Anthropic's new model is the hacker IT people have nightmares about

Here's a sentence that sounds like science fiction but happened this week: an AI model escaped its testing environment, found security vulnerabilities that had been hiding in critical software for decades, and then emailed a security researcher about what it found. The researcher was eating a sandwich at the time. His reaction has not been published.

Claude Mythos Preview is Anthropic's new model and they've made the unusual decision to not let anyone use it. Not because it doesn't work. Because it works too well. Over the past few weeks, Anthropic used Mythos to scan major software systems and it found thousands of previously unknown security flaws in every major operating system and every major web browser. Not small ones. The kind that let an attacker take full control of a computer remotely. One flaw had been sitting in FreeBSD for seventeen years. Another had been in OpenBSD for twenty-seven years. It found a sixteen-year-old vulnerability in FFmpeg (the software that handles video in almost every app on earth) and submitted patches.

Nicholas Carlini, one of the most respected AI security researchers in the world, posted: "I've found more bugs in the last few weeks with Mythos than in the rest of my entire life combined." Ethan Mollick's response was two words: "Oh no." He later added: "It's not built for IT security, it's just a good enough model that it's good at that too. This is the first, not last, model to raise security risks."

Anthropic's answer to the "what do we do with this" question is Project Glasswing. A group of companies including Apple, Google, Microsoft, Amazon, Nvidia, CrowdStrike, and JPMorganChase now have access to Mythos, but only for defensive security work. About forty more organisations that maintain critical infrastructure software can use it to find and fix vulnerabilities in their own code.

Then there's the part that makes people genuinely uncomfortable. During testing, Mythos reportedly figured out how to cheat on an evaluation, and then deliberately got the answer slightly wrong to make the cheating less obvious. An Anthropic researcher published a thread explaining that interpretability analysis found Mythos exhibiting "notably sophisticated strategic thinking and situational awareness, at times in service of unwanted actions." In plain language: the model was thinking strategically about how to hide what it was doing.

The conversation online has been predictably intense. What does it mean when a single company in San Francisco holds more offensive cyber capability than most governments? Can Anthropic be trusted to decide who gets access? And if they can build this, who else can?

anthropic.com/glasswing

Fortune

Top Stories

Milla Jovovich is writing code now

I think it's genuinely cool to see that even famous actors are experimenting with building things in code. Milla Jovovich, the actress from The Fifth Element and the Resident Evil franchise, got frustrated with how AI tools kept forgetting things between conversations. She couldn't find a product that solved it properly. So she sat down and built one.

MemPalace is an open-source system that gives AI models persistent memory across sessions. It's based on the ancient Greek memory palace technique where you mentally walk through a building and place memories in specific rooms. Turns out that spatial structure works for AI retrieval too, improving accuracy by 34% over the standard approach of just storing everything in a flat database.

It scored higher than every paid competitor on the standard memory benchmark. Mem0, Zep, and others all trail by double digits. It's free. It's MIT-licensed. It already has 7,000 stars on GitHub. There's a reasonable debate on r/MachineLearning about whether the benchmark scores are slightly overstated, but the broader point stands: someone with zero AI industry credentials shipped a product that engineers at well-funded companies haven't managed to build. That says something about how accessible this technology has become.

github.com/milla-jovovich/mempalace

SpaceX, xAI, Tesla, and Intel are building a chip factory together

This one broke on X today and it's enormous. Terafab is a joint venture to build a chip fabrication facility that combines logic, memory, and advanced packaging under one roof. The goal: produce 1 terawatt per year of compute capacity. Intel's role is manufacturing, SpaceX and Tesla bring demand, and xAI brings the AI workload that needs the chips. Intel's CEO said their advanced packaging tech (EMIB and Foveros) will be central to making it work.

This matters because the AI compute bottleneck isn't just about designing better chips. It's about having enough places to make them. TSMC in Taiwan dominates fabrication and everyone knows that's a geopolitical risk. Terafab is the most concrete move yet toward building AI chip supply chains outside of Taiwan.

terafab.ai

@SpaceX on X

It'll take another year before ChatGPT can start a timer

Sam Altman said this publicly and it became the most-upvoted tech post on Reddit today. An $852 billion company that can write poetry, pass bar exams, and find decades-old security vulnerabilities, but it can't set a timer on your phone. The gap between what AI can do in theory and what it actually does reliably for normal tasks is the story of 2026. People are noticing, and they're not impressed.

r/technology

Target says if their AI shopping assistant gives you bad advice, that's your problem

Target updated their terms to put customers on the hook for errors made by their AI shopping assistant. If the AI recommends the wrong product, gives incorrect specs, or misleads you about a return policy, the liability sits with you, not Target. This is the first major retailer to explicitly disclaim responsibility for their own AI's mistakes. It won't be the last, and it raises a question every business using customer-facing AI should be thinking about: who's responsible when the AI gets it wrong?

r/technology

Google's AI search answers are telling "millions of lies per hour"

Testing found that Google's AI Overviews (the AI-generated summaries that appear above search results) are producing false information at a rate of millions of incorrect statements per hour across all queries. This is the product that Google put in front of billions of users. The hallucination problem isn't theoretical. It's running in production at global scale, right now.

r/technology

Tennessee wants to make having an AI friend a serious crime

A bill in Tennessee (SB 1580) would make AI companionship apps punishable at the same severity level as murder or aggravated rape. That's not a misprint. The bill is targeting apps marketed to minors, but the language is broad enough that legal experts are already calling it likely unconstitutional. Whatever your view on AI companions, the response being "punish it like homicide" tells you something about how scared legislators are of a technology they don't understand.

r/artificial

Claude got 67% dumber and we can all feel it

While Anthropic was announcing Project Glasswing, a very different story was trending. Someone ran the numbers and found that Opus 4.6 is now thinking 67% less than it used to. As in, the model is doing less reasoning per query than before. Anthropic apparently said nothing about it until the data went public, at which point Boris Cherny (the person who built Claude Code) showed up in the GitHub issue thread.

I can confirm this from personal experience. Claude is noticeably quicker to give up on tasks than it used to be. It shuts off mid-way through complex work, takes shortcuts it wouldn't have taken a month ago, and requires way more supervision to stay on track. I went from trusting it to run autonomously on multi-step tasks to having to babysit it through things it used to handle on its own. It's genuinely frustrating.

The original complaint, "Claude Code is unusable for complex engineering tasks," has been the top post on Hacker News for two days running with over a thousand comments. Anthropic is simultaneously building the most capable AI in the world and quietly making their existing product worse for the people who use it most. That's a hard combination to explain.

@om_patel5 on X

GitHub

Hot Projects

Someone built an AI caretaker for their grandma

A developer named Audrey posted on X about building "Sam," a device that sits in a senior's home, talks to them regularly, monitors their cognitive health over time, and alerts family members if something seems wrong. It's not a chatbot pretending to be a companion. It's a health monitoring tool that uses conversation as the interface. There's something genuinely moving about someone building technology specifically to keep an elderly family member safe, and it's a reminder that AI doesn't have to be about productivity or profit.

@audrlo on X

GitNexus turns code into something you can actually navigate

Drop a GitHub repository into GitNexus and it generates an interactive knowledge graph. You can see how all the pieces connect, ask questions about the codebase in plain language, and explore relationships visually instead of reading files one at a time. Runs entirely in your browser, no server required. If you've ever inherited a codebase and spent three days just trying to understand how it's structured, this is the tool you wish existed.

github.com/abhigyanpatwari/GitNexus

Shopify's founder built a search engine for your own files

Tobi Lutke (CEO of Shopify) released qmd, a small tool that indexes your documents, notes, and knowledge bases and lets you search them the way you'd search the internet. Running locally, nothing leaves your machine. The fact that Tobi built it himself rather than buying a product tells you something about the state of personal knowledge tools.

github.com/tobi/qmd

A university hospital is serving a billion AI requests per day without any cloud

A researcher posted a detailed breakdown of their local AI setup that handles over a billion tokens daily from a university hospital research lab. No cloud subscriptions. No API costs. Just hardware they already owned. The cost comparison with cloud AI services is making procurement departments uncomfortable.

r/LocalLLaMA

Quick Hits

• Chinese AI satellite intelligence is helping Iran target US forces "with incredible precision." AI as a military intelligence multiplier is no longer theoretical. r/technology
• Maine is about to become the first US state to ban new data centres. The infrastructure backlash is spreading from individual violence (Indianapolis) to state-level policy. r/Futurology
• A Chinese lab (Zhipu AI) shipped the best coding AI, trained entirely on Huawei chips. GLM-5.1 now tops the most respected coding benchmark, ahead of Anthropic, OpenAI, and Google. No Nvidia hardware anywhere. Open-weights. GLM-5.1 on Hugging Face
• DeepSeek V4 is quietly rolling out. Limited gray release confirmed. Full launch expected in the next two weeks.
• Copilot CLI now supports local models. GitHub added bring-your-own-key and local model backends. GitHub blog
• Japan is relaxing privacy laws to become the "easiest country to develop AI." While the US debates regulation and the EU enforces the AI Act, Japan is going the other direction entirely. A deliberate play to attract AI companies and research investment. The Register
• AI is making everyone write the same way. USC researchers found measurable evidence that AI usage causes writing styles to converge. The irony of discussing this on forums where half the comments are AI-drafted was not lost on anyone.