The rapidly growing capability of AI is now appearing to become a new challenge for cybersecurity. AI company Anthropic has decided not to make its new model “Claude Mythos” public. According to the company, this model is capable of identifying and exploiting vulnerabilities hidden in decades-old software systems. Anthropic claims that other AI labs are still 6 to 18 months behind in achieving this level of capability. This has raised concerns that a large part of the internet could become more vulnerable, whether it be streaming platforms, online banking, or search engines. The trend of creating software through AI without special training has also increased, leading to rapid development of applications that lack security checks. As AI becomes more advanced, finding these flaws and misusing them will become easier. Until now, the internet has remained relatively secure because software creation was complex and finding bugs was difficult. But this balance is changing amid growing dependence on open source software. For example, systems like FFmpeg used in video streaming and security-related OpenBSD are running on limited resources. According to Anthropic, Mythos discovered vulnerabilities that were 27 years old in OpenBSD and 16 years old in FFmpeg. Experts fear that hackers could misuse such tools to target hospitals, networks and critical infrastructure. In this situation, experts emphasize that cyber security should be made default, not an option. Companies will have to include security measures in their software from the beginning, so that risks can be controlled in this new era of AI. Make Safety Default Companies incorporating open source code into products should hire workers necessary for maintenance. Companies creating tools like Mythos should hand over these tools to such workers. For millions of new creators building software, there is a need to implement safety measures. These should be by default rather than as a premium feature.
