AI has crossed a threshold – what Claude Mythos means for the future of cybersecurity
AI has crossed a threshold – what Claude Mythos means for the future of cybersecurity
Publish Date: 2026-04-23 12:03:00
Source Domain: theconversation.com
The limit of what artificial intelligence can achieve, known as frontier AI, has crossed another threshold. AI can now plan and execute sophisticated cyber operations with minimal guidance at speeds far beyond human capability.
That, at least, is the evidence from an independent test of Claude Mythos Preview, the latest and most advanced model in the Claude family of AI systems, developed by US tech firm Anthropic. Similar to ChatGPT, these can understand and generate human-like text, analyse information, and solve complex problems.
The finance sector is alarmed. It relies on highly interconnected digital systems that are especially attractive targets for sophisticated cyber-attacks. A successful breach could disrupt payments, freeze access to funds, and erode public trust in the banking system.
Major UK and US banks are preparing controlled trials under strict safeguards. They will be granted secure, supervised access to the Mythos Preview model in isolated environments, to evaluate its ability to detect vulnerabilities in their systems while minimising any risk of misuse. It’s a bit like dangerous viruses being examined in high-security laboratories.
The UK’s AI Security Institute, a research organisation within the government’s Department for Science, Innovation and Technology, has already tested Mythos Preview on a demanding benchmark known as The Last Ones. As the name suggests, this series of challenges has been designed as the final hurdle AI systems need to complete before being deemed able to fully automate complex, real-world cyber-attacks from start to finish.
In the controlled test, Mythos Preview autonomously surfaced thousands of “zero day” vulnerabilities – flaws unknown even to the software’s own developers – across every major operating system and popular web browser. Some of these had remained undetected for up to 27 years, even though the software had been carefully checked millions of times.
…
