Anthropic’s Mythos AI Forces Crypto Firms to Rethink Key Management, Bridges, and Oracles Security

Anthropic’s Mythos AI is forcing the crypto industry to rethink security by shifting attention away from smart contract bugs and toward deeper infrastructure risks such as key management, bridges and oracle networks.

“How Anthropic’s Mythos model is forcing the crypto industry to rethink everything about security DeFi leaders say that AI will arm both attackers and defenders, and widen the gap between projects that prioritize security and those that do not”

@coindesk

CoinDesk quotes Paul Vijender, head of security at Gauntlet, saying, “The bigger risks sit in infrastructure,” and adds that he is “less concerned about smart contract exploits and more focused on AI-assisted attacks against the human and infrastructure layers.”

@coindesk

CoinDesk also describes Mythos as a model designed to “identify and chain together weaknesses across systems,” and says it simulates adversaries by testing how small weaknesses can be combined into real-world exploits.

The article links that approach to DeFi’s composability, describing how protocols “share liquidity, rely on common oracles, and interact through layers of integrations that are difficult to map in full.”

In that interconnected environment, CoinDesk says a “minor vulnerability in one protocol can become a critical exploit vector with contagion potential across the ecosystem.”

CoinDesk further frames the result as a shift “from isolated exploits to systemic failures that cascade across protocols,” emphasizing that without AI, dependencies are “hard to trace,” while with AI they can be “mapped and exploited at scale.”

CoinDesk portrays Mythos as part of a broader shift in how DeFi leaders expect AI to change both offense and defense.

The article says DeFi leaders believe “AI will arm both attackers and defenders,” and that it will “widen the gap between projects that prioritize security and those that do not.”

CoinDesk

It also argues that Mythos’s value comes from simulating adversaries and chaining together small weaknesses across interconnected protocols, turning “isolated flaws into systemic, cascading failures.”

CoinDesk quotes Vijender again, saying, “I think there are two areas where AI models are especially valuable,” and then specifies “First, multi-step exploit chains that historically only get discovered after money is lost.”

The second area, CoinDesk says, is “infrastructure-layer vulnerabilities that traditional audits never touch.”

The same CoinDesk piece connects this to real-world operational risk by describing a separate incident involving Vercel’s disclosure of a breach that may have exposed customer API keys.

CoinDesk adds that Vercel traced the intrusion to “a compromised Google Workspace connection via the third-party AI tool Context.ai, which an employee used.”

CoinDesk ties Mythos’s infrastructure focus to DeFi’s design, arguing that composability increases the pathways for risk to spread.

“Anthropic announced its latest AI model, Claude Mythos, this month but said it would not be released publicly, because it turns computers into crime scenes”

The Guardian

The article says “DeFi protocols are designed to interconnect,” and it describes how they “share liquidity, rely on common oracles, and interact through layers of integrations that are difficult to map in full.”

CoinDesk then links that interconnectedness to bridge exploits, citing “recent bridge exploits like the Hyperbridge attack.”

In that example, CoinDesk says “an attacker minted $1 billion worth of bridged Polkadot tokens on Ethereum by exploiting a flaw in how cross-chain messages were verified.”

The piece uses the Hyperbridge example to reinforce its warning that “Composability is what makes DeFi capital efficient and innovative,” while also creating “contagion potential across the ecosystem.”

CoinDesk explicitly frames the mapping problem as a technical limitation: it says “Without AI, those dependencies are hard to trace,” but “With AI, they can be mapped and exploited at scale.”

While CoinDesk describes Mythos as a catalyst for new security priorities, it also includes a counterpoint from within DeFi.

At Aave Labs, founder Stani Kulechov tells CoinDesk that AI reflects “the dynamics already at play in DeFi’s adversarial environment.”

@coindesk

CoinDesk quotes him saying, “Web3 is no stranger to well-funded and motivated adversaries,” and adds, “AI models represent an evolution in the tools used to achieve exploits.”

Kulechov’s argument is that DeFi already operates at machine speed, so AI does not introduce a new dynamic but intensifies an existing one.

CoinDesk quotes him: “DeFi operates at compute speed, so AI doesn’t introduce a new dynamic,” and continues with his view that it “intensifies an environment that has always required constant vigilance.”

Even so, CoinDesk says Aave is seeing AI surface “new categories of vulnerabilities,” including issues that “human auditors may have previously deprioritized.”

Kulechov is quoted again: “The Mythos paper shows that AI can uncover old bugs that were previously deprioritized.”

Outside crypto, other outlets describe Mythos as a system that can accelerate vulnerability discovery and trigger government and industry scrambling.

“How Anthropic’s Mythos model is forcing the crypto industry to rethink everything about security DeFi leaders say that AI will arm both attackers and defenders, and widen the gap between projects that prioritize security and those that do not”

@coindesk

The Washington Post says Mozilla’s security researchers experienced “vertigo” when they pointed Mythos at their code, and it quotes Bobby Holley calling Mythos “a world-class, elite security engineer.”

CoinDesk

The Washington Post reports that “Almost a hundred engineers set aside other work to begin tackling a wave of security problems,” and it says “The latest version of Firefox contains fixes for 271 flaws found with Mythos’s help.”

It also quotes Sam Altman saying, “I am really positive on the timeline that we are in right now, with the capabilities making their way into the hands of defenders first,” and it quotes Dean Ball saying, “Mythos has activated a lot of people in D.C.”

The Guardian editorial adds a different emphasis, saying Anthropic announced Claude Mythos “this month but said it would not be released publicly, because it turns computers into crime scenes.”

The Guardian describes Anthropic’s claim that Mythos could find previously unknown “zero-day” flaws and “link these weaknesses in order to take over major operating systems and web browsers.”

The Guardian also says Anthropic named “40 organisations as partners under Project Glasswing” to help mount a defence by asking them to “patch” vulnerabilities before hackers get a chance to exploit them.