A new AI model Anthropic is reported to be developing, Claude Mythos, is drawing attention in the security industry as concerns grow that it could be abused if it falls into hackers' hands. Some warn it could be used to exploit security flaws at a pace far faster than defenders can respond.

Reports by foreign media said such concerns were included in a draft blog post about Claude Mythos that was briefly disclosed by mistake by Anthropic and later removed.

According to The Information, Anthropic has shared the Mythos model in advance with cybersecurity researchers and is collecting feedback. The model is said to have improved computer code generation and review capabilities compared with earlier models.

Wiz, a cloud security company acquired by Google last month, also plans to evaluate Claude Mythos based on its experience testing earlier Anthropic models.

Wiz Chief Technology Officer Ami Luttwak (아미 루트왁) said, "New models are effectively the world's top-tier cybersecurity researchers." He said Anthropic's move to allow security firms access in advance was "a very important measure" that helps researchers understand "what might happen."

Anthropic researcher Nicholas Carlini (니컬러스 칼리니) presented results at a security conference in March after analysing the open-source newsletter platform Ghost with Claude Code.

Ghost had not had any serious security vulnerabilities reported in its 13-year history, but Claude Code found within hours a flaw that could allow hackers to break into users' websites to alter content or steal personal information, The Information reported.

AI is also accelerating steps beyond finding vulnerabilities. It can quickly map an infiltrated network, steal data and complete encryption before defenders respond.

Irregular Security founder Dah Lahav (다 라하브) said major AI models understand how to move within corporate networks while evading detection. UiPath Chief Information Security Officer Scott Roberts (스콧 로버츠) said he is aware that cases of attackers using AI are increasing, calling it "a change on the scale of the day electricity was invented."

It is also notable that security tools to block AI-driven attacks run on the same models used by attackers, including those from Anthropic and OpenAI. Security companies are applying for special access to "ungated" versions that handle hacking-related requests, unlike public versions, and using them to identify weaknesses in clients' defence systems in advance, The Information reported.