More here:FFmpeg has thanked Anthropic for sending real, working patches.
The patches fix a vulnerability that sat unnoticed in the multimedia library for 16 years. According to Anthropic, the buggy line of code had been exercised five million times by automated testing tools without anyone spotting the problem.
FFmpeg powers video encoding and decoding in pretty much every browser, phone, app, and streaming service out there. So this is a concrete win for software that millions of people rely on every day.
The fixes came from Claude Mythos Preview, Anthropic’s unreleased frontier model. The company announced the work yesterday as part of Project Glasswing, a new defensive push that teams Mythos with partners including Apple, Google, Microsoft, AWS, and the Linux Foundation. Anthropic is putting up $100 million in compute credits and direct donations to open-source security efforts.
On X, the official FFmpeg account said, “there are real patches they sent,” after first noting that many companies talk about supporting open source but rarely follow through with actual code.
![]()
Assessing Claude Mythos Preview’s cybersecurity capabilities
Claude Mythos Preview is a new general-purpose language model that is strikingly capable at computer security tasks. This post provides technical details for researchers and practitioners who want to understand exactly how we have been testing this model, and what we have found over the past month.
Last edited: