The U.S.Cybersecurity and Infrastructure Security Agency (CISA) is reportedly utilizing Anthropic's Mythos model to scan government code repositories for security vulnerabilities.
According to sources, the audits have already uncovered numerous bugs, though details about the scope of the review or the severity of the issues remain unclear.
The Attack Surface Evaluation team within CISA conducts these assessments, which involve digital security evaluations and hacking exercises across federal systems.Meanwhile, the National Security Agency (NSA) has been using Mythos since April, despite being on a blacklist.
Anthropic's public release of Fable, a version of Mythos with cybersecurity safeguards, prompted the White House to ban foreign access, leading to a global shutdown that was lifted last week.
Critics note that while AI models like Mythos can identify potential vulnerabilities and reduce oversight gaps, they also generate false positives, requiring additional validation layers.
Comments from developers highlight both the utility and limitations of these tools, emphasizing the need for iterative testing and human review to ensure accuracy.
Original title: US Cyber Agency Is Using Anthropic's Mythos To Audit Government Code
The AI system has determined that this news is clickbait/sensationalist: : The original title uses hyperbolic language like 'Using... to Audit' which exaggerates the significance of AI adoption in cybersecurity, making it sensationalist. This has coincided with the opinion of the majority of users.