Wednesday, April 22, 2026

Anthropic's Mythos model — a restricted AI tool built for cybersecurity analysis and capable of identifying and exploiting vulnerabilities across major operating systems and browsers — has reportedly been accessed by an unauthorized group. The breach allegedly occurred through a third-party contractor's credentials combined with internet reconnaissance techniques, not a direct compromise of Anthropic's own systems. Anthropic told reporters it is investigating the claims but says it has found no evidence its core infrastructure was affected.

The incident adds complexity to an already fraught picture around Mythos. Separately, the NSA is reportedly using the model despite ongoing friction between Anthropic and the Pentagon over AI deployment policy — suggesting intelligence agencies are moving independently of broader defense coordination.

The unauthorized access episode underscores a persistent tension in deploying powerful, restricted AI tools: third-party access points can become the weakest link, regardless of how tightly the developer controls its own systems.

OpenAI has released GPT-Image-2 (also called ChatGPT Images 2.0), an image generation model available through ChatGPT, the API, and Codex. Sam Altman is pitching the leap from the previous version as equivalent to the jump from GPT-3 to GPT-5 — a bold claim, but early benchmarks back up the ambition: the model holds a +242 Elo lead on Arena's text-to-image leaderboard.

The most concrete improvement is text rendering, historically a weak spot for image generators. The model also supports resolutions up to 3840×2160 and an outputQuality setting, with API pricing at $30 per million output tokens.

Design tools including Figma, Canva, and Adobe Firefly are already integrating it, pointing to a clear push into professional productivity workflows. In stress tests with complex, Where's Waldo-style scenes, it outperformed Google's Gemini and earlier OpenAI versions — though it still can't reliably solve the visual puzzles it generates.

Mozilla collaborated with Anthropic to apply an early version of Claude Mythos Preview to Firefox security evaluation. The effort identified 271 vulnerabilities that were fixed in this week's Firefox 150 release. Firefox CTO Bobby Holley praised the team's work and expressed optimism about AI-assisted security defense.

GitHub announced changes to Copilot Individual plans including tightened usage limits, paused signups, and restriction of Claude Opus 4.7 to the $39/month Pro+ tier. The company cited agentic workflows' increased compute demands, with long-running parallelized sessions consuming far more resources than the original plan structure supported. The pricing shift moves from per-request to token-based usage limits on per-session and weekly bases to address margin pressure from compute-intensive agent requests.

Anthropic briefly updated its pricing page to move Claude Code from the $20/month Pro plan to exclusive availability on $100+/month Max plans, reportedly affecting a small test group of new signups. The change sparked widespread concern on social media and was reversed within hours, though the company's Head of Growth confirmed the test was still running invisibly to most users. The incident raised questions about Anthropic's communication transparency and product strategy around a flagship feature.