Monday, April 13
Monday, April 13
Anthropic Built a Model So Good at Hacking It Won't Let Anyone Use It
Anthropic's Mythos model is the only thing anyone in security is talking about heading into this week. The numbers are absurd. Its predecessor managed working Firefox exploits twice out of hundreds of attempts. Mythos hit 181. It found a 27-year-old OpenBSD vulnerability and a 16-year-old FFmpeg bug that automated tools missed across five million scans. Anthropic's response: lock it down entirely. Only 12 partner organizations get access through Project Glasswing, a defensive security initiative backed by $100M in credits. It's the first major model withholding since OpenAI sat on GPT-2 in 2019.
Anthropic Built a Model So Good at Hacking It Won't Let Anyone Use It
Anthropic's Mythos model is the only thing anyone in security is talking about heading into this week. The numbers are absurd. Its predecessor managed working Firefox exploits twice out of hundreds of attempts. Mythos hit 181. It found a 27-year-old OpenBSD vulnerability and a 16-year-old FFmpeg bug that automated tools missed across five million scans. Anthropic's response: lock it down entirely. Only 12 partner organizations get access through Project Glasswing, a defensive security initiative backed by $100M in credits. It's the first major model withholding since OpenAI sat on GPT-2 in 2019.
Community Buzz: What Devs Talked About
The weekend had a distinctly back-to-basics energy. While AI product launches kept rolling, the conversations that actually caught fire were about fundamentals: math, desktop UX, GPU toolchains, and how we organize engineering teams.
- The last time a pure math preprint dominated tech conversation this hard was probably the "Attention Is All You Need" era. People love an elegant reduction.
- macOS Dock discourse is a genre unto itself. Every few months someone builds a replacement and the floodgates open on years of pent-up window management frustration.
- NVIDIA's software moat is estimated to represent more switching cost than the hardware price difference itself. That's the backdrop every time AMD says "we're ready."
Mondays are for catching up on what the weekend nerds figured out. Here's the rundown.
The weekend had a distinctly back-to-basics energy. While AI product launches kept rolling, the conversations that actually caught fire were about fundamentals: math, desktop UX, GPU toolchains, and how we organize engineering teams.
- The last time a pure math preprint dominated tech conversation this hard was probably the "Attention Is All You Need" era. People love an elegant reduction.
- macOS Dock discourse is a genre unto itself. Every few months someone builds a replacement and the floodgates open on years of pent-up window management frustration.
- NVIDIA's software moat is estimated to represent more switching cost than the hardware price difference itself. That's the backdrop every time AMD says "we're ready."
Mondays are for catching up on what the weekend nerds figured out. Here's the rundown.
Security and AI Product Watch This Monday
Microsoft suspended developer accounts for WireGuard, VeraCrypt, and others over missed verification, blocking security patches. WireGuard got restored after backlash. VeraCrypt is still locked, and its Windows signatures expire after July, potentially bricking encrypted systems for nearly a million users.
CISA requires federal agencies to patch CVE-2026-5281 by Wednesday. It's a use-after-free bug in Chrome's WebGPU implementation already being exploited in the wild. Fourth Chrome zero-day this year. If you haven't updated Chrome, now's the time.
Florida opened an investigation into ChatGPT's role in the FSU shooting. Court documents show 200+ messages between the suspect and ChatGPT. The probe also examines CSAM risks and foreign adversary data access. Could set precedent for AI company liability as IPO season approaches.
Anthropic launched Claude for Word in beta, putting AI drafting and editing directly into Word's sidebar with tracked changes support. Draft, edit, revise, all without leaving the document. Available on Team and Enterprise plans.
Notion is testing a "Computer" feature that gives its AI agents access to custom VM environments, model selection, trusted URL settings, and scripted workflows. Productivity tools are quietly becoming agent orchestration platforms. This is the clearest sign yet.
The EU's Digital Omnibus package would delay high-risk AI compliance from August 2026 to December 2027 for standalone systems, and to August 2028 for AI embedded in products. A quiet acknowledgment that the original timeline was ambitious.
A new report finds AI browser extensions bypass DLP tools and SaaS logs entirely. They're 60% more likely to have vulnerabilities than average extensions, 3x more likely to access cookies, and 6x more likely to have escalated their own permissions in the past year. They see everything you type.
Favorite Featured Stories
Right now, AI agents have names. They get launched at keynotes with brand identities, marketed as teammates you can @men...
Delaware's government portal goes offline at night. A pharmacy invoice site hides its download link behind a field that ...
Somewhere in a config file, a practitioner is deciding whether "extract pricing data from competitor pages" counts as re...
A purchasing card knows what you can't buy. Wrong merchant category, declined at the register. Over the spending limit, ...
Right now, AI agents have names. They get launched at keynotes with brand identities, marketed as teammates you can @men...
Delaware's government portal goes offline at night. A pharmacy invoice site hides its download link behind a field that ...
Somewhere in a config file, a practitioner is deciding whether "extract pricing data from competitor pages" counts as re...
A purchasing card knows what you can't buy. Wrong merchant category, declined at the register. Over the spending limit, ...