Anthropic is restricting access to Claude Mythos, an advanced AI model designed to identify security vulnerabilities. The move has left European authorities with minimal visibility while the UK conducts independent testing.
Claude Mythos represents a critical test case for Europe's AI safety infrastructure. Anthropic's limited access strategy means EU regulators lack direct insight into a system that outperforms most human security researchers—a capability with significant implications for critical infrastructure and cybersecurity.
Meanwhile, the UK has already begun its own evaluation framework, creating a regulatory asymmetry across the continent. This disparity highlights structural weaknesses in how Europe monitors advanced AI systems compared to individual nations.
The situation underscores a fundamental challenge: Europe's AI Act and safety apparatus still lack the mechanisms to adequately track and assess frontier AI models during development. As companies restrict researcher access and conduct limited external testing, regulatory blind spots expand.
The Claude Mythos case signals that Europe must accelerate implementation of its AI oversight infrastructure, establish clearer access protocols for safety audits, and coordinate with individual member states to prevent regulatory fragmentation.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.
Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.
A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.