(9) An initiative to secure the world's software | Project Glasswing - YouTube

Large Language Models (LLMs) can be used to find and exploit software vulnerabilities as effectively as they can write code at the level of the world's greatest software developers.

Advanced AI models are raising the bar in cybersecurity, capable of assisting both defenders and potential adversaries.

Anthropic recently developed a new AI model named Claude Mythos Preview.

Anthropic's Claude Mythos Preview model is highly autonomous and excels at pursuing long-range tasks comparable to those undertaken by human security researchers over an entire day.

Anthropic will not widely release its Claude Mythos Preview model because of its potential to cause harm if misused.

Anthropic predicts that more powerful AI models will be developed by Anthropic and other organizations in the future.

Anthropic is launching Project Glasswing, an initiative to partner with organizations responsible for critical code, by providing them with the Claude Mythos Preview model to help reduce cybersecurity risks and protect users.

Anthropic believes that providing software developers with advanced AI tools, such as Claude Mythos Preview, offers a collective headstart in identifying and remediating vulnerabilities more rapidly.

Project Glasswing utilized the Claude Mythos Preview model to scan open-source code, specifically prioritizing operating systems because they underpin the entire internet infrastructure.

Project Glasswing discovered a 27-year-old vulnerability in OpenBSD that enables an attacker to crash any OpenBSD server by transmitting a small amount of data.

Project Glasswing identified multiple vulnerabilities in Linux that permit a user without permissions to escalate to administrator privileges by executing a specific binary on their machine.

Project Glasswing reported the discovered OpenBSD and Linux vulnerabilities to their respective maintainers, who then implemented and deployed the necessary patches.

The ultimate goal of Project Glasswing is to enhance the safety of global software, customer data, financial transactions, and critical infrastructure.