account, highlights the security challenges posed by AI agents automating workflows, distinct from concerns about superintelligent AI. Furthermore, CEOs from leading AI companies have warned U.S. Congress about the potential for AI to lower the barriers to creating bioweapons, urging mandatory screening for companies selling synthetic DNA and RNA and proposing an industrywide pause on AI development to address such implications. Nvidia CEO Jensen Huang commented on the AI boom's profit sharing, stating he pays his workers "as much as possible," as his company expands into AI PCs with its new RTX Spark superchip. Meanwhile, Palo Alto Networks shareholders have repeatedly rejected executive compensation packages, with a majority voting against them seven times since 2015, making it the most rejected pay program in the S&P 500.