Anthropic announced Claude Mythos Preview was too dangerous to release. Then they leaked it. Twice. A misconfigured data store exposed roughly 3,000 internal files in late March. A Discord group reportedly guessed the model's URL from naming conventions in late April and reached the model before CISA did.
I have spent 20 years sitting in chairs labeled CISO, CIO, and CTO. I have watched this exact movie under different titles. The plot is always the same. A vendor declares a capability so powerful it must be controlled. The control fails. The conversation turns to whether the capability was ever real. Everyone forgets the only question that matters.
What are you going to do about it?
The reality of Mythos doesn't matter
Read that again. The reality of Mythos doesn't matter.
If Mythos is real, you have a model that autonomously finds and chains zero-day vulnerabilities in the Linux kernel, OpenBSD, and major browsers. That model is now in the hands of people who weren't authorized to have it. That changes the math on every assumption you have made about the security of your applications.
If Mythos is a hoax, the picture it paints of the AI future is still 100% real. The capability is coming. It's coming faster than the policy conversation, faster than the patch cycle, and faster than the vendor catalog can keep up. The question isn't if. It's when, and how bad will it be.
Either way, the work is the same.
Reduce your attack surface. Reduce your blast radius. Today.
If a Mythos-class capability exists in unauthorized hands, you can't promise any of your applications are secure. You can't outpatch it. You can't outrun it. The only mitigation is to make the surface smaller and the failure smaller.
Identify your attack surface this week. Real assets, real ingress, real authentication paths. Not a Visio diagram from 2022. Reduce your blast radius this month. Segment what touches what. Kill the lateral movement assumptions. Decide which applications can be cut off without taking down the business.
Stop funding things that perform security. Start funding things that contain failure.
In parallel, your IT operations team needs to back up and restore quickly, reliably, and on demand. No more "it worked when we tested it last century." No more delays. No more fake tests. Real recovery tests, real validation, with a stopwatch on them. If the last full restore happened during a different presidential administration, it didn't happen.
Take action today. Before you are a headline.
The AI safety theater debate is a distraction
Is "too dangerous to release" real safety work or marketing positioning? Honestly, who cares.
AI is evolving faster than we can reconcile what we have, much less argue about what we should have. The question worth your time isn't "what should we do with this technology." The question is "what can I reasonably do to ready myself and my organization for the world it makes possible." One question moves your organization forward. The other gets you a panel slot.
Pick the one that pays.
Anthropic has earned the doubt
The Mythos leaks aren't an isolated event. They sit on top of an operational track record.
In a separate incident, Anthropic exposed the source code for its Claude Code agent because a published NPM package included source maps. Roughly 512,000 lines of proprietary TypeScript spread across GitHub, spawned independent forks that bypassed restrictions, and triggered a DMCA sweep that accidentally took down roughly 8,100 legitimate repositories before Anthropic acknowledged the mistake.
These are not one bad day. They are a pattern, and the pattern is what matters.
If the Mythos safety claim was real and the distribution failed, Anthropic cannot be trusted to handle dangerous capability. If the Mythos capability claim was fake, Anthropic cannot be trusted to tell you what they actually built. I leave the third option to you.
What to do, by audience
To CISOs: Identify your attack surface this week. Reduce your blast radius this month. Stop funding things that perform security and start funding things that contain failure. The Mythos news is not a budget request for a Mythos defense product. It is a budget request for the work that has been on the back of your list since you took the job.
To IT operations leaders: Run a real recovery test this quarter. Not a tabletop. Not a partial. Actual restore from actual backup, validated end to end, with a stopwatch on it. If your team can't pull it off, that is the project. Fix the operations house before the AI house arrives at the door.
To boards: Ask your CIO and CISO three questions in your next briefing. When was the last full recovery test? What failed? What changed since? If they can't answer in concrete terms, you don't have a security program. You have a press release waiting to happen.
The close
If the safety claim was real and the distribution failed, Anthropic cannot be trusted. If the capability claim was fake, Anthropic cannot be trusted. I leave the third option to you.
The messenger is not the point. The work is the point.
Take action today. Before you are a headline.
Sources
- The Hacker News: Claude Code source leaked via npm packaging error
- TechCrunch: Anthropic took down thousands of GitHub repos after the leak
- IANS: Anthropic's Claude Code leak exposes safety gaps