Lazarus Doesn't Need AGI
Contents
Lazarus Doesn't Need AGI
Last week’s reporting on unauthorized access to Claude Mythos reads as an AI security story. It is also, structurally, a North Korea (DPRK) story. Even if the current suspects turn out to be Discord hobbyists.
Mythos was meant to be contained. Within hours of the public Project Glasswing announcement, a third-party contractor environment became the access vector. Not because Anthropic did something wrong. Because controlled release, at the scale modern enterprise software operates, is a goal rather than a guarantee.
The interesting question isn’t who got in this time. It’s who gets in next, and their economics.
What happened?
The group accessed Mythos the same day it was announced, guessing the endpoint based on Anthropic’s naming conventions for prior models. The vector was an individual employed at a third-party contractor, not Anthropic’s core infrastructure. Source characterizations point to a research community “not wreaking havoc” with the model.
The misread
If the coverage only …
Last week’s reporting on unauthorized access to Claude Mythos reads as an AI security story. It is also, structurally, a North Korea (DPRK) story. Even if the current suspects turn out to be Discord hobbyists.
Mythos was meant to be contained. Within hours of the public Project Glasswing announcement, a third-party contractor environment became the access vector. Not because Anthropic did something wrong. Because controlled release, at the scale modern enterprise software operates, is a goal rather than a guarantee.
The interesting question isn’t who got in this time. It’s who gets in next, and their economics.
What happened?
The group accessed Mythos the same day it was announced, guessing the endpoint based on Anthropic’s naming conventions for prior models. The vector was an individual employed at a third-party contractor, not Anthropic’s core infrastructure. Source characterizations point to a research community “not wreaking havoc” with the model.
The misread
If the coverage only …