"Today, models are complex systems that entail far more than just weights. They require complex tools and infrastructure to run them, of which Claude Code is the one we are most used to. Mythos very likely has its own innovations here."
As we are seeing live the effect of a good open source model (gemma-4), there’s already a whole lot of community interest in tinkering with and understanding the models. This is overall a great thing for anyone who cares about AI risks - study it, use it for red teaming, fine-tune it, find out it strengths and weaknesses. When it’s open, the discussions are open, and the risks and failure modes are more visible than closed sourced APIs.
Nathan, you make a fair point: open‑weight fearmongering has been cyclical, and a blanket ban isn’t the answer. But the Mythos case isn’t just about weights – it’s about the absence of runtime enforcement.
Anthropic built a model that autonomously writes exploits, then handed it to a coalition under gated access. That’s not safety architecture. It’s liability distribution. Whether the weights are open or closed, the binding question is the same: who proves every consequential action was authorised before the electron flowed?
Veritas Core answers that with hardware‑rooted gates (PCIe + TPM) and offline‑verifiable receipts – independent of open/closed weights. Let’s focus on building that enforcement layer, not just debating distribution models.
> Unlike some capabilities such as knowledge work, medicine, law, etc., coding can be studied and improved substantially with public data like GitHub.
> I don’t understand the full scope of skills needed to be superhuman in cybersecurity understanding.
Terence Tao has made headlines using AI to assist mathematical proofs. Cybersecurity is the same thing, except it is looking for counterexamples to disprove the security of a system. The counterexamples serve as clear pass/fail criteria for the model to optimize for.
Unlike software engineering in general which requires understanding human intents and fulfilling human desires, cybersecurity is much more akin to the game of Go. Which means training for cybersecurity is not bound to public data. Like AlphaZero, the current models are fully capable of playing the cybersecurity game with itself (or another instance of it), like humans play Red Team vs Blue Team games at cybersecurity competitions.
Playing the cybersecurity game can have the great side benefit of also enhancing general software engineering, which acts as the Blue Team side of the game.
> how bad is it actually
> The cyber insurance market is worth $20.56 billion in 2025

Even before Claude Mythos, the defense is lagging the attack. Also the most crucial systems, medical and infra, are designed to run decades without patching.
> An average of 131 new CVEs were disclosed every day in 2025. Hadrian's analysis of Mandiant data tracked an average time-to-exploit of negative one day, which demonstrates that attackers weaponized vulnerabilities before patches were available.
> Meanwhile, 50% of critical CISA KEV vulnerabilities remained unpatched 55 days after a fix was available, and those are the vulnerabilities already known to be actively exploited. That asymmetry between attackers and defenders pre-dated the Mythos announcement.

One interesting thing, Mythos is getting access to a whole lot of code so companies can fix their vulnerabilities. Why though? Without the code threat actors, even using Mythos, would have a hard time finding the vulnerabilities. Its reverse engineering a needle in a haystack. Far easier ways for threat actors to get in through the front door than looking for new vulnerabilities.
"Today, models are complex systems that entail far more than just weights. They require complex tools and infrastructure to run them, of which Claude Code is the one we are most used to. Mythos very likely has its own innovations here."
I would read 4000 words on just this subject
Outdated, but this was the short version from last fall. https://www.interconnects.ai/p/thinking-searching-and-acting
It's been a recurring theme in recent articles, of course.
I also discussed it in recent talks, e.g., but none were recorded. https://docs.google.com/presentation/d/1K3bM3K7q_CBcXzUCX7a1YvUHAycpvTKZbJElKSOdiok/edit
As we are seeing live the effect of a good open source model (gemma-4), there’s already a whole lot of community interest in tinkering with and understanding the models. This is overall a great thing for anyone who cares about AI risks - study it, use it for red teaming, fine-tune it, find out it strengths and weaknesses. When it’s open, the discussions are open, and the risks and failure modes are more visible than closed sourced APIs.
Well-timed post and important facts!
Nathan, you make a fair point: open‑weight fearmongering has been cyclical, and a blanket ban isn’t the answer. But the Mythos case isn’t just about weights – it’s about the absence of runtime enforcement.
Anthropic built a model that autonomously writes exploits, then handed it to a coalition under gated access. That’s not safety architecture. It’s liability distribution. Whether the weights are open or closed, the binding question is the same: who proves every consequential action was authorised before the electron flowed?
Veritas Core answers that with hardware‑rooted gates (PCIe + TPM) and offline‑verifiable receipts – independent of open/closed weights. Let’s focus on building that enforcement layer, not just debating distribution models.
> Unlike some capabilities such as knowledge work, medicine, law, etc., coding can be studied and improved substantially with public data like GitHub.
> I don’t understand the full scope of skills needed to be superhuman in cybersecurity understanding.
Terence Tao has made headlines using AI to assist mathematical proofs. Cybersecurity is the same thing, except it is looking for counterexamples to disprove the security of a system. The counterexamples serve as clear pass/fail criteria for the model to optimize for.
Unlike software engineering in general which requires understanding human intents and fulfilling human desires, cybersecurity is much more akin to the game of Go. Which means training for cybersecurity is not bound to public data. Like AlphaZero, the current models are fully capable of playing the cybersecurity game with itself (or another instance of it), like humans play Red Team vs Blue Team games at cybersecurity competitions.
Playing the cybersecurity game can have the great side benefit of also enhancing general software engineering, which acts as the Blue Team side of the game.
> how bad is it actually
> The cyber insurance market is worth $20.56 billion in 2025

-- https://heimdalsecurity.com/blog/cyber-insurance-statistics/


> What will never get fixed?


Even before Claude Mythos, the defense is lagging the attack. Also the most crucial systems, medical and infra, are designed to run decades without patching.
> An average of 131 new CVEs were disclosed every day in 2025. Hadrian's analysis of Mandiant data tracked an average time-to-exploit of negative one day, which demonstrates that attackers weaponized vulnerabilities before patches were available.
> Meanwhile, 50% of critical CISA KEV vulnerabilities remained unpatched 55 days after a fix was available, and those are the vulnerabilities already known to be actively exploited. That asymmetry between attackers and defenders pre-dated the Mythos announcement.

-- https://www.dashlane.com/blog/mythos
One interesting thing, Mythos is getting access to a whole lot of code so companies can fix their vulnerabilities. Why though? Without the code threat actors, even using Mythos, would have a hard time finding the vulnerabilities. Its reverse engineering a needle in a haystack. Far easier ways for threat actors to get in through the front door than looking for new vulnerabilities.