Cloudflare Warns Mythos AI Can Build Real Cyberattacks Ahead of AI Giant's G20 Briefing

# Cloudflare Warns Mythos AI Can Build Real Cyberattacks Ahead of AI Giant's G20 Briefing Source: [https://www.ibtimes.sg/cloudflare-finds-mythos-can-chain-bugs-into-real-cyberattacks-while-anthropic-prepares-face-g20-86620](https://www.ibtimes.sg/cloudflare-finds-mythos-can-chain-bugs-into-real-cyberattacks-while-anthropic-prepares-face-g20-86620) Advanced cybersecurity\-focused artificial intelligence models are rapidly reshaping how software vulnerabilities are discovered and potentially exploited, prompting fresh concerns globally, as Anthropic prepares to brief G20 officials on the risks posed by its powerful new Mythos AI system\. The G20 briefing details come as[Cloudflare](https://www.ibtimes.sg/new-wave-tech-layoff-hits-cloudflare-1100-jobs-hit-ai-reshapes-global-workforce-86216)'s Chief Security Officer, Grant Bourzikas, detailed the capabilities of Anthropic's Mythos Preview under a restricted testing programme called Project Glasswing, describing the model as a major leap in offensive and defensive cybersecurity research\. For months, Cloudflare said it tested multiple security\-focused large language models \(LLMs\) on its own infrastructure to identify vulnerabilities in internal systems and better understand how attackers may weaponize emerging AI\. "None of these LLMs has captured more attention than Mythos Preview, from Anthropic\. A few weeks ago, we were invited to use Mythos Preview as part of Project Glasswing\. We soon pointed it at more than fifty of our own repositories – to see what it would find, and to see how it works," Bourzikas wrote in a[blog post](https://blog.cloudflare.com/cyber-frontier-models/)\. ### Mythos Marked a 'Real Step Forward' in Cybersecurity AI According to Cloudflare,[Mythos](https://www.ibtimes.sg/why-anthropic-holding-back-claude-mythos-cybersecurity-risks-force-new-approach-85379)Preview represented a substantial shift from previous frontier AI systems\. "Mythos Preview is a real step forward," Bourzikas wrote adding that "it's a different kind of tool doing a different kind of work"\. One of the biggest breakthroughs observed by Cloudflare was Mythos' ability to build "exploit chains", linking several low\-severity software flaws into a larger attack path that could realistically compromise systems\. "A real attack rarely uses one bug\. It chains several small attack primitives together into a working exploit," the post stated\. Unlike earlier models that often stopped after identifying vulnerabilities, Mythos could reason through how flaws interact and transform them into a working proof of concept\. Cloudflare said the model also stood out for "proof generation," where it not only identified bugs but attempted to prove exploitability by writing code, compiling it in test environments, running the exploit and adjusting its approach if it failed\. "The loop matters as much as the bugs it finds, because a suspected flaw without a working proof is speculation, and Mythos Preview closes that gap on its own," Bourzikas wrote\. However, Cloudflare warned that Mythos still produced inconsistent safety behavior\. Because the Project Glasswing version lacked the safeguards present in publicly available models, researchers observed irregular "organic refusals" where the system sometimes rejected legitimate cybersecurity tasks but completed nearly identical requests when phrased differently\. > "Despite this, the model organically pushes back on certain requests \- much like the cyber capabilities that made it useful for vulnerability hunting, the model has its own emergent guardrails that sometimes cause it to push back on legitimate security research requests\. But as we found, these organic refusals aren't consistent \- the same task, framed differently or presented in a different context, could produce completely different outcomes as illustrated in the examples below\." Cloudflare The company also highlighted a major operational challenge, which is separating real vulnerabilities from false positives\. Cloudflare found Mythos generated "fewer hedged findings, clearer reproduction steps, and less work to reach a fix\-or\-dismiss decision," particularly compared with general\-purpose AI coding agents\. Still, Bourzikas argued that simply deploying generic coding agents against repositories is ineffective for large\-scale vulnerability hunting\. Instead, Cloudflare built a custom "harness" around Mythos, dividing tasks into narrow investigations, adversarial review systems and parallel workflows to improve accuracy and reduce noise\. ### Anthropic to Brief G20 on Cyber Risks The findings arrive as Anthropic prepares to brief the Financial Stability Board \(FSB\), the global watchdog overseeing financial risks across G20 economies, on cyber vulnerabilities identified by Mythos\. According to the[Financial Times](https://www.ft.com/content/7d309f94-3618-4511-9778-d1447799c5e4?syn-25a6b1a6=1), Anthropic will present the capabilities of its Mythos Preview AI model to finance ministries and central banks following a request by Bank of England Governor Andrew Bailey, who chairs the FSB\. An FSB spokesperson[said](https://www.reuters.com/technology/anthropic-brief-financial-stability-board-cyber-flaws-exposed-by-mythos-ft-2026-05-18/)the body "welcomes engagement with Anthropic and other firms on emerging and frontier risks to global financial stability\." Regulators are increasingly concerned that advanced systems like Mythos could expose vulnerabilities inside banks, payment networks and financial infrastructure faster than institutions can patch them, especially those dependent on legacy systems\. Google \- Gemini Bailey himself warned in April about the risks\. Speaking at an event at Columbia University in New York, he said, "Anthropic may have found a way to crack the whole cyber risk world open\." "The issue is: to what extent is this new version of the product going to be able to\.\.\. identify vulnerabilities in other systems which can be exploited for cyberattack purposes," Bailey added\. Anthropic has tightly restricted Mythos access through Project Glasswing, reportedly limiting use to roughly 40 organizations\. According to reports, the company has also agreed not to distribute the model more broadly following concerns raised by the[White House\.](https://www.ibtimes.sg/white-house-signals-policy-shift-hands-off-approach-ai-oversight-plans-strict-model-reviews-86093) However, for cybersecurity leaders, the message has been that AI systems like Mythos are no longer merely productivity tools, but they may fundamentally alter both cyber defense and cyber offense on a global scale\.