AI That Hacks AI? Anthropic’s Mythos Sparks Cyber Arms Race Fears, Signals New Danger

Last Updated:April 17, 2026, 15:26 IST

If Mythos becomes widely accessible, it could lower the barrier to entry for cyberattacks. Tasks that required deep tech could be automated, allowing anyone to launch attacks

AI is rapidly transforming the threat landscape, with estimates suggesting that 87% of global organisations experienced an AI-driven cyberattack in 2025. (AFP Photo)

The arrival of Anthropic’s Mythos model marks a decisive shift in how artificial intelligence is shaping cybersecurity. For years, AI has been framed as a defensive tool, something that helps organisations detect threats, automate responses, and strengthen digital resilience. But Mythos disrupts that narrative. It demonstrates that the same technology can also power highly sophisticated cyberattacks.

This unfolds not just a one-sided technological upgrade, but the beginning of an AI-versus-AI contest, where machines are both the attackers and the defenders, constantly evolving in response to each other.

What Does Mythos Do?

Mythos is designed to scan software systems and go beyond simple detection. It can analyse complex systems, identify hidden vulnerabilities, and understand how those weaknesses can be exploited. More importantly, it can chain together multiple flaws to simulate or execute multi-step attacks, something that traditionally required highly skilled human hackers.

This represents a qualitative leap. AI is no longer just assisting cybersecurity professionals; it is beginning to operate with a level of autonomy that allows it to act on its own analysis. In effect, it becomes an active participant in the cyber domain rather than a passive tool.

The implications are profound. Vulnerabilities that might have remained hidden for years can now be uncovered in a fraction of the time. At the same time, the path from discovery to exploitation is shrinking dramatically.

Why This Has Set Off Alarm Bells

Anthropic has not released Mythos widely but has provided limited access to a select group of organisations such as Amazon, Apple, JP Morgan Chase, Cisco, and Nvidia.

The Project Glasswing initiative is focused on helping these companies strengthen their systems before similar AI tools become widely accessible.

If systems like Mythos become widely accessible, they could significantly lower the barrier to entry for cyberattacks. Tasks that once required deep technical expertise could be automated, allowing even less-skilled actors to launch complex operations.

“Anthropic is being super careful with Mythos. They are not for public use yet because it is really good at finding weaknesses in software. If people with bad intentions got their hands on it, they could cause a lot of trouble. Hence, Anthropic is only letting a few trusted partners try it out. This way, they can analyse what might go wrong and fix any problems or bugs before letting more people use Mythos,” said Kanishk Agrawal, Chief Technology Officer, Judge Group, India – a technology consulting group.

Many people in the AI world think it is more important to make sure these powerful tools are safe and used responsibly.

Thus, AI has the potential to industrialise hacking, turning it into a faster, cheaper, and more scalable activity.

The Rise Of AI-Driven Cyber Warfare

AI is rapidly transforming the threat landscape, with estimates suggesting that 87% of global organisations experienced an AI-driven cyberattack in 2025, according to a SoSafe report based on the survey of 500 global security professionals. Notably, 91% of all security experts anticipate a significant surge in AI-driven threats over the next three years.

As offensive capabilities grow, the response has been equally swift. Companies and governments are investing heavily in defensive AI systems designed to detect, predict, and neutralise threats in real time.

This creates a feedback loop. Stronger offensive AI leads to stronger defensive AI, which in turn drives further innovation in attack techniques. The result is a constantly evolving cycle — an arms race where both sides are powered by machines.

What sets this apart from traditional arms races is the pace of change. AI systems can learn and adapt far faster than human-led processes, compressing timelines that once took months or years into days or even hours.

Maaz Ansari, CRO & Co-founder of Oriserve — a deep-tech conversational AI company — pointed out that Mythos could increase the probability of cyberattacks. “Not because Mythos itself will be misused, but because it signals what is now possible. Other models will catch up. The real concern is the gap between when attackers figure this out and when defenders are ready. If security teams adopt AI-driven defense quickly, we come out ahead. If they wait, we’re in trouble.”

How Mythos Exposes Hidden Weaknesses In Digital Infrastructure

Modern digital infrastructure is built on layers of legacy systems, some of which were never designed to withstand this level of scrutiny. AI can now analyse these systems at scale, identifying weaknesses that manual audits would likely miss.

This creates a growing imbalance. While AI can rapidly discover new vulnerabilities, the process of fixing them — patching systems, updating software, and ensuring compatibility — remains comparatively slow.

The result is a widening gap between threat discovery and defence readiness. Organisations may find themselves constantly reacting, struggling to keep up with the pace at which new risks are uncovered.

Mythos does not create new holes, Ansari pointed out. “It finds the ones that were always there, just faster than anyone could before. Every large codebase has latent bugs that nobody has discovered yet. Mythos makes that backlog of hidden vulnerabilities a live risk instead of a theoretical one. The clock on patching just got a lot shorter.”

But Why Mythos Is Still Invaluable Despite Flaws

Mythos is very useful even though it has some weaknesses, said Venkat Lakshminarasimha, Executive Director & Head of Solutions (India & Middle East), Dexian – an IT service management company. “It can help companies find problems in their computer systems beforehand. This means companies can fix the problems and make their systems safer. Mythos can also help companies to predict when they might be attacked. This allows them to get ready and counter the attack. If companies use Mythos in this way, it can be a useful tool and can help them stay safe and secure. Companies can also use Mythos to stay one step ahead of cyberattacks and keep their computer systems safe.”

However, this dual-use nature complicates decision-making. Restricting access too tightly could slow down defensive innovation. Allowing broader access could increase the risk of misuse.

Ansari stressed, “As defenders are chronically understaffed, there are not enough security engineers in the world to audit all the code that runs critical systems. A model that can review millions of lines overnight, flag the exploitable paths, and suggest fixes is exactly what security teams need. The question is not whether AI will be used in security. It is whether the good guys get there first.”

Striking the right balance will be one of the central challenges in the years ahead.

How AI Models Have Become Strategic Assets In Geopolitics

The implications of this shift extend beyond companies and into the realm of global politics.

“Advanced computer models like Mythos are now seen as assets for countries. They affect strength, cybersecurity, and military power. Governments think being leaders in computer models is essential for keeping influence. Models like Mythos show how computers can directly impact security. This leads to policy focus, regulation, and investment in computer model development,” explained Agrawal.

This introduces a new layer of competition between nations. Control over advanced AI capabilities is no longer just about technological leadership — it is about shaping the rules of digital engagement.

“We have crossed a threshold where frontier AI models are dual-use technology. They are valuable for economic productivity and for military and intelligence advantage. Mythos makes that very concrete. Governments will start treating access to these models the way they treat access to advanced weapons. Export controls, strategic reserves, and allied sharing agreements. That’s the world we are entering.”

In this context, cybersecurity becomes a matter of geopolitical strategy, not just technical expertise.

What Is The Future Of Advanced AI Tools?

Ansari stressed, “The era of purely human security teams is coming to an end. You cannot defend against AI-speed attacks with human-speed response. Organisations that build AI into their security operations now will be able to keep up. Those who don’t will find themselves outpaced by attackers who have no such hesitation. The future is AI defending against AI. The only question is whether we are ready.”

A system designed to identify vulnerabilities can also reveal how to exploit them. This overlap makes it difficult to draw clear boundaries between defensive and offensive capabilities.

“Mythos signals a future where cybersecurity is about computers versus computers. Attackers and defenders will both use models to stay ahead. The focus will be on automated defence, real-time threat detection, and secure system design. However, this also means we need rules, ethical guidelines, and cooperation between governments and private companies. The future of cybersecurity depends on balancing innovation with control, and models like Mythos will play a role.”

This unfolds not just a one-sided technological upgrade, but the beginning of an AI-versus-AI contest, where machines are both the attackers and the defenders, constantly evolving in response to each other.

What Does Mythos Do?

Mythos is designed to scan software systems and go beyond simple detection. It can analyse complex systems, identify hidden vulnerabilities, and understand how those weaknesses can be exploited. More importantly, it can chain together multiple flaws to simulate or execute multi-step attacks, something that traditionally required highly skilled human hackers.

This represents a qualitative leap. AI is no longer just assisting cybersecurity professionals; it is beginning to operate with a level of autonomy that allows it to act on its own analysis. In effect, it becomes an active participant in the cyber domain rather than a passive tool.

The implications are profound. Vulnerabilities that might have remained hidden for years can now be uncovered in a fraction of the time. At the same time, the path from discovery to exploitation is shrinking dramatically.

Why This Has Set Off Alarm Bells

Anthropic has not released Mythos widely but has provided limited access to a select group of organisations such as Amazon, Apple, JP Morgan Chase, Cisco, and Nvidia.

The Project Glasswing initiative is focused on helping these companies strengthen their systems before similar AI tools become widely accessible.

If systems like Mythos become widely accessible, they could significantly lower the barrier to entry for cyberattacks. Tasks that once required deep technical expertise could be automated, allowing even less-skilled actors to launch complex operations.

“Anthropic is being super careful with Mythos. They are not for public use yet because it is really good at finding weaknesses in software. If people with bad intentions got their hands on it, they could cause a lot of trouble. Hence, Anthropic is only letting a few trusted partners try it out. This way, they can analyse what might go wrong and fix any problems or bugs before letting more people use Mythos,” said Kanishk Agrawal, Chief Technology Officer, Judge Group, India – a technology consulting group.

Many people in the AI world think it is more important to make sure these powerful tools are safe and used responsibly.

Thus, AI has the potential to industrialise hacking, turning it into a faster, cheaper, and more scalable activity.

The Rise Of AI-Driven Cyber Warfare

AI is rapidly transforming the threat landscape, with estimates suggesting that 87% of global organisations experienced an AI-driven cyberattack in 2025, according to a SoSafe report based on the survey of 500 global security professionals. Notably, 91% of all security experts anticipate a significant surge in AI-driven threats over the next three years.

As offensive capabilities grow, the response has been equally swift. Companies and governments are investing heavily in defensive AI systems designed to detect, predict, and neutralise threats in real time.

This creates a feedback loop. Stronger offensive AI leads to stronger defensive AI, which in turn drives further innovation in attack techniques. The result is a constantly evolving cycle — an arms race where both sides are powered by machines.

What sets this apart from traditional arms races is the pace of change. AI systems can learn and adapt far faster than human-led processes, compressing timelines that once took months or years into days or even hours.

Maaz Ansari, CRO & Co-founder of Oriserve — a deep-tech conversational AI company — pointed out that Mythos could increase the probability of cyberattacks. “Not because Mythos itself will be misused, but because it signals what is now possible. Other models will catch up. The real concern is the gap between when attackers figure this out and when defenders are ready. If security teams adopt AI-driven defense quickly, we come out ahead. If they wait, we’re in trouble.”

How Mythos Exposes Hidden Weaknesses In Digital Infrastructure

Modern digital infrastructure is built on layers of legacy systems, some of which were never designed to withstand this level of scrutiny. AI can now analyse these systems at scale, identifying weaknesses that manual audits would likely miss.

This creates a growing imbalance. While AI can rapidly discover new vulnerabilities, the process of fixing them — patching systems, updating software, and ensuring compatibility — remains comparatively slow.

The result is a widening gap between threat discovery and defence readiness. Organisations may find themselves constantly reacting, struggling to keep up with the pace at which new risks are uncovered.

Mythos does not create new holes, Ansari pointed out. “It finds the ones that were always there, just faster than anyone could before. Every large codebase has latent bugs that nobody has discovered yet. Mythos makes that backlog of hidden vulnerabilities a live risk instead of a theoretical one. The clock on patching just got a lot shorter.”

But Why Mythos Is Still Invaluable Despite Flaws

Mythos is very useful even though it has some weaknesses, said Venkat Lakshminarasimha, Executive Director & Head of Solutions (India & Middle East), Dexian – an IT service management company. “It can help companies find problems in their computer systems beforehand. This means companies can fix the problems and make their systems safer. Mythos can also help companies to predict when they might be attacked. This allows them to get ready and counter the attack. If companies use Mythos in this way, it can be a useful tool and can help them stay safe and secure. Companies can also use Mythos to stay one step ahead of cyberattacks and keep their computer systems safe.”

However, this dual-use nature complicates decision-making. Restricting access too tightly could slow down defensive innovation. Allowing broader access could increase the risk of misuse.

Ansari stressed, “As defenders are chronically understaffed, there are not enough security engineers in the world to audit all the code that runs critical systems. A model that can review millions of lines overnight, flag the exploitable paths, and suggest fixes is exactly what security teams need. The question is not whether AI will be used in security. It is whether the good guys get there first.”

Striking the right balance will be one of the central challenges in the years ahead.

How AI Models Have Become Strategic Assets In Geopolitics

The implications of this shift extend beyond companies and into the realm of global politics.

“Advanced computer models like Mythos are now seen as assets for countries. They affect strength, cybersecurity, and military power. Governments think being leaders in computer models is essential for keeping influence. Models like Mythos show how computers can directly impact security. This leads to policy focus, regulation, and investment in computer model development,” explained Agrawal.

This introduces a new layer of competition between nations. Control over advanced AI capabilities is no longer just about technological leadership — it is about shaping the rules of digital engagement.

“We have crossed a threshold where frontier AI models are dual-use technology. They are valuable for economic productivity and for military and intelligence advantage. Mythos makes that very concrete. Governments will start treating access to these models the way they treat access to advanced weapons. Export controls, strategic reserves, and allied sharing agreements. That’s the world we are entering.”

In this context, cybersecurity becomes a matter of geopolitical strategy, not just technical expertise.

What Is The Future Of Advanced AI Tools?

Ansari stressed, “The era of purely human security teams is coming to an end. You cannot defend against AI-speed attacks with human-speed response. Organisations that build AI into their security operations now will be able to keep up. Those who don’t will find themselves outpaced by attackers who have no such hesitation. The future is AI defending against AI. The only question is whether we are ready.”

A system designed to identify vulnerabilities can also reveal how to exploit them. This overlap makes it difficult to draw clear boundaries between defensive and offensive capabilities.

“Mythos signals a future where cybersecurity is about computers versus computers. Attackers and defenders will both use models to stay ahead. The focus will be on automated defence, real-time threat detection, and secure system design. However, this also means we need rules, ethical guidelines, and cooperation between governments and private companies. The future of cybersecurity depends on balancing innovation with control, and models like Mythos will play a role.”

Stay Ahead, Read Faster

Scan the QR code to download the News18 app and enjoy a seamless news experience anytime, anywhere.

login