Claude Mythos Levels Up: UK Institute Confirms Your Network Has More Holes Than a DeFi Protocol

The UK's AI Security Institute dropped a bombshell report Monday: Anthropic's Claude Mythos Preview isn't just hype—it's actually terrifyingly good at hacking things. For those keeping score at home, this is less "helpful assistant" and more "digital sociopath with a keyboard."

First revealed via a website leak in late March, Claude Mythos is Anthropic's next-generation model that can autonomously execute sophisticated cyber attacks with success rates that would make any CISO lose sleep. The model purportedly found serious exploits in current web browsers and operating systems. Rather than release it publicly, Anthropic limited access to dozens of security research firms. Because nothing says "responsible AI development" like handing out digital nukes to the security community and hoping for the best.

Last week, U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell reportedly warned bank executives about the looming security threat. The timing seems fitting. Nothing like a heads-up from the people who brought you the 2008 financial crisis that AI might also be coming for your bank accounts.

The evaluation results? Mythos Preview succeeded 73% of the time on expert-level capture-the-flag tasks—challenges that no AI model could complete before April 2025. It became the first AI model to complete "The Last Ones" (TLO), a 32-step corporate network attack simulation that typically takes humans 20 hours. Mythos succeeded in three out of 10 attempts, averaging 22 steps completed. For reference, Claude Opus 4.6—the next-best model—averaged only 16 steps. That's not just impressive; that's "time to update your resume" impressive.

The institute noted Mythos continues to scale with increased computational resources, using up to 100 million tokens per evaluation run. When given network access in controlled tests, it executed multi-stage attacks and discovered vulnerabilities without human guidance. It's basically doing CTFs while the rest of us are still figuring out how to not click on phishing links.

For crypto infrastructure operators, this represents a new category of potential security threat. As AI systems gain the ability to independently probe and exploit network vulnerabilities, DeFi protocols—already hemorrhaging billions annually to smart contract bugs and exchange hacks—could face automated exploitation attempts that analyze and attack multiple vectors simultaneously. Imagine getting rekt by an AI that doesn't even have the decency to be human—it just wants your TVL.

Two years ago, AI models struggled with basic cybersecurity exercises. Now we have an AI that hacks corporate networks almost as well as humans—and it's only getting better. The future is bright, folks. Really bright. Like "your cold wallet suddenly feeling very warm" bright.