Select your country

Belgium

China

Denmark

France

Germany

Global

Maghreb & West Africa

Netherlands

Norway

South Africa

Sweden

Switzerland

United Kingdom

Not finding what you are looking for, select your country from our regional selector:

Search

  1. Orange Cyberdefense
  2. Insights
  3. Blog
  4. Innovation
  5. Anthropic and OpenAI unveil Claude Mythos and GPT-5.4-Cyber

Anthropic and OpenAI unveil Claude Mythos and GPT-5.4-Cyber

News CategoriesAIInnovation
Vivien_Mura_quote

Share

AI pure players Anthropic and OpenAI are leading the way of automated vulnerabilty detection

With the release of Claude Opus 4.7 – broadly under the radar considering the buzz surrounding Claude Mythos Preview – Anthropic is redoubling its efforts on agentic AI and vulnerability detection. Vivien Mura, Chief Technology Officer (CTO) at Orange Cyberdefense, looks at the positive impact of AI on cybersecurity and the potential afforded to hackers...

Anthropic: ethical AI at the core

Anthropic is a generative AI (gen AI) pure player founded in 2021 by former OpenAI researchers, including Dario Amodei and his sister, Daniela Amodei. The San Francisco-based company has made its name amongst the rising stars in artificial intelligence. With the Claude family of large language models (LLMs), Anthropic stands out for its focus on security and ethics (“Constitutional AI”) in the development of its LLM platforms.

Is Claude Mythos a double-edged sword?

The launch of Claude Mythos Preview that marks an important turning point in the convergence between artificial intelligence and cybersecurity.

With Claude Mythos Preview, Anthropic passes a new milestone, as this non-public AI model – whose usage is currently restricted to members(1) of the Project Glasswing initiative - would be able to identify and exploit critical software flaws.

Claude Mythos’s advanced reasoning capabilities - which are not linked to any specific cybersecurity training - allow it to understand and, in some cases, crack the logic of information systems and software, explains Vivien Mura, Orange Cyberdefense CTO.

Specifically, Claude Mythos Preview would be able to independently discover and exploit “zero-day” vulnerabilities – vulnerabilities that have not yet been detected – within digital environments that have been widely deployed and identified, like OpenBSD and Firefox.

The problem: these flaws have never previously been detected by human experts. Some date back many years. Whilst this tool has been developed to bolster cybersecurity in digital environments - in line with Anthropic’s ethos – what about its exploitation by cybercriminals and other hacktivists?

Although we don’t have enough information at the moment to determine the model’s actual performance, the details given in the Mythos System Card(2) have multiple, far-reaching consequences for cybersecurity, explains Vivien Mura.

Claude Mythos: what about cybercriminals?

The launch of Claude Mythos sees a resurgence in “Zero-Day” vulnerabilities(3) for cybercriminals. The model would be able to identify multiple critical flaws in just a few days, suggesting a drop in the cost of detecting zero-day flaws, both for cybersecurity researchers and hackers.

Claude Mythos Preview also sees a change in attack chain automation. The model is remarkably able to chain together software and configuration vulnerabilities – completely autonomously. In certain documented cases, it has managed to escape “sandbox”(4) environments and establish external communications, demonstrating tactical reasoning that until now has been limited to human pentesters. But we must bear the conditions in mind – an information system designed for research purposes, without classic detection and protection systems.

Another important observation: Claude Mythos Preview is a generic model which has not been trained on data specific to cybersecurity, and it has no particular architecture (RAG or agentic type). The model is essentially a blueprint for other future reference architectures in offensive cyber. In other words, malicious use of these tools would not require anything much more advanced than a Frontier model.

An incredible opportunity in AI vulnerabilities detection for cybersecurity partners

Claude Mythos Preview is an incredible opportunity for cybersecurity, particularly in terms of cybersecurity career development.

Faced with the threat, the digital ecosystem as a whole is prioritizing the integrity of the software supply chain. Incidentally, this is the objective of the CRA(5). AI could be an important asset to deal with the challenge of supply chain security and new compliance requirements.

Although the performance of these models still requires substantial calculation resources, the cost of offensive cyber will certainly fall, and certain cyber activities like pentesting and the bug bounty(6) will likely change. However, it is not possible to leave everything up to machines. Human expertise will still be needed to manage access and processes requiring advanced permissions and avoid catastrophic errors, like the accidental deletion of data.

The automation claims that Claude Mythos seems to bring to the table are not only important to hackers. Mythos confirms that cyberdefense needs to be highly automated, under human supervision, to deal with a flood of security flaws, security updates and security incidents. Remediation - the final line of defense requiring actions with a significant impact on information systems - will also need to become more automated, integrating human supervision at the appropriate checkpoints.

Claude Mythos Preview: a model to follow?

Everyone knows that since ChatGPT’s public release in 2022, (almost) every week sees the release of a new LLM that allegedly outperforms the previous one.

Claude Mythos Preview is an important step, but it is not an isolated phenomenon. In the coming months, we will likely see competitor models – potentially open source – reaching or even exceeding Mythos’s capabilities, explains Vivien Mura. 

Following the announcement of Claude Mythos Preview, OpenAI’s response was not far behind(7). Launched on a limited basis on April 14 and announced officially by OpenAI on April 15, GPT-5.4-Cyber was created to address defensive cybersecurity.  

What are the next steps for these AI vulnerabilities detection tools?

Whilst the limited access to these tools aims to improve defense, it does create a two-tier security landscape. Partners currently trialing Claude Mythos within Project Glasswing(8) are using it to toughen up their own ecosystems, which will probably lead to a huge wave of security patches.

Organizations must get ready for waves of patches for their operating systems, applications, security products and deeply integrated “open source” software components(9). For businesses that already have patch management programs in place, the effort will be significant but not insurmountable; for others, the wave of patches is likely to keep teams busy for the long term.

In the longer term, the performance/cost ratio of AI models for cybersecurity could rise, offering the option to incorporate these models in software development cycles (DevSecOp, CI/CD) and in automatic information system audit processes.

The risk for the future is that safeguards preventing the malicious use of powerful models to automate complex and large-scale attacks are bypassed, leading to an unprecedented escalation in the threat landscape. Hackers could tirelessly industrialize sophisticated hacking processes – with no advanced skills required. This is just the beginning of automated cybersecurity and human expertise working hand-in-hand.

Through a partnership with Qevlar AI, Orange Cyberdefense has committed to AI-enhanced cybersecurity. Our experts can help you with awareness and the implementation of supervised, compliant and responsible AI platforms.

To keep control of the future of your business in the era of artificial intelligence, explore the second edition of our quarterly review:

Artificial Intelligence : Friend and Foe 

Discover the second edition of "Ctrl: 8 Minutes to stay in control."

Get your copy
Ctrl AI cover

Sources and notes

(1)Project Glasswing includes Google, Microsoft, Apple, Linux Foundation, AWS, Crowdstrike, Apple Cisco, J.P Morgan Chase, Microsoft, Nvidia, Palo Alto Networks and Broadcom.

(2)A System Card is a technical document explaining how an artificial intelligence model works, its limitations and any security measures.

(3)A Zero-Day vulnerability is a cybersecurity flaw unknown to software developers, for which no patch has been released.

(4)A sandbox is a closed and secure environment to test suspicious software or code in isolation, with no risk of compromising an information system.

(5)The Cyber Resilience Act is an EU regulation to reinforce the resilience and cybersecurity of digital products and services from the design stage, but also to encourage greater transparency amongst developers and manufacturers regarding the presence of vulnerabilities in their products. The CRA will fully enter into force in 2027.

(6)A pentest or penetration test is a controlled simulated attack by experts to identify system vulnerabilities. Experts in this role are also known as ethical hackers; a bug bounty encourages cybersecurity researchers to detect and identify security flaws within a company’s IT environment in exchange for a reward.

(7)“Open AI announces a limited release for its new cybersecurity-focused AI model”, Le Figaro with AFP, 04/15/2026: https://www.lefigaro.fr/secteur/high-tech/openai-annonce-une-sortie-limitee-pour-son-nouveau-modele-d-ia-dedie-a-la-cybersecurite-20260415?msockid=1bd420df019e69da2dac37c100ef68fc

(8) “Anthropic limits Mythos AI rollout over fears hackers could use model for cyberattacks”, Ashley Capoot, cnbc.com, 04/07/2026: https://www.cnbc.com/2026/04/07/anthropic-claude-mythos-ai-hackers-cyberattacks.html

(9) “Finance ministers and top bankers raise serious concerns about Mythos AI model”, Faisal Islam, bbc.com, 04/17/2026: https://www.bbc.com/news/articles/c2ev24yx4rmo 

 

Incident Response Hotline

Facing cyber incidents right now?

Contact our 24/7/365 world wide service incident response hotline.

CSIRT