Malicious actors are now exploiting generative AI to carry out cyberattacks: scamming victims using AI-generated deepfakes, deploying malware developed with the help of AI coding tools, using chatbots to pull off phishing campaigns, and hacking widely used open-source code repositories with AI agents. And these AI-driven threats are rising. In early April, Anthropic’s Frontier Red Team, which evaluates the potential safety and security risks posed by the company’s AI models, announced that the company’s Claude Mythos Preview model has identified thousands of high- and critical-severity vulnerabilities.

The list includes some in “every major operating system and every major web browser,” despite the model not being explicitly trained for this. Those findings prompted Anthropic to also establish Project Glasswing to help thwart AI-assisted cyberattacks. Its launch partners—which include tech giants such as Amazon Web Services (AWS), Apple, Google, Microsoft, and Nvidia—will use Mythos Preview to scan and secure software. While generative AI’s coding, reasoning, and autonomous capabilities have become powerful enough to spot potential code security weaknesses, these same skills also…