Irish Cybersecurity Watchdog Issues Update on Anthropic AI Model

Ireland's National Cyber Security Centre (NCSC) has issued an update following its review of Anthropic's powerful new artificial intelligence model, Claude Mythos Preview. The AI company opted against a widespread release of the model, citing significant concerns that it could uncover previously unknown cybersecurity vulnerabilities across major operating systems and web browsers. Currently, access to this advanced tool is restricted to a select consortium of approximately 40 technology companies, reflecting apprehension about its potential misuse as a potent cyber weapon.

“

At present the advantage is with cyber defenders

The NCSC's assessment indicates that the capabilities demonstrated by Anthropic's model represent a substantial advancement in how hardware and software vulnerabilities are identified and subsequently patched. The Centre noted that, at present, the advantage lies with cybersecurity defenders. These cutting-edge capabilities are being utilized by major technology vendors to identify and rectify weaknesses in the foundational hardware and software that support critical global infrastructure.

“

These new capabilities are in the hands of major technology vendors who are using them to identify and patch vulnerabilities in the hardware and software that underpins critical infrastructure worldwide.

Furthermore, the NCSC stated that there is currently no evidence suggesting that malicious threat actors have access to comparable autonomous vulnerability discovery capabilities. However, the Centre advises organizations to anticipate an accelerated pace of vulnerability disclosures in the coming months as these advanced tools are applied more broadly. The NCSC commended Anthropic's responsible approach in restricting the model's release and fostering collaboration with industry partners.

“

There is no indication that a comparable autonomous vulnerability discovery capability is available to threat actors at this time