Last March, internal project documents at the AI company Anthropic leaked outside the company through one employee’s mistake. The project, codenamed Capybara, was revealed a month later when the company officially acknowledged it. It was a hacking-focused AI called “Mythos.”
Mythos is a system that finds security flaws in software, and goes a step further by automatically generating tools that can actually exploit those flaws. Finding the flaw and building the exploit are separate jobs, and until now the latter has been considered far harder. Security experts have averaged about two years and two months to complete both ends; Mythos finishes the same work in roughly 20 hours.
The principle is, relatively speaking, simple. The internet hosts public information on around 330,000 known security flaws — originally curated for developer training. Mythos learns from this data, and whenever a software company ships a security patch, it compares the code before and after the patch to figure out, on its own, what the weakness was. “Security flaw” sounds grand, but in practice many flaws are mundane gaps — an identity-verification step missing just before a payment, a refund flow that doesn’t check whether the payer and the account owner are the same person. These omissions, invisible to most human eyes, are immediate prey for Mythos.
Rather than releasing Mythos publicly, Anthropic ran a program called “Glasswing” that made the tool available for trial to roughly 50 large technology companies. The participating companies reported that, given an environment with unlimited tokens, Mythos effectively broke into every system tested. When that fact reached the public, the International Monetary Fund and the European Central Bank expressed concern, and in Korea, the Ministry of Science and ICT and the Financial Services Commission held an emergency meeting with the banking sector in mid-April.
Hacking AIs are not, in themselves, a new concept. Microsoft has used automated tooling to audit its own Windows code since 2007. In 2016, the U.S. Department of Defense ran a competition pitting computers against one another in attack and defense; the winning entry was acclaimed as the first fully automated attack-and-defense machine and was put on display at the Smithsonian. The core technology was developed by a Korean graduate student studying in the U.S. Last year’s large-scale, LLM-based hacking competition was also won by a team built around Koreans. The underlying skill exists in Korea in full measure.
But between attack and defense lies a structural time gap. The attacker fires up the AI once and gets a result. The defender takes weeks to months — write the report, get approval, secure budget, deploy the solution. The security academy calls this “the asymmetry of time.”
Korea adds a unique environment on top. Under the network-separation policy enacted in 2006, government, public-sector, and financial-sector workstations operate isolated from the internet. External intrusion is blocked, but once a breach has occurred inside, rapid response is hard. During COVID, when remote work forced parts of the network to be connected, the government administrative system “Onnara” was confirmed last year to have been compromised for nearly three years starting in 2022. Only last year did the government establish a system classifying digital data into three tiers — classified, sensitive, and public.
After Mythos came to light, other companies moved fast. OpenAI, the maker of ChatGPT, announced it possesses a similar system; a Korean security company publicly reported finding more flaws than Mythos in the same test environment. The signal is that AI is settling, in security, not as an auxiliary tool but as a direct actor. Anthropic’s own published report estimated that roughly half of security analysts and roughly three-quarters of computer programmers fall within the zone of AI-driven job displacement.
The weight of technology is shifting to one side. The Mythos leak is one scene showing how far that shift has already gone. There is little disagreement among experts that similar systems will continue to appear. The very landscape that the word “security” describes is in the middle of changing.