Sign up to save your podcasts
Or
Share Anthropic’s “Mythos” Leak, Project Glasswing, and the 90-Day Patch Countdown
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Anthropic’s “Mythos” Leak, Project Glasswing, and the 90-Day Patch Countdown
Anthropic’s “Mythos” Leak, Project Glasswing, and the 90-Day Patch Countdown
Hosts Tanner and Anthony discuss reports of Anthropic’s new “frontier” general-purpose model, Mythos (Mythos Preview), described as exceptionally strong at finding and exploiting novel security bugs and allegedly sitting on thousands of unpatched zero-days affecting major operating systems and browsers. They review examples cited, including decades-old FreeBSD and OpenBSD flaws and a Linux kernel issue, and note a separate security firm (Aisle) replicated parts of the findings using open-weight models, though Mythos appears better at moving from detection to exploitation. The episode explains how Mythos became public via leaks, then outlines Anthropic’s Project Glasswing: about 50 vendors received 90 days of access plus credits to patch systems, with Mozilla reportedly patching 271 Firefox issues. They close with preparation steps for lean IT teams: asset inventory, vendor outreach, risk-based prioritization, mitigation and isolation, patch validation, workload planning, governance and insurance review, stronger detection controls, least privilege/zero trust, and verifying backups.
00:00 Too Dangerous to Release
01:45 Meet Mythos Preview
02:25 Zero Days Found
05:19 Can Others Replicate It
06:46 Efficiency and Edge Models
08:17 Leaks and Access Blunders
10:42 Project Glasswing Explained
15:10 90 Day Clock and Fallout
16:24 Break and Subscribe
17:05 Prep Plan for IT Teams
19:05 Patching Priorities and Testing
21:00 Controls Backups and Wrap Up
24:02 Final Thoughts and Sign Off
View all episodes
By Anthony Kent & Tanner Greer
5
1616 ratings
Anthropic’s “Mythos” Leak, Project Glasswing, and the 90-Day Patch Countdown
Hosts Tanner and Anthony discuss reports of Anthropic’s new “frontier” general-purpose model, Mythos (Mythos Preview), described as exceptionally strong at finding and exploiting novel security bugs and allegedly sitting on thousands of unpatched zero-days affecting major operating systems and browsers. They review examples cited, including decades-old FreeBSD and OpenBSD flaws and a Linux kernel issue, and note a separate security firm (Aisle) replicated parts of the findings using open-weight models, though Mythos appears better at moving from detection to exploitation. The episode explains how Mythos became public via leaks, then outlines Anthropic’s Project Glasswing: about 50 vendors received 90 days of access plus credits to patch systems, with Mozilla reportedly patching 271 Firefox issues. They close with preparation steps for lean IT teams: asset inventory, vendor outreach, risk-based prioritization, mitigation and isolation, patch validation, workload planning, governance and insurance review, stronger detection controls, least privilege/zero trust, and verifying backups.
00:00 Too Dangerous to Release
01:45 Meet Mythos Preview
02:25 Zero Days Found
05:19 Can Others Replicate It
06:46 Efficiency and Edge Models
08:17 Leaks and Access Blunders
10:42 Project Glasswing Explained
15:10 90 Day Clock and Fallout
16:24 Break and Subscribe
17:05 Prep Plan for IT Teams
19:05 Patching Priorities and Testing
21:00 Controls Backups and Wrap Up
24:02 Final Thoughts and Sign Off