> An amazingly successful marketing stunt for sure.

This. Well done by Antropic.

It even reached the CISO of my small semi-government org in the Netherlands, who slightly panicked at the announced 'tsunami' of vulnerabilities that was coming with Mythos.

Got us some more money and priority with the board, though.

Never waste a good marketing scare.

▲

fpesce 2 hours ago | parent | next [-]

I don't agree with the "no tsunami in sight": if you don't look at 100+ bugs in Firefox and many more OSS projects, bunch of old unseen-before OpenBSD/Linux RCEs, and a few LPE in just 2 or 3 weeks for Linux itself...

IMO, this does not sound like marketing scare, there is spike of vulnerability disclosures - high quality, low false positives - that can be sensed... It feels like we're speedrunning through few-years worth of high quality bug reports in just a few weeks.

▲

apexalpha 2 hours ago | parent [-]

The LPEs were not found with Mythos but with existing, publicly available models.

	▲	stingraycharles an hour ago \| parent [-]
		And also: they did an earlier run with Opus to discover bugs (like segfaults). In February, Opus discovered a whole bunch of security related bugs, but didn’t exploit them. Mythos, in turn, was fed these bugs and told to exploit them. Not saying it’s not impressive, but it was literally told “here are all the places our metal detector says there may be gold, please find gold”.

▲

helloplanets 36 minutes ago | parent | prev | next [-]

Anthropic has is quickly destroying customer goodwill by repeatedly pulling the same stunt. Horrible marketing, imho.

It's an entirely different thing to have the company conduct research on LLMs in general being a cybersecurity threat, instead of going "our new model is just too powerful" and shift the discussion to revolve around that. It's slimey.

	▲	aswegs8 31 minutes ago \| parent [-]
		The bar has become so low lately that no one will care.

▲

markus_zhang 37 minutes ago | parent | prev [-]

org head is smart.