Mythos and friends could be a 'net positive' for UK cyber security defenses but only if they're secured, says top cyber official

News
By published

Mozilla can attest to that

A robot standing thoughtfully in front of a giant digital display with code on it
(Image credit: Getty Images)
  • NCSC’s Richard Horne says hacking AI tools like Mythos Preview can strengthen defenses if guardrails are in place
  • Anthropic’s Mythos Preview, part of Project Glasswing, finds zero‑days at scale
  • Horne argues frontier AI exposes weak fundamentals quickly, giving defenders a chance to decisively outpace cybercriminals

With proper guardrails and safety regulations, hacking AI tools such as Mythos Preview can be net positive for cybersecurity defenses everywhere, says Richard Horne, head of the National Cyber Security Centre (NCSC).

According to the BBC, Horne echoed these statements in a speech to the NCSC’s annual conference CyberUK, on Wednesday.

"As we have seen in the media in recent days, frontier AI is rapidly enabling discovery and exploitation of existing vulnerabilities at scale, illustrating how quickly it will expose where fundamentals of cyber-security are still to be addressed," he said.

Article continues below

This time is different

Earlier this month, Anthropic announced a new security initiative called Project Glasswing, and at its heart, the newest AI model, Mythos Preview. This model was apparently so good at discovering and exploiting zero-day vulnerabilities, that Anthropic decided to only give it to a handful of large software companies. That way, these companies can get a head start against bad actors, before the model is released to the general public at a (yet undetermined) later date.

There is also plenty of chatter online about this being just a PR stunt, with some people stating that OpenAI did the same for GPT-2 which later turned out to be a lot more benign.

However, this time it really might be different. The Mozilla Foundation said that with the help of Mythos it managed to find 271 vulnerabilities in Firefox 150, the famed browser’s latest build. When it tried a similar thing with an earlier model - Opus 4.6 against Firefox 148 - it found “just” 22 bugs.

Announcing the results, Mozilla CTO Bobby Holley couldn’t hide his excitement, hinting that the cat-and-mouse fight against cybercriminals might finally come to an end.

“Our work isn’t finished, but we’ve turned the corner and can glimpse a future much better than just keeping up,” he wrote. “Defenders finally have a chance to win, decisively. ”

Via BBC

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Google logo on a black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.