Mythos and Cybersecurity

Last week, Anthropic pulled back the curtain on Claude Mythos Preview, an AI model so capable at finding and exploiting software vulnerabilities that the company decided it was too dangerous to release to the public. Instead, access has been restricted to roughly 50 organizations—Microsoft, Apple, Amazon Web Services, CrowdStrike and other vendors of critical infrastructure—under an initiative called Project Glasswing.

The announcement was accompanied by a barrage of hair-raising anecdotes: thousands of vulnerabilities uncovered across every major operating system and browser, including a 27-year-old bug in OpenBSD, a 16-year-old flaw in FFmpeg. Mythos was able to weaponize a set of vulnerabilities it found in the Firefox browser into 181 usable attacks; Anthropic’s previous flagship model could only achieve two.

This is, in many respects, exactly the kind of responsible disclosure that security researchers have long urged. And yet the public has been given remarkably little with which to evaluate Anthropic’s decision. We have been shown a highlight reel of spectacular successes. However, we can’t tell if we have a blockbuster until they let us see the whole movie.

For example, we don’t know how many times Mythos mistakenly flagged code as vulnerable. Anthropic said security contractors agreed with the AI’s severity rating 198 times, with an 89 per cent severity agreement. That’s impressive, but incomplete. Independent researchers examining similar models have found that AI that detects nearly every real bug also hallucinates plausible-sounding vulnerabilities in patched, correct code.

This matters. A model that autonomously finds and exploits hundreds of vulnerabilities with inhuman precision is a game changer, but a model that generates thousands of false alarms and non-working attacks still needs skilled and knowledgeable humans. Without knowing the rate of false alarms in Mythos’s unfiltered output, we cannot tell whether the examples showcased are representative.

There is a second, subtler problem. Large language models, including Mythos, perform best on inputs that resemble what they were trained on: widely used open-source projects, major browsers, the Linux kernel and popular web frameworks. Concentrating early access among the largest vendors of precisely this software is sensible; it lets them patch first, before adversaries catch up.

But the inverse is also true. Software outside the training distribution—industrial control systems, medical device firmware, bespoke financial infrastructure, regional banking software, older embedded systems—is exactly where out-of-the-box Mythos is likely least able to find or exploit bugs.

However, a sufficiently motivated attacker with domain expertise in one of these fields could nevertheless wield Mythos’s advanced reasoning capabilities as a force multiplier, probing systems that Anthropic’s own engineers lack the specialized knowledge to audit. The danger is not that Mythos fails in those domains; it is that Mythos may succeed for whoever brings the expertise.

Broader, structured access for academic researchers and domain specialists—cardiologists’ partners in medical device security, control-systems engineers, researchers in less prominent languages and ecosystems—would meaningfully reduce this asymmetry. Fifty companies, however well chosen, cannot substitute for the distributed expertise of the entire research community.

None of this is an indictment of Anthropic. By all appearances the company is trying to act responsibly, and its decision to hold the model back is evidence of seriousness.

But Anthropic is a private company and, in some ways, still a start-up. Yet it is making unilateral decisions about which pieces of our critical global infrastructure get defended first, and which must wait their turn.

It has finite staff, finite budget and finite expertise. It will miss things, and when the thing missed is in the software running a hospital or a power grid, the cost will be borne by people who never had a say.

The security problem is far greater than one company and one model. There’s no reason to believe that Mythos Preview is unique. (Not to be outdone, OpenAI announced that its new GPT-5.4-Cyber is so dangerous that the model also will not be released to the general public.) And it’s unclear how much of an advance these new models represent. The security company Aisle was able to replicate many of Anthropic’s published anecdotes using smaller, cheaper, public AI models.

Any decisions we make about whether and how to release these powerful models are more than one company’s responsibility. Ultimately, this will probably lead to regulation. That will be hard to get right and requires a long process of consultation and feedback.

In the short term, we need something simpler: greater transparency and information sharing with the broader community. This doesn’t necessarily mean making powerful models like Claude Mythos widely available. Rather, it means sharing as much data and information as possible, so that we can collectively make informed decisions.

We need globally co-ordinated frameworks for independent auditing, mandatory disclosure of aggregate performance metrics and funded access for academic and civil-society researchers.

This has implications for national security, personal safety and corporate competitiveness. Any technology that can find thousands of exploitable flaws in the systems we all depend on should not be governed solely by the internal judgment of its creators, however well intentioned.

Until that changes, each Mythos-class release will put the world at the edge of another precipice, without any visibility into whether there is a landing out of view just below, or whether this time the drop will be fatal. That is not a choice a for-profit corporation should be allowed to make in a democratic society. Nor should such a company be able to restrict the ability of society to make choices about its own security.

This essay was written with David Lie, and originally appeared in The Globe and Mail.

Tags: , , ,

Posted on April 17, 2026 at 7:02 AM28 Comments

Comments

haarp April 17, 2026 7:37 AM

Is there a complete list of all participants in project glasswing?

I wonder whether membership in that probably somewhat exclusive circle will affect businesses of software producers, be it directly i.e. when customers/clients base policy driven decisions on that, or indirectly by potential impact on share prices, or insurance fees.

Saaaaaaam April 17, 2026 8:01 AM

Is there any expectation at all that Mythos-level AI is needed to find bugs in software for industrial control systems, medical devices, regional banking? These are the fields where sad experience shows the software is typically utterly insecure.

K.S April 17, 2026 9:47 AM

I don’t see a flood of critical CVEs getting patched, as such there is no evidence to support claims about Mythos capability. Don’t get me wrong, it is likely an evolutionary step and a nice tool, but the rest is marketing FUD.

BCS April 17, 2026 9:51 AM

I wonder if truth in advertising would be a good framework to work from? Basically, if someone chooses to release some information but not others, and if that results in people making assumptions that are inaccurate (presumably in the favor of the people who made the choice of what to release), then they are at least partly responsible for any adverse outcome that results from that inaccuracy.

That would create a strong incentive to either show the complete picture or make it clear what parts have been censored.

Steve April 17, 2026 10:27 AM

This article did not even mention the risks associated with the broader distribution it advocates. Even in this restricted regime, there is risk that abuse can happen. How much worse does that get when professors are sharing it with their grad students?

John Michael Thomas April 17, 2026 12:54 PM

Mythos undoubtedly is an advancement. But the claims that it’s too dangerous to release publicly is pure marketing hype – just like OpenAI’s nearly identical claim about GPT-2 was back in 2019.

The Artificial Intelligence Made Simple substack (by Devansh) posted a great, deep article on all the spin yesterday. I’m not including the link, because my comments tend to get memory-holed for review when I do – but it’s well worth the effort to find and read it.

Ray Dillinger April 17, 2026 1:29 PM

I note a problem, with both attempts at legislating about AI models and attempts at characterizing their impact on other fields of knowledge. Legislators mostly focused on law, and researchers mostly focused on other fields, are not keeping abreast of the capabilities of current models, nor taking in the truly impressive rate of advance in those capabilities.

When folks legislate about what AI models get right or get wrong, they legislate for six months about a product or process that undergoes profound advances within three months. Legislation that assumes an AI model is not able to do something, runs smack into an AI model that does exactly that before it even gets to a vote. Not because the assertion was wrong when the process began, but because the capabilities are changing profoundly, faster than legislation can be passed.

Likewise if a security researcher is skeptical that there is a need to guard against capabilities claimed this month, they ignore the fact that whether or not those claims are excessively optimistic now, if most of them are at least plausible to researchers who actively study the current state of AI models, they are either real or will be arriving and getting refined with unnerving speed, possibly even before their skepticism has been published.

Bruce’s comments about LLM’s capabilities (w/r/t false positives etc) may be relevant for a month or two, or they may already be outdated. But remember the fundamental truth of security: Attacks always get better. In this case they are getting better exponentially faster than mathematical attacks against cryptographic algorithms have ever gotten better.

People discovered ways to do unexpected things with crude but deep topologies about a decade ago, and since then, making bigger models just as fast as hardware advances allow. But there’s also been a huge push on research, and people have advanced these models far more than just increased bigness alone would have allowed.

New fundamental capabilities appear regularly with research breakthroughs and new network topologies, and get developed and refined with extreme rapidity. AI models have vastly increased their capabilities, PARTICULARLY WITH CODE, just this year and especially just during the last four months or so.

This is not just incremental change from model size, this is fundamental differences about the way new models work. Reorganization of network topologies are revealing capabilities that are new in kind and scale in ways that sometimes make as much difference as the difference between O(2^n) and O(logN) processes. Sure, both run faster with more hardware, but the better algorithm is so much better that it represents a fundamentally different capability.

Researchers study how information flows through these models and finding ways to make particularly useful kinds of information more available at times and in areas where it is most useful. They’ve been learning how to tweak training algorithms to train these new models more efficiently. They’ve researched, tested, and refined different types and organizations of network topology and found ways to optimize performance on a set of tasks that is growing by leaps and bounds.

I don’t know for sure what Claude’s current architecture entails. But I know the kind of things Anthropic’s been working on – recurrent network topologies and static data caches to work with and retain remembered information, checking responses against formal-ish information structures the model has constructed and making sure they don’t entail logical contradictions, methodically considering several most likely results of a particular intermediate step instead of one considered most likely, AND identifying common properties of these results, etc. There’s more complexity in modeling and monitoring and checking the process and conclusions now than there is actually performing the process and reaching the conclusions.

I don’t doubt that they’ve done exactly what they say they’ve done. If they haven’t, or even if they’re just describing it optimistically, then it’s close. Someone will be doing exactly that and more within a year.

Clive Robinson April 17, 2026 1:48 PM

@ Martin Kofoed, ALL,

With regards,

“I guess this also marks the end of all those bug bounty hunting programs…”

I’ll bet you “the price of a pint” they are not… Except for a short while whilst reality catches up to management and overcomes the idiocy of the AI hype.

Put simply people are not thinking and actually reasoning.

So take a thoughtful look at @Bruce’s comment of,

“And yet the public has been given remarkably little with which to evaluate Anthropic’s decision. We have been shown a highlight reel of spectacular successes. However, we can’t tell if we have a blockbuster until they let us see the whole movie.”

We all know that @Bruce tends to look on the “good side”

Whilst “Me I’m the realist who every thinks is paranoid, untill the turkey’s come home to roost.

As I’ve mentioned before I’ve hung around AI and Robots since the early 1980’s and I’m way way less generous towards AI research than most people are and I see no change in the way the wind blows for me to change the tack of my sails.

So I ask the question,

“Have we really been shown a “highlight reel” or just had a load of breathless comments pushed out about things?”

I think it’s the latter, not the former.

In fact I’ce said as much just a couple of days back and warned,

“Quantity is not Quality”.

There are three basic types of vulnerability instant in classes of instants,

1, Known, Knowns
2, Unknown, Knowns
3, Unknown, Unknowns

With the first type veing what I would expect current AI systems that work in a similar way to Alpha-Fold and the other Alpha-XXX systems to work and a few of the LLM systems if and only if (IFF) their ML training set has been properly curated. Thus they behave as you would expect a rules and logic based system like a 1980’s “Expert System + Fuzzy Logic” to work.

But don’t expect any “reasoning” so there will not realistically be any

“Black Swan” types of “Unknown Unknowns” above basic chance being found.

And it’s these Black Swans that even now earn the “bounty bucks” because humans can “reason them out” and as far as I can tell Current AI can not reason in anything like the way humans can.

Have a read of,

https://garymarcus.substack.com/p/three-reasons-to-think-that-the-claude

Although Gary Marcus is an LLM Skeptic in many ways, he’s still a lot more generous than I am in this regard.

My view is “we’ve been played” and whilst there is some improvement,

“It ain’t nothing to bring the cat in over… And certainly nothing to load the muskets for.”

In short,

“It ain’t bear not even raccoon just possum”…

But trust me I would be very happy to be proved wrong… Because the “flip side” will actually be “the up side”… And a clarion call for Management and Marketing to actually think a little more “long term” rather than keep stuffing problems under a snow storm of never to be acted upon tickets untill the tsunami of technical debt comes crashing down.

I actually want “Software development” to be a very real “engineering subject” not the “artisanal patterns” and “guild secrets” of pre-industrial revolution it currently resembles. That as history shows with Victorian Steam engines led to body parts strewn around the countryside…

Clive Robinson April 17, 2026 2:27 PM

@ Bruce, ALL,

With regards,

“Yet it is making unilateral decisions about which pieces of our critical global infrastructure get defended first, and which must wait their turn.

It has finite staff, finite budget and finite expertise. It will miss things, and when the thing missed is in the software running a hospital or a power grid, the cost will be borne by people who never had a say.”

Not only did they “never have a say” they will “never get a say” as long as “resources fail to meet demand”.

Such is the truth behind all “triage systems”.

Some will win big, by triage, some will loose bad, and some will simply stop existing.

The real question is,

“If you come out on the benefit side of triage, what do your morals say you should do?”

And,

“Will you act on them?”

It’s why I keep mentioning the “self entitled” and the fact all to often they are at the wrong end of,

“Individual Rights -v- Social Responsibilities”

The problem is as the old sayings of,

“No man is an island”

And,

“We stand on the shoulders of giants”

Alludes to, with the latter more aptly expressed in a much earlier form, attributed to Bernard of Chartres’ Metaphor from the “Twelfth-Century Renaissance” whichy in effect includes both,

“We are like dwarfs perched on the shoulders of giants, so that we can see more than they, and things at a greater distance—not by virtue of any sharpness of sight on our part, or any physical height, but because we are carried high and raised up by their giant stature.”

Or as some prefer to say,

“A flood tide lifts all well found boats the same.”

We need to remember humility and responsibility to others.

Almost P00P April 17, 2026 5:07 PM

I know for sure that if my name was extremely close to P00P I’d sure as hell change it in a hurry. Plus spying on ypur neighbors will not get ya far, fckn garbage.

anonymous April 17, 2026 5:42 PM

The relevant linked article has the title “thousands of vulnerabilities uncovered across every major operating system and browser”, which is false clickbait and misquoting. The correct quote is the body of the article: “thousands of high-severity vulnerabilities, including some in every major operating system and web browser”, which is not a huge achievement for the record. In fact, it’s possible that the rest of the said vulnerabilities pertain only open-source toy projects abandoned a decade ago.

Ralph April 17, 2026 6:47 PM

What is Anthropic doing to meet their ongoing “responsible disclosure” obligations for future vulnerabilities discovered by their AI.

Are they going to ensure that the authors of the code going to get an advance heads up? Or are they putting that in the “too hard” bucket?

Or has “responsible disclosure” really all along been mostly about big companies avoiding embarrassment over how bad their code is?

It reminds me with the situation with photo id at airline checkins in the 2000 to 2010 period (at least in NZ, maybe different elsewhere). At first showing photo ID was essential for “important airline security reasons”, and the added ability to monetize transfer of tickets between customers was only an “accidental” side-effect. Then LCD touch screens became good enough to build automated check-in terminals, and those “important security reasons” evaporated overnight.

lurker April 17, 2026 8:35 PM

Most (all?) of the bugs found so far by Mythos Preview are by necessity in open source projects. And some of those were found by the human prompter refining the prompt iteratively until the AI zoomed in on the bug. Some were found by pointing the AI to another method to escape a sandbox.[1]

What are the non-open-source vendors going to do with their access to Mythos? Some of them will be so protective of their code they are unlikely to passs it all thru the sieve. Some are likely out of old bad habit to sweep any discoveries under the carpet.

The public announcement of Glasswing was a bit scary. Scary announcements are bad for sales. It’s hard to imagine much useful resulting from this.

[1] https://www.artificialintelligencemadesimple.com/p/anthropics-claude-mythos-launch-is

Weather April 17, 2026 11:16 PM

People wrote a script to use a debugger, blackhat 14th if memory serves, this Ai is doing know better ,information size you lot mentioned, do we need adviced fuzzers checking code. The answer stands out out but thhey(some skills) don’t understand the part.

Everytime i show up, the spam bots do? What

Clive Robinson April 17, 2026 11:27 PM

@ lurker, ALL,

Careful how you go…

With regards,

“Most (all?) of the bugs found so far by Mythos Preview are by necessity in open source projects.”

There is a lot of unstated assumptions behind that statement.

One of which is the “high level -v- low level” code issue.

Many are assuming that Current AI tech needs high level source code to go “bug hunting” in.

This is a false assumption. Most Current AI systems work by “statistical mask matching” or “adaptive filtering” depending on what type of domain language you want to use… Thus they will work with any level of code statistics that can be extracted and analyzed from any level on the computing stack…

That means they can have the statistics from the lowest levels such as “Register Transfer Language” that is lower than microcode in the computing stack upwards through the various levels of “interpreted executable” all the way across the ISA-Gap into high level compiled and plain source through even to ASN1 and the like used in specifications to define functionality.

Further it will be able to work with not just plain human language in pre-specifications but “spray diagrams” and the like as well. And become the equivalent of an “etcha-sketch” system with an “observing entity” of some limited “reasoning ability” based on “experience” that is extracted from the statistics of “good examples” (we saw the start of this back in the 1980’s with “Expert Systems” and “fuzzy logic” but lack of resources at the time…).

It’s one of the reasons such use of statistical filter and match systems is going to be quite scary over the next few years as all but a tiny number of people[1] have to become “professional not artistic” and play “catch-up”, and developing those resources is going to be a half century or so slog.

Is this a “bad thing” well that depends on your point of view…

At the moment we are seeing this same issue playing out at toward the top end of the computing stack with “vibe coding” and it’s currently fairly dire results. Expect this to change fairly rapidly as some of the “Neurosymbolic AI” methods seen in the likes of Alpha Fold etc get greater integration[2] but it’s going to get contentious as history shows with previous “flame wars”.

This process by the way is actually not new by any means… look up “The Last One” system developed for the Apple ][ back in the 1980’s or even heaven forbid the earlier “Cobol” or other “weird high level scripting / interpreted languages” where “high level” became esoterically abstracted back to an entirely different “logical way” of performing “reasoning about desired function” and how to express it in a more formal way[3].

[1] These few people are those that can reverse engineer at any level. Back when Integrated Circuits were “hand taped out” they were the “Electronics Design Engineers” responsible. Over time due to the necessities of production they became increasingly distanced by CAD / CAM systems much as “mechanical engineers” had become distanced by CNC machines.

With such “distancing” the “implicit feelings” developed become harder and harder to acquire by non engineering and science methods. And Artisanal coding so many practice today will by necessity be restricted to very limited activities for near everyones safety and security…

[2] One of those “cat out of the bag” moments recently happened have a hunt around for the apparently unintentional leaking of Claude Code,

https://arstechnica.com/ai/2026/03/entire-claude-code-cli-source-code-leaks-thanks-to-exposed-map-file/

And in particular one part of the half million lines of code released the just over 3,000 lines of code in “print.ts”, that forms it’s kernel.

Because this shows that Claude is not in any way just another “Stochastic Parrot” LLM with Guardrails as many have supposed… But actually way way more of a thoughtfully worked out classical symbolic AI system that Expert Systems tried to be.

That is Anthropic have crossed into “the dark side” as some see it by forming the first step of a “Neurosymbolic Hybrid” system. There are still other steps to be taken as outlined in,

https://arxiv.org/abs/2002.06177

It will I promise be worth the read of those with a thoughtful outlook.

[3] If you look back on this blog a few years you will find I’ve done some thoughtful research into what I call “Probabilistic Security” as part of the “Castle -v- Prison” system. Where I point out that there was no way we could get the required number of “Security Expert Software Developers” in any near future time line. Thus the way to do it was “not to bother” trying to do so, but go a different route. That is in effect “*nix scripting” with “secure tasklets” that were built by those with the very limited availability “security skill set”. As part of this the “secure tasklets” would generate “execution signatures” where by a running tasklet could be stopped by a hypervisor and have it’s execution signature checked to see if it was “running as expected” thus any anomalous execution could be stopped early on and referenced up the hypervisor tree to alert operators etc.

In a way it was designed to in part get around the implications of Kurt Gödel’s 1930’s revelations which point out why AV software really can not do what people think it can do…

lurker April 18, 2026 2:02 AM

@Clive Robinson, ALL

Sure, Anthropic’s machines will be capable of some fancy decompiling and reverse engineering. Maybe I give them too much credit when I assume their lawyers have carefully scrutinised the ToS and Licences for any of the proprietary software they have examined. Which is why I assume they “invited” those vendors to come aboard Project Glasswing.

Nice Operating System you’ve got there. Be a pity if something happened to it …

Clive Robinson April 18, 2026 2:50 AM

@ lurker, ALL,

With regards,

“Maybe I give them too much credit when I assume their lawyers have carefully scrutinised the ToS and Licences for any of the proprietary software they have examined.”

Ahh, the “US issue” where conditions in TOS documents take on Criminal Law equivalence or so we’ve been told in the past.

And “Larry Boi’s” Oracle have behaved as such in the past with a certain “lady of note” sending out threatening missives when people called their 100% secure nonsense into question with good reason (like Larry himself much of it was bogus nonsense).

The thing is most other places even those who “rent or lease” have certain basic rights to verify that things are,

1, Safe
2, Secure
3, Fit for purpose
4, Do not carry hidden liability

The US Corporates however want these sensible rights outlawed hence the push to get US DMCA 1201 embeded in every other sovereign states National Legislation.

On the pretence of “no right of repair” it actually goes deeper (the right for the “World Economic Forum”(WEF) to enslave and eradicate as they see fit on their Project 2030 according to some people.

DMCA 1201 is as I’ve indicated in the past something that Cory Doctorow quite rightly has a thing against. It was pushed by the US under threat of swinging trade tariffs, which we now all know is a “deal” that the current US Executive has broken repeatedly and will continue to do so.

Arguably it is this idiocy that has finally made many politicians realise they do not have a future with the US or it’s Corporations and it’s now more than sufficient to “break with the US” and form other trade, economic and even political alliances and unions.

Hence you hear a lot these days about “Data Sovereignty” and also moving away from US Defence / Arms industry (which has been the balance for the US-Petro Dollar deficit and prop-up of it’s own war efforts via the US MIC).

Even the use of the US Dollar as the “Trade Currency” is getting called into question. After all why go down with their ship because,

“The US Captain tilts at icebergs whilst trying to ride an unwilling nag?”

Nobody can reasonably predict what is coming next and that lack of stability is making many nervous which in turn is making investment almost to much of a risk to make. A situation that historically has lead to recession, and in many places hyper inflation and so on to civil war…

Hence many are thinking if not saying it’s time to “box-out” the US and some of it’s ill advised political allies and it’s corporations “for safeties sake”.

lurker April 18, 2026 3:05 AM

“The difference is that the Strait of Hormuz – we know where it is and we know how large it is… the issue that we’re facing with Anthropic is that it’s the unknown, unknown.”
– Canadian Finance Minister François-Philippe Champagne

https://www.bbc.co.uk/news/articles/c2ev24yx4rmo

The UK’s AI Security Institute has published “the only independent report into the model’s cyber-security skills.” TLDR it’s the best so far, but it still doesn’t look like a silver bullet.

https://www.aisi.gov.uk/blog/our-evaluation-of-claude-mythos-previews-cyber-capabilities

Clive Robinson April 18, 2026 4:15 AM

@ Lurker, ALL,

Whilst US AI might be faster and many times more expensive than China’s does it actually make a real difference over all?

How about where white collar jobs might get reduced does any AI actually work?

The answer in both cases is probably “NO” surprisingly to many…

Have a read of,

https://www.bleepingcomputer.com/news/security/most-ai-socs-are-just-faster-triage-thats-not-enough/

Triage just decides on who/what gets resources, it does not actually “do the task” and unsurprisingly it’s the task getting done where both managment and workers tend to align for higher productivity and,

“AI just ain’t cutting it”…

Rontea April 18, 2026 10:31 AM

Limiting access to Anthropic’s Claude Mythos Preview might seem prudent—after all, vulnerability-finding AI can certainly be misused—but secrecy rarely leads to better long-term security. Without broader scrutiny, we risk both overestimating and underestimating the true capabilities of such a system. Security has always thrived on transparency, independent evaluation, and collective resilience. If this model is as dangerous as claimed, that’s all the more reason for structured oversight and shared knowledge, not quiet gatekeeping. History shows that obscurity isn’t a sustainable security posture.

Clive Robinson April 18, 2026 2:01 PM

@ Rontea, ALL,

Your final point above of,

“History shows that obscurity isn’t a sustainable security posture.”

Is true enough, but it also hides an issue that many these days rely on.

Consider,

1, Most management and political thinking is very “short term”.
2, Obscurity can be used to temporarily hide things for slightly longer than “short term”.
3, The management / politician “Long Grass” plays are ways to time shift problems past “short term”.
4, As time to disclosure extends the public loose interest thus engagement thus the feeling for justice / retribution / punishment of those in management and politics.

So you can see why certain types have great faith in “obscurity” as a way of keeping issues at both “arms length” and of “limited fall out / effect”.

But it also allows another technique in…

Just about an hour after the planes hit the World Trade Center building apparently a group Email was sent out in Whitehall (UK Executive) from Jo Moore[1] allegedly with the title,

“Today is a good day to bury bad news”.

Or similar.

She was a “SPAD” not a civil servant and attached to a political office. And it created a scandal that has been all but forgotten publicly…

But it clearly makes the point that when there is a major “if it bleeds it leads” story happening in full public view as “page 1 Headline” people get engaged with it and so fail to pick up on an “end of column note on page 5” etc that actually may be worse long term a lot lot worse.

Thus the potentially worse story is dribbled out with hardly any comment or notice.

[1] A little reminder of Jo Moore[2] and how the tactic still gets used from back in 2012, using the “Summer Olympics” events as the Page 1 lead,

https://www.independent.co.uk/voices/commentators/matthew-bell-it-s-a-very-good-17-days-to-bury-bad-news-8007577.html

[2] But what of Jo Moore?

Well this gives a little on her before and for a little while after,

https://powerbase.info/index.php/Jo_Moore

However for nearly the past two decades she has become less and less visible, with some saying “heaven forbid” she has become a “Primary School Teacher” in North London based in part on,

https://www.independent.co.uk/news/uk/politics/jo-moore-starts-new-career-as-primary-teacher-94850.html

Weather April 18, 2026 6:41 PM

@Clive
“1] A little reminder of Jo Moore[2] and how the tactic still gets used from back in 2012, using the “Summer Olympics” events as the Page 1 lead”

It was in 2010 released, i just said hello in 2012.cheers Andy

Clive Robinson April 19, 2026 12:55 AM

@ Weather / Andy,

To what are you refering? with,

“It was in 2010 released, i just said hello in 2012.cheers Andy”

What you say does not make any sense.

The Summer Olympics were held in 2012 and the Independent news article not only clearly mentions it, but is also dated 2012.

Grima Squeakersen April 19, 2026 8:18 AM

@Clive Robinson re: “basic types of vulnerability instant”

So Mythos was targeted on consolidating, curating, and analyzing existing (but scattered) evidence of vulnerabilities to create plausible exploits? That was not the impression I had from reading the initial mainstream reports, although I can easily imagine that those were accidentally or purposely misleading. What I envisioned was an AI regime trained in types and examples of vulnerability classes and set loose to massively exercise systems and software to uncover vulns that were previously completely undiscovered. Is that within the capability of current LLMs? Would that approach change the actual overall risk scenario significantly?

Clive Robinson April 19, 2026 9:35 AM

@ Grima Squeakersen,

With regards,

“What I envisioned was an AI regime trained in types and examples of vulnerability classes and set loose to massively exercise systems and software to uncover vulns that were previously completely undiscovered.”

It all hinges on what you mean by “completely undiscovered”.

Current AI LLMs actually do “pattern matching”. So if you have a class of vulnerability it has a number of attributes that can be identified.

Find those attributes or “near variations” of them together, then yes you’ve found the “potential” for a new instance of a vulnerability.

Shake known ways to exploit such an instance with a little “stochastic noise” by in effect “fuzzing” and you’ve a higher probability of getting the attributes linked together thus you find an instance that may not have been found before.

The trick that Mythos has apparently pulled is like that of Google Alpha-XXX. They have extended from fuzzing past the old notion of fuzzy-logic into what some call “classical symbolic AI” by building a “Neurosymbolic Hybrid”

Which is what Alpha-Evolve, Alpha-Fold, Alpha-Geometry and Alpha-Proof are all based on.

In effect you have a “Code Interpreter” not just a pattern matcher. And when you are calling code, you are asking symbolic AI to do a very important part of the work, way more efficiently than “fuzzing” can do.

But remember it’s still not “reasoning” or “Generally Intelligent”, it’s acting more like the old “Expert Systems” of the 1980’s.

Which as I explained above means it will find most if not all of the existing but unknown instants close into currently known instants.

Is this an “important step forward” yes, but it’s something we could have done nearly twenty years or more ago rather than chase “scaling” which is now more and more being recognised as not the road to success.

It also means that the US Political Plan to keep China from surpassing the US in AI by “denying chips” etc is also very unlikely to work as a strategy…

Something few in charge politically actually want people to think about let alone realise.

Nor do those with lucrative IPO’s pending… As potential investors will realise that they won’t be getting an “advantage” just a large pile of very expensive sand in a man made dessert with no chance of making a profit let alone a fat ROI.

As for potential “users” that is where people should be focusing their attention. AGI is as far away today as it was before Mythos… Because where neurosymbolic hybrids like Alpha-Evolve, Alpha-Fold, etc score is in “very specific tasks” not “general reasoning” thus they are niche not general and thus only of very restricted use.

Have a read of,

https://deepmind.google/blog/alphaevolve-a-gemini-powered-coding-agent-for-designing-advanced-algorithms/

Weather April 19, 2026 11:14 AM

@Clive Robinson
That post above should get deleted, now i still have no idea what i was saying.

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.