⛓️Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem. It appears that Intel BootGuard may not be effective on certain devices based on the 11th Tiger Lake, 12th Adler Lake, and 13th Raptor Lake. Our investigation is ongoing, stay tuned for updates.

The rax emulator now lives under the Hex-Rays brand github.com/HexRaysSA/rax

Discovery of N-day vulnerabilities are largely solved at scale by the Mythos and Opus models, for both proprietary and open-source software. It’s time to seriously rethink vulnerability disclosure and time-to-fix timelines. Cascading effects across the software supply chain are becoming a serious bottleneck.

Fable 5 is the same underlying model as Mythos 5, but with cybersecurity and biology blocks. Mythos is the first model that's made me feel that we've entered the next phase of model progress. For years, we've talked about cybersecurity / self-improvement / autonomy / model-dominated coding / biology implications of model progress. Some of these are issues to defend against; some are areas to advance. Mythos has made me & our team feel like we've seen the earliest glimpse of the world we've been talking about. Also, we published a lot of cyber eval results in the system card, including some evals we designed recently, as well as details of safeguards. In most cases, Mythos 5 ~= Mythos Preview. We found it ticked up on the new ExploitBench eval, and we opted to put that in the eval table so people can calibrate/update on advances in cyber capabilities to be prepared for. (We don't want to compete on offensive capabilities and don't try to.) But overall, Mythos 5 is an efficient model, about equal to Mythos Preview in most cases. I'd really like more people to design new security evals! The better models get, the more our limited evals only see a small part of the picture. In terms of where we go from here, here are some current thoughts: 1/ It's important we get Mythos cyber capabilities to defenders. We just have to do it safely and cautiously. We're working on an expanded trusted access program. We're working with government and industry to do this. I sort of envision the next 1-2 years being a large scale effort to make the world resilient design & implement new approaches to security. 2/ I think cybersecurity will start merging with AI security and alignment. Let's say you're a defender and you want to use a model -- will it break out of its sandbox? Will it stop where you tell it to stop? This is one reason I'm excited about working on cybersecurity. In the limit, it's the same thing as AI security. 3/ I really want people to develop new evals for... defensive cybersecurity, hardware security, autonomously running a business, advanced biology, and other parts of national security. Our internal eval ship rate is way, way up because Mythos makes it easy to iterate, especially on the engineering aspect of building evals. (Sometimes, we ask new hires to make a new eval on their first day, and another on the next). I’m excited we’re making this available as Fable 5, because I think the world spending time with the model is the most important way to calibrate.

Performing better than Opus models in RE/VR projects 🎉

New post on Red today: Our team @AnthropicAI found that Mythos Preview is meaningfully better at developing N-days. It took us a couple thousand $ and a few hours to convert patches into exploits. We publish research like this because we think it's important the world knows what models are/will be capable of. In a year, Mythos will probably look trivial. We want to help the world to start preparing. I'm excited to share a lot more blue team / defensive work. I feel like people are aware of the issue now, and the team's task is now to "solve it all" -- we have some exciting / interesting / creative defensive research lined up.

If models are just going to get better, even than Mythos, the time for those models to turn a patched vulnerability into an exploit will keep shrinking from hours to minutes. I have a hard time imagining the entire world continuously deploying updates in minutes every time that an update for any software they use is released without other adverse effects. The right strategy has to be achieving sufficient security without relying on patching (still do it, but don't depend upon winning the race).

🔺NEW: Apple is expanding Private Cloud Compute (PCC) beyond our data centers. PCC on Google Cloud: NVIDIA Confidential Computing, Intel TDX, and Google's Titan chip, with capabilities that go far beyond a traditional confidential computing deployment. security.apple.com/blog/expa…

Claude Opus 4.8 is quite good at RE/VR tasks and can provide additional explainable context on the targets. This in itself is a significant time-saver for any REsearch work.

MCP is slow for RE-heavy projects and, in some cases, is unstable. ghidra-rpc is way faster than MCP and scales more efficiently in a multi-agent setup, since it outputs structured JSON.

We're mostly an IDA shop at @CellebriteLabs, but I decided to play around with Ghidra. My main motivation was to experiment with agentic reverse engineering techniques. The result is an agent skill for Ghidra, which we are releasing publicly: github.com/cellebrite-labs/g… >>

Follow every Mythos discovery through our coordinated vulnerability disclosure dashboard. red.anthropic.com/2026/cvd/

We're expanding Glasswing today. To solve such a big/complex/urgent problem, we need Mythos-level capabilities in as many defenders' hands as possible. That's why we're working on safeguards to scale that safely ASAP. 11 of my reflections from the past 2 months of Glasswing 🧵:

In the past months, I have advocated where I could to stop investing in obfuscation as a protection mechanism. It was good at frustrating humans but machines just don't care that much. Packing is more effective so far but I don't expect this will last.

I was going to make this same point: “Is there even such thing as Security Through Obscurity” anymore? “I” (Claude) made short work of some DexProtect-ed Android app the other day to extract info I needed

This is a critical point for defenders to get: "Beyond the acceleration in vulnerability research and malware analysis, the same new reality applies to software protection, and security by obscurity, or assuming the attacker is limited in compute and motivation, no longer works."

Previous generations of software protection (DRM perspective) have always relied on code complexity (for RE), compute limitations, and human limitations as the guarantees that kept hacking timelines reasonably long. That's changed now. Beyond the acceleration in vulnerability research and malware analysis, the same new reality applies to software protection, and security by obscurity, or assuming the attacker is limited in compute and motivation, no longer works.

Offensivecon's talks are now available on our YouTube channel! 🔗 buff.ly/g63xgm5

"As part of Project Glasswing, a small number of organizations are currently using Claude Mythos Preview for cybersecurity work. Models of this capability level require stronger cyber safeguards before they can be generally released. We’re making swift progress on developing these safeguards and expect to be able to bring Mythos-class models to all our customers in the coming weeks."