The next phase of AI cybersecurity still needs humans

Axios · May 14, 2026 · 667 words · By Sam Sabin

Cybersecurity Risks AI Cybersecurity Capabilities Human-AI Collaboration

The article discusses the capabilities and limitations of new AI models from Anthropic and OpenAI in the field of cybersecurity. It highlights that while these models can find significantly more vulnerabilities than traditional methods, they still require human expertise to validate findings and reduce false positives.

open_in_new Read the original article: https://axios.com/2026/05/14/mythos-cyberscurity-human-ai-models

analyticsAnalysis

10%

Propaganda Score

confidence: 95%

Low risk. This article shows minimal use of propaganda techniques.

psychologyDetected Techniques

warning

Loaded Language 70% confidence

Using words with strong emotional connotations to influence an audience.

fact_checkFact-Check Results

11 claims extracted and verified against multiple sources including cross-references, web search, and Wikipedia.

info Single Source 7

check_circle Corroborated 3

schedule Pending 1

check_circle

“Anthropic unveiled Mythos Preview to the world”

CORROBORATED

Multiple independent news sources (CNBC, Flipboard, RT News) confirm that Anthropic released the Claude Mythos Preview model.

compare_arrows

cross reference SUPPORTS — rival Anthropic captivated investors and government officials with Claude Mythos Preview
https://www.cnbc.com/2026/05/07/openai-rolls-out-new-gpt-5po…

compare_arrows

cross reference SUPPORTS — In early April, Anthropic sent shudders through the tech community with Claude’s Mythos Preview model.
https://flipboard.com/topic/news/anthropic-s-most-powerful-a…

compare_arrows

cross reference SUPPORTS — In early April, Anthropic sent shudders through the tech community with Claude’s Mythos Preview model.
https://flipboard.com/topic/news/anthropic-s-most-powerful-a…

+ 2 more evidence sources

info

“Mythos Preview... found tens of thousands of bugs spanning nearly every operating system.”

SINGLE SOURCE

While the existence of Mythos is corroborated, the specific claim about finding 'tens of thousands of bugs' is not explicitly confirmed in the provided web search results, though SecurityWeek mentions Anthropic claimed it identified 'thousands of zero-days'.

travel_explore

web search NEUTRAL — In November, Nvidia and Microsoft were expected to invest up to $15 billion in Anthropic, and Anthropic said it would buy $30 billion of computing capacity from Microsoft Azure running on Nvidia AI sy…
https://en.wikipedia.org/wiki/Anthropic

travel_explore

web search NEUTRAL — Feb 4, 2026 · Anthropic is an AI safety and research company that's working to build reliable, interpretable, and steerable AI systems.
https://www.anthropic.com/

travel_explore

web search NEUTRAL — Claude is Anthropic's AI, built for problem solvers. Tackle complex challenges, analyze data, write code, and think through your hardest work.
https://claude.com/product/overview

info

“OpenAI's GPT-5.5-Cyber is just as powerful as Mythos at finding bugs and writing exploits.”

SINGLE SOURCE

Web results confirm the existence of GPT-5.5, but there is no specific evidence in the provided results comparing 'GPT-5.5-Cyber' capabilities to Mythos regarding bug finding and exploit writing.

travel_explore

web search NEUTRAL — Chat with the most advanced AI to explore ideas, solve problems, and learn faster.
https://chatgpt.com/

travel_explore

web search NEUTRAL — OpenAI Group PBC, doing business as OpenAI, is an American artificial intelligence (AI) research organization headquartered in San Francisco, consisting of a for-profit public benefit corporation (PBC…
https://en.wikipedia.org/wiki/OpenAI

travel_explore

web search NEUTRAL — We believe our research will eventually lead to artificial general intelligence, a system that can solve human-level problems. Building safe and beneficial AGI is our mission.
https://openai.com/

info

“Palo Alto Networks told Axios it found 75 bugs using both the Anthropic and OpenAI models, vs. the 5-10 bugs it usually discovers each month.”

SINGLE SOURCE

Search results mention Palo Alto Networks using both OpenAI and Anthropic stacks in parallel, but do not provide the specific numbers (75 bugs vs 5-10) mentioned in the claim.

travel_explore

web search NEUTRAL — Palo Alto Networks: Cloud Security Leader in First-Ever CNAPP Report.FrostRadar™ names Palo Alto Networks a CNAPP Leader. Overall leader : 2024 Leadership Compass: Security Orchestration, Automation a…
https://www.paloaltonetworks.com/

travel_explore

web search NEUTRAL — Three of OpenAI’s launch partners for Daybreak are already inside Anthropic’s Glasswing consortium. Cisco, CrowdStrike, and Palo Alto Networks are running both stacks in parallel rather than picking a…
https://thenewstack.io/openai-daybreak-anthropic-glasswing/

travel_explore

web search NEUTRAL — Compare models - OpenAI API.
https://platform.openai.com/docs/models/compare

check_circle

“Microsoft said Tuesday its new agentic security system... found 16 new vulnerabilities in the Windows networking and authentication stack.”

CORROBORATED

Multiple sources (Cyber Ivy and other web search results) confirm that Microsoft's agentic security system (MDASH) found 16 new vulnerabilities in the Windows networking and authentication stack.

travel_explore

web search NEUTRAL — Microsoft responded to growing competition in AI security by announcing that its new agentic security system helped researchers discover 16 new vulnerabilities in the Windows networking and authentica…
https://www.helpnetsecurity.com/2026/05/13/microsoft-mdash-a…

travel_explore

web search NEUTRAL — Microsoft says an agentic multi-model system found 16 Windows security flaws, including four critical remote-code-execution bugs. It signals faster defense and more patch pressure.
https://cyber-ivy.com/en/articles/microsoft-mdash-ai-windows…

travel_explore

web search NEUTRAL — Codename: MDASH—Microsoft Security’s new multi-model agentic scanning harness. Codename MDASH is, at its core, an agentic vulnerability discovery and remediation system. The model is one input. The sy…
https://www.microsoft.com/en-us/security/blog/2026/05/12/def…

info

“Cisco this week released "Foundry Security Spec," an open-source blueprint for how organizations should think about using advanced AI models.”

SINGLE SOURCE

Search results confirm Cisco's general AI activity and financial reports, but there is no mention of a 'Foundry Security Spec' open-source blueprint.

travel_explore

web search NEUTRAL — Cisco Systems, Inc., doing business as Cisco, is an American multinational technology conglomerate corporation that develops, manufactures, and sells hardware, software, telecommunications equipment a…
https://en.m.wikipedia.org/wiki/Cisco

travel_explore

web search NEUTRAL — Cisco is a worldwide technology leader powering an inclusive future for all. Learn more about our products, services, solutions, and innovations.
https://www.cisco.com/

travel_explore

web search NEUTRAL — 16 hours ago · Cisco's AI story has finally started resonating with Wall Street, with the stock hitting a record late last year and continuing to rally in 2026.
https://www.cnbc.com/2026/05/13/cisco-csco-q3-earnings-repor…

info

“XBOW... said Mythos is "extremely powerful for source code audits" in a blog post Tuesday”

SINGLE SOURCE

Search results confirm XBOW is an autonomous offensive security platform, but no specific blog post quote stating Mythos is 'extremely powerful for source code audits' was found in the provided evidence.

travel_explore

web search NEUTRAL — Daniel Stenberg, the lead developer of curl, revealed in a blog post on Monday that he was recently given the opportunity to test the Claude Mythos frontier AI model, which Anthropic claimed had ident…
https://www.securityweek.com/claude-mythos-finds-only-one-cu…

travel_explore

web search NEUTRAL — We also see a high volume of high quality security reports flooding in: security researchers now use AI extensively and effectively. Security is a top priority for us in the curl project. We follow ev…
https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-v…

travel_explore

web search NEUTRAL — Stenberg explained in a Monday blog post that he was promised access to Anthropic’s Mythos model - sort of - through the AI biz’s Project Glasswing program.
https://www.theregister.com/security/2026/05/11/anthropics-b…

info

“XBOW found that Mythos was "good, but less powerful, at validating exploits"”

SINGLE SOURCE

No evidence in the provided search results contains XBOW's specific evaluation of Mythos's ability to validate exploits.

travel_explore

web search NEUTRAL — May 6, 2026 · XBOW, the cybersecurity startup founded by GitHub Copilot creator Oege de Moor, added $35M from NVIDIA, Samsung, SentinelOne, and others, bringing its Series C to $155M.
https://www.geekwire.com/2026/xbow-the-unicorn-with-a-seattl…

travel_explore

web search NEUTRAL — Mar 18, 2026 · Autonomous offensive security company XBOW on Wednesday announced raising $120 million in a Series C funding round to scale its AI-powered platform that autonomously discovers and valid…
https://www.securityweek.com/autonomous-offensive-security-f…

travel_explore

web search NEUTRAL — XBOW turns penetration testing into a machine-scale offensive security system. The XBOW platform executes targeted attacks autonomously, allowing teams to explore deeper attack paths than traditional …
https://xbow.com/

info

“Palo Alto Networks... saw a false positive rate of about 30% across its products”

SINGLE SOURCE

While GPT-5.5 and Claude Opus 4.7 are mentioned in comparison articles, there is no mention of a 30% false positive rate reported by Palo Alto Networks.

travel_explore

web search NEUTRAL — Как DeepSeek V4, GPT-5.5 и утечка Claude Mythos переопределили экономику AI на ближайший квартал.Для сравнения, Claude Opus 4.7 стоит $5 / $25 за миллион. Разница с Flash на типовой задаче (15 тысяч т…
https://vc.ru/ai/2884109-tri-udara-po-ai-deepseek-v4-gpt-55-…

travel_explore

web search NEUTRAL — GPT‑5.5 delivers this step up in intelligence without compromising on speed: larger, more capable models are often slower to serve, but GPT‑5.5 matches GPT‑5.4 per-token latency in real-world serving,…
https://openai.com/index/introducing-gpt-5-5/

travel_explore

web search NEUTRAL — Сравниваем GPT-5.5 и Claude Opus 4.7 по коду, агентным задачам, ценам, безопасности, длинному контексту и реальной пользе для команд.
https://www.securitylab.ru/analytics/571982.php

check_circle

“Daniel Stenberg, the lead developer for open-source project Curl, said Monday that Mythos found one low-severity bug in its code alongside several false positives”

CORROBORATED

SecurityWeek and Daniel Stenberg's own blog confirm that the Mythos model found one vulnerability in curl alongside several false positives.

schedule

“Mythos is already improving on its own, according to research published Wednesday by the U.K. AI Security Institute.”

PENDING

info Disclaimer: This analysis is generated by AI and should be used as a starting point for critical thinking, not as definitive truth. Claims are verified against publicly available sources. Always consult the original article and additional sources for complete context.

eFinder

eFinder

The next phase of AI cybersecurity still needs humans

analyticsAnalysis

psychologyDetected Techniques

fact_checkFact-Check Results