Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Behind the Curtain: AI's looming cyber nightmare
Source: Axios
Top AI and government officials tell Axios CEO Jim VandeHei that Anthropic, OpenAI and other tech giants will soon release new models that are scary good at hacking sophisticated systems at scale.
The one to watch: Anthropic is privately warning top government officials that its not-yet-released model — currently branded "Mythos" — makes large-scale cyberattacks much more likely in 2026.
The model allows agents to work on their own with wild sophistication and precision to penetrate corporate, government and municipal systems. It's a hacker's dream weapon.
Jim revealed in his new weekly newsletter for CEOs that one source briefed on the coming models says a large-scale attack could hit this year. Businesses are ripe targets.
-snip-
Read more: https://www.axios.com/2026/03/29/claude-mythos-anthropic-cyberattack-ai-agents
This is the first I've heard of Mythos, though I've posted other threads about AI agents being a real security risk. It's worrisome that Anthropic gave the US government that heads-up...and more worrisome that the dunces in the Trump regime are the last people we'd want dealing with this sort of threat.
The Axios article links to an article here, published two months ago:
https://www.darkreading.com/threat-intelligence/2026-agentic-ai-attack-surface-poster-child
2026: The Year Agentic AI Becomes the Attack Surface Poster Child
Dark Reading asked readers whether agentic AI attacks, advanced deepfake threats, board recognition of cyber as a top priority, or password-less technology adoption would be most likely to become a trending reality for 2026.
Tara Seals,Managing Editor, News,Dark Reading
January 30, 2026
-snip-
Nearly half (48%) of respondents believe agentic AI will represent the top attack vector for cybercriminals and nation-state threats by the end of 2026. It's a decent bet, given that agentic AI continues to gain ground at enterprises of all stripes. They're adopting it to streamline operations, to implement things like predictive maintenance and smart manufacturing, and to keep up competitively in realms like software development — amongst many, many other use cases. Amid the growing exuberance for the semi-autonomous (and highly permissioned) technology is a worry that headlong barreling to join the fray will come at the expense of prioritizing security.
"It's good to see this one topping the charts," says Rik Turner, chief analyst for cybersecurity at Omdia. "The expanded attack surface deriving from the combination of agents' levels of access and autonomy is and should be a real concern. A particular worry here, in my humble opinion, is if we see a rush to adopt agentic that results in developers deploying insecure code. There's already talk of the need to discover what open source model context protocol (MCP) servers are being thrown into the mix by devs keen to deliver on projects by the deadline. This, combined with what seems to be the widespread (nay, wholesale) adoption of vibe coding in 2025 suggests there are a lot of people assembling entirely insecure and vulnerable infrastructure already."
These concerns are exacerbated by the rise of open source AI agents and "shadow AI," which employees might be importing into work environments with no oversight from the security team.
-snip-
"AI raises the stakes for security because AI enables automation and scale, so we have attackers using AI to launcher wider scale attacks to find vulnerabilities," explains Melinda Marks, practice director for cybersecurity at Omdia. "At the same time, organizations are using AI to scale their productivity. We looked to technical innovations in the past to incrementally increase productivity, but now agentic AI and autonomous systems can scale productivity by five times or 10 times. But that also exponentially increases attack surfaces, including access points with non-human identities."
-snip-
Dark Reading asked readers whether agentic AI attacks, advanced deepfake threats, board recognition of cyber as a top priority, or password-less technology adoption would be most likely to become a trending reality for 2026.
Tara Seals,Managing Editor, News,Dark Reading
January 30, 2026
-snip-
Nearly half (48%) of respondents believe agentic AI will represent the top attack vector for cybercriminals and nation-state threats by the end of 2026. It's a decent bet, given that agentic AI continues to gain ground at enterprises of all stripes. They're adopting it to streamline operations, to implement things like predictive maintenance and smart manufacturing, and to keep up competitively in realms like software development — amongst many, many other use cases. Amid the growing exuberance for the semi-autonomous (and highly permissioned) technology is a worry that headlong barreling to join the fray will come at the expense of prioritizing security.
"It's good to see this one topping the charts," says Rik Turner, chief analyst for cybersecurity at Omdia. "The expanded attack surface deriving from the combination of agents' levels of access and autonomy is and should be a real concern. A particular worry here, in my humble opinion, is if we see a rush to adopt agentic that results in developers deploying insecure code. There's already talk of the need to discover what open source model context protocol (MCP) servers are being thrown into the mix by devs keen to deliver on projects by the deadline. This, combined with what seems to be the widespread (nay, wholesale) adoption of vibe coding in 2025 suggests there are a lot of people assembling entirely insecure and vulnerable infrastructure already."
These concerns are exacerbated by the rise of open source AI agents and "shadow AI," which employees might be importing into work environments with no oversight from the security team.
-snip-
"AI raises the stakes for security because AI enables automation and scale, so we have attackers using AI to launcher wider scale attacks to find vulnerabilities," explains Melinda Marks, practice director for cybersecurity at Omdia. "At the same time, organizations are using AI to scale their productivity. We looked to technical innovations in the past to incrementally increase productivity, but now agentic AI and autonomous systems can scale productivity by five times or 10 times. But that also exponentially increases attack surfaces, including access points with non-human identities."
-snip-
7 replies
= new reply since forum marked as read
= new reply since forum marked as read
