David Sacks, former White House AI czar, warns defensive teams to secure codebases before Anthropic Mythos-level capabilities diffuse to China

Some recent articles have created a misleading narrative that I did not take Mythos seriously or tried to downplay the cyber threat. This is based on egregious cherry-picking of my comments and (since the real target is the Trump Administration) needs to be corrected.

When Mythos Preview first launched, I pointed out that Anthropic has a history of scare tactics, but then immediately went on to say that “we have no choice but to take this seriously” and that every CISO and IT department should move quickly to harden systems against AI-powered cyberattacks.

Here’s what I said on the April 10 All-In Podcast (3 days after launch of Mythos Preview):

“Anytime Anthropic is scaring people, you have to ask, is this a tactic, is this part of their chicken little routine, or is it real? With cyber, I actually would give them credit in this case and say, this is more on the real side.

“It just makes sense that as the coding models become more and more capable, they’re more capable of finding bugs. That means they’re more capable of finding vulnerabilities. That means they’re more capable of stringing together multiple vulnerabilities and creating an exploit.

“I do think that every company, or IT department, or CISO that is managing code bases should take this seriously and use the next few months to detect any dormant bugs or vulnerabilities and roll out patches.”

I posted similar framing on X:

On April 10: “The world has no choice but to take the cyber threat associated with Mythos seriously. But it’s hard to ignore that Anthropic has a history of scare tactics.” (With examples attached).

On April 12: I noted that a growing number of people were wondering if Anthropic was the AI industry’s “boy who cried wolf,” and that the company would face a serious credibility problem if the threats didn’t materialize.

These are the lines the articles highlight. They emphasize the “scare tactics” / “boy who cried wolf” critique while omitting the parts where I said the cyber threat itself was real and required immediate action.

It is entirely possible to question a messenger’s track record while still treating the underlying risk as serious — and that’s exactly what I did. By the way, this view isn’t unique to me or even particularly controversial; highly respected tech commentator Ben Thompson recently made a similar critique about Anthropic.

On April 30 I posted a more technical thread after tests by the AI Security Institute showed that GPT-5.5-Cyber performed similarly to Mythos:

“Mythos is not magic. It’s not a doomsday device. It’s the first of many models that can automate cyber tasks (just like coding). … these models do not create vulnerabilities; they discover them. The bugs are already in the code. Using AI to discover and patch them will actually harden these systems.

“The leap from pre-AI cyber to post-AI cyber means that there will be a big upgrade cycle. … it’s important that cyber defenders get access before cyber attackers. That process is already underway but needs to happen quickly.”

My position remains consistent: We are on a shot clock until Mythos-level capabilities diffuse widely, including to non-U.S. / Chinese models. We need defenders to find and patch vulnerabilities before that happens. This requires cooperation between government and industry. Unfortunately Anthropic’s needlessly confrontational posture toward the Administration has distracted from that mission. Policy debates have their time and place, but right now tangible defensive action is what matters most. I hope everyone moves forward on that basis.

Some recent articles have created a misleading narrative that I did not take Mythos seriously or tried to downplay the cyber threat. This is based on egregious cherry-picking of my comments and (since the real target is the Trump Administration) needs to be corrected.

When Mythos Preview first launched, I pointed out that Anthropic has a history of scare tactics, but then immediately went on to say that “we have no choice but to take this seriously” and that every CISO and IT department should move quickly to harden systems against AI-powered cyberattacks.

Here’s what I said on the April 10 All-In Podcast (3 days after launch of Mythos Preview):

“Anytime Anthropic is scaring people, you have to ask, is this a tactic, is this part of their chicken little routine, or is it real? With cyber, I actually would give them credit in this case and say, this is more on the real side.

“It just makes sense that as the coding models become more and more capable, they’re more capable of finding bugs. That means they’re more capable of finding vulnerabilities. That means they’re more capable of stringing together multiple vulnerabilities and creating an exploit.

“I do think that every company, or IT department, or CISO that is managing code bases should take this seriously and use the next few months to detect any dormant bugs or vulnerabilities and roll out patches.”

I posted similar framing on X:

On April 10: “The world has no choice but to take the cyber threat associated with Mythos seriously. But it’s hard to ignore that Anthropic has a history of scare tactics.” (With examples attached).

On April 12: I noted that a growing number of people were wondering if Anthropic was the AI industry’s “boy who cried wolf,” and that the company would face a serious credibility problem if the threats didn’t materialize.

These are the lines the articles highlight. They emphasize the “scare tactics” / “boy who cried wolf” critique while omitting the parts where I said the cyber threat itself was real and required immediate action.

It is entirely possible to question a messenger’s track record while still treating the underlying risk as serious — and that’s exactly what I did. By the way, this view isn’t unique to me or even particularly controversial; highly respected tech commentator Ben Thompson recently made a similar critique about Anthropic.

On April 30 I posted a more technical thread after tests by the AI Security Institute showed that GPT-5.5-Cyber performed similarly to Mythos:

“Mythos is not magic. It’s not a doomsday device. It’s the first of many models that can automate cyber tasks (just like coding). … these models do not create vulnerabilities; they discover them. The bugs are already in the code. Using AI to discover and patch them will actually harden these systems.

“The leap from pre-AI cyber to post-AI cyber means that there will be a big upgrade cycle. … it’s important that cyber defenders get access before cyber attackers. That process is already underway but needs to happen quickly.”

My position remains consistent: We are on a shot clock until Mythos-level capabilities diffuse widely, including to non-U.S. / Chinese models. We need defenders to find and patch vulnerabilities before that happens. This requires cooperation between government and industry. Unfortunately Anthropic’s needlessly confrontational posture toward the Administration has distracted from that mission. Policy debates have their time and place, but right now tangible defensive action is what matters most. I hope everyone moves forward on that basis.

Some recent articles have created a misleading narrative that I did not take Mythos seriously or tried to downplay the cyber threat. This is based on egregious cherry-picking of my comments and (since the real target is the Trump Administration) needs to be corrected.

When Mythos Preview first launched, I pointed out that Anthropic has a history of scare tactics, but then immediately went on to say that “we have no choice but to take this seriously” and that every CISO and IT department should move quickly to harden systems against AI-powered cyberattacks.

Here’s what I said on the April 10 All-In Podcast (3 days after launch of Mythos Preview):

“Anytime Anthropic is scaring people, you have to ask, is this a tactic, is this part of their chicken little routine, or is it real? With cyber, I actually would give them credit in this case and say, this is more on the real side.

“It just makes sense that as the coding models become more and more capable, they’re more capable of finding bugs. That means they’re more capable of finding vulnerabilities. That means they’re more capable of stringing together multiple vulnerabilities and creating an exploit.

“I do think that every company, or IT department, or CISO that is managing code bases should take this seriously and use the next few months to detect any dormant bugs or vulnerabilities and roll out patches.”

I posted similar framing on X:

On April 10: “The world has no choice but to take the cyber threat associated with Mythos seriously. But it’s hard to ignore that Anthropic has a history of scare tactics.” (With examples attached).

On April 12: I noted that a growing number of people were wondering if Anthropic was the AI industry’s “boy who cried wolf,” and that the company would face a serious credibility problem if the threats didn’t materialize.

These are the lines the articles highlight. They emphasize the “scare tactics” / “boy who cried wolf” critique while omitting the parts where I said the cyber threat itself was real and required immediate action.

It is entirely possible to question a messenger’s track record while still treating the underlying risk as serious — and that’s exactly what I did. By the way, this view isn’t unique to me or even particularly controversial; highly respected tech commentator Ben Thompson recently made a similar critique about Anthropic.

On April 30 I posted a more technical thread after tests by the AI Security Institute showed that GPT-5.5-Cyber performed similarly to Mythos:

“Mythos is not magic. It’s not a doomsday device. It’s the first of many models that can automate cyber tasks (just like coding). … these models do not create vulnerabilities; they discover them. The bugs are already in the code. Using AI to discover and patch them will actually harden these systems.

“The leap from pre-AI cyber to post-AI cyber means that there will be a big upgrade cycle. … it’s important that cyber defenders get access before cyber attackers. That process is already underway but needs to happen quickly.”

My position remains consistent: We are on a shot clock until Mythos-level capabilities diffuse widely, including to non-U.S. / Chinese models. We need defenders to find and patch vulnerabilities before that happens. This requires cooperation between government and industry. Unfortunately Anthropic’s needlessly confrontational posture toward the Administration has distracted from that mission. Policy debates have their time and place, but right now tangible defensive action is what matters most. I hope everyone moves forward on that basis.

Some recent articles have created a misleading narrative that I did not take Mythos seriously or tried to downplay the cyber threat. This is based on egregious cherry-picking of my comments and (since the real target is the Trump Administration) needs to be corrected.

When Mythos Preview first launched, I pointed out that Anthropic has a history of scare tactics, but then immediately went on to say that “we have no choice but to take this seriously” and that every CISO and IT department should move quickly to harden systems against AI-powered cyberattacks.

Here’s what I said on the April 10 All-In Podcast (3 days after launch of Mythos Preview):

“Anytime Anthropic is scaring people, you have to ask, is this a tactic, is this part of their chicken little routine, or is it real? With cyber, I actually would give them credit in this case and say, this is more on the real side.

“It just makes sense that as the coding models become more and more capable, they’re more capable of finding bugs. That means they’re more capable of finding vulnerabilities. That means they’re more capable of stringing together multiple vulnerabilities and creating an exploit.

“I do think that every company, or IT department, or CISO that is managing code bases should take this seriously and use the next few months to detect any dormant bugs or vulnerabilities and roll out patches.”

I posted similar framing on X:

On April 10: “The world has no choice but to take the cyber threat associated with Mythos seriously. But it’s hard to ignore that Anthropic has a history of scare tactics.” (With examples attached).

On April 12: I noted that a growing number of people were wondering if Anthropic was the AI industry’s “boy who cried wolf,” and that the company would face a serious credibility problem if the threats didn’t materialize.

These are the lines the articles highlight. They emphasize the “scare tactics” / “boy who cried wolf” critique while omitting the parts where I said the cyber threat itself was real and required immediate action.

It is entirely possible to question a messenger’s track record while still treating the underlying risk as serious — and that’s exactly what I did. By the way, this view isn’t unique to me or even particularly controversial; highly respected tech commentator Ben Thompson recently made a similar critique about Anthropic.

On April 30 I posted a more technical thread after tests by the AI Security Institute showed that GPT-5.5-Cyber performed similarly to Mythos:

“Mythos is not magic. It’s not a doomsday device. It’s the first of many models that can automate cyber tasks (just like coding). … these models do not create vulnerabilities; they discover them. The bugs are already in the code. Using AI to discover and patch them will actually harden these systems.

“The leap from pre-AI cyber to post-AI cyber means that there will be a big upgrade cycle. … it’s important that cyber defenders get access before cyber attackers. That process is already underway but needs to happen quickly.”

My position remains consistent: We are on a shot clock until Mythos-level capabilities diffuse widely, including to non-U.S. / Chinese models. We need defenders to find and patch vulnerabilities before that happens. This requires cooperation between government and industry. Unfortunately Anthropic’s needlessly confrontational posture toward the Administration has distracted from that mission. Policy debates have their time and place, but right now tangible defensive action is what matters most. I hope everyone moves forward on that basis.

Some recent articles have created a misleading narrative that I did not take Mythos seriously or tried to downplay the cyber threat. This is based on egregious cherry-picking of my comments and (since the real target is the Trump Administration) needs to be corrected.

When Mythos Preview first launched, I pointed out that Anthropic has a history of scare tactics, but then immediately went on to say that “we have no choice but to take this seriously” and that every CISO and IT department should move quickly to harden systems against AI-powered cyberattacks.

Here’s what I said on the April 10 All-In Podcast (3 days after launch of Mythos Preview):

“Anytime Anthropic is scaring people, you have to ask, is this a tactic, is this part of their chicken little routine, or is it real? With cyber, I actually would give them credit in this case and say, this is more on the real side.

“It just makes sense that as the coding models become more and more capable, they’re more capable of finding bugs. That means they’re more capable of finding vulnerabilities. That means they’re more capable of stringing together multiple vulnerabilities and creating an exploit.

“I do think that every company, or IT department, or CISO that is managing code bases should take this seriously and use the next few months to detect any dormant bugs or vulnerabilities and roll out patches.”

I posted similar framing on X:

On April 10: “The world has no choice but to take the cyber threat associated with Mythos seriously. But it’s hard to ignore that Anthropic has a history of scare tactics.” (With examples attached).

On April 12: I noted that a growing number of people were wondering if Anthropic was the AI industry’s “boy who cried wolf,” and that the company would face a serious credibility problem if the threats didn’t materialize.

These are the lines the articles highlight. They emphasize the “scare tactics” / “boy who cried wolf” critique while omitting the parts where I said the cyber threat itself was real and required immediate action.

It is entirely possible to question a messenger’s track record while still treating the underlying risk as serious — and that’s exactly what I did. By the way, this view isn’t unique to me or even particularly controversial; highly respected tech commentator Ben Thompson recently made a similar critique about Anthropic.

On April 30 I posted a more technical thread after tests by the AI Security Institute showed that GPT-5.5-Cyber performed similarly to Mythos:

“Mythos is not magic. It’s not a doomsday device. It’s the first of many models that can automate cyber tasks (just like coding). … these models do not create vulnerabilities; they discover them. The bugs are already in the code. Using AI to discover and patch them will actually harden these systems.

“The leap from pre-AI cyber to post-AI cyber means that there will be a big upgrade cycle. … it’s important that cyber defenders get access before cyber attackers. That process is already underway but needs to happen quickly.”

My position remains consistent: We are on a shot clock until Mythos-level capabilities diffuse widely, including to non-U.S. / Chinese models. We need defenders to find and patch vulnerabilities before that happens. This requires cooperation between government and industry. Unfortunately Anthropic’s needlessly confrontational posture toward the Administration has distracted from that mission. Policy debates have their time and place, but right now tangible defensive action is what matters most. I hope everyone moves forward on that basis.