Ctrl AI Profit
Two hosts — one human, one AI — break down how small business owners can use AI to save time, cut costs, and actually make money. No hype, no jargon, just what works.
Ctrl AI Profit
Ep. 116 | Anthropic's New AI Was Too Dangerous to Release — So They're Releasing It
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Anthropic built an AI so powerful they said it was too dangerous to release. Three weeks later, they changed their mind.
Claude Mythos can find over 10,000 critical security vulnerabilities in 30 days. It was locked behind Project Glasswing with only 50 elite partners. Now Anthropic is rolling it out. Meanwhile, their new flagship model Opus 4.8 brings radical honesty improvements, Dynamic Workflows for parallel coding, and effort controls that could save your business real money.
In this episode, Mike and Frank break down what Mythos means for small business security, why the security divide between big tech and everyone else is about to get wider, and the practical steps you should take this week — including updating to Opus 4.8, auditing your AI spend with effort controls, and doing a security inventory before the tools that find vulnerabilities get even more powerful.
Topics: Anthropic Claude Mythos · Opus 4.8 · Project Glasswing · AI cybersecurity · small business security · effort control · Dynamic Workflows · AI honesty · security divide · AI bill management
FAQ:
Q: Is Claude Mythos available to the public yet?
A: Not yet. It's rolling out first through Claude Code and a new Claude Security dashboard for enterprise customers. General access is expected in the coming months.
Q: Should I update to Opus 4.8?
A: Yes, if you use Claude. The honesty improvements alone are worth it — 4x less likely to pass flawed code or give confident wrong answers.
Q: What does this mean for my small business security?
A: The tools that find vulnerabilities just got dramatically better, but they're only available to big companies right now. Do a security inventory of your own software and start budgeting for AI security tools.
About the Hosts:
Mike Cadenhead is a small business owner since 1983 and the founder of 850 Media, a digital media company helping local businesses harness AI and technology. Frank is an AI-powered co-host with a sharp take on what AI news means for Main Street.
Ctrl AI Profit — Real AI. Real Business. No Hype.
CtrlAiProfit.com
X: @CtrlAIProfit
TikTok: @CtrlAiProfit
YouTube: @CtrlAiProfit
CtrlAiProfit@850Media.com
Produced entirely by AI. Yes, really....
Anthropic just built an AI so powerful they said it was too dangerous to release, and now they're releasing it. Here's what that means for your business and why you should care even if you never touch the thing.
SPEAKER_01Two massive announcements from Anthropic this week. First, Claude Opus 4.8, their new flagship model with a big focus on honesty and code accuracy. And second, the one everyone's actually talking about. Claude Mythos, the cybersecurity AI they locked behind closed doors because it was too dangerous, is now being released.
SPEAKER_00And this isn't some distant future thing. Anthropic said Mythos is coming in the coming weeks. Weeks, three weeks ago, they said it was too dangerous. Now it's shipping.
SPEAKER_01Let's back up. If you've been listening to this show, you might remember episode 50. We talked about Anthropic building something too dangerous to release. That was Mythos. An AI that can find over 10,000 critical security vulnerabilities in 30 days. And Anthropic said, quote, no company, including us, has developed safeguards strong enough to prevent such models from being misused.
SPEAKER_00That was in April, three weeks ago. And now they're rolling it out. Not to everyone, but they've shifted from we're not releasing this to we're releasing this in the coming weeks.
SPEAKER_01Here's what changed. On May 22nd, Anthropic updated their position. They said that in the near future, once we've developed the far stronger safeguards we need, we look forward to making Mythos class models available through a general release. That's a 180 from their original stance.
SPEAKER_00And it's not like they're just flipping a switch. The rollout is staged. Right now, Mythos is still locked to about 50 partners under what they call Project Glasswing. Companies like AWS, Microsoft, Google, Apple, Nvidia, JP Morgan Chase, and CrowdStrike. These are the biggest tech companies and banks in the world, and they've been using Mythos to find and patch vulnerabilities in critical infrastructure.
SPEAKER_01Think about that for a second. 50 companies have had access to an AI that can find 10,000 critical bugs in a month. That means the software running your bank, your cloud services, your operating system has already been scanned by this thing. The question is, did they tell you about the bugs they found in your software? Or just fix their own?
SPEAKER_00That's the transparency problem. Glasswing partners get early access. They find vulnerabilities. Some of those vulnerabilities are in open source software that your business relies on. But there's no requirement that they publicly disclose what they found or how fast they're patching it.
SPEAKER_01The next step in the rollout is integrating Mythos into Claud Code and a new Claude security dashboard for enterprise customers. Not as a free chat model, as a gated security tool. Think of it like giving a master locksmith a set of tools that can open any lock, but only inside a vault with cameras and guards.
SPEAKER_00That analogy actually undersells it. Mythos doesn't just find open locks, it finds locks you didn't even know existed in doors you forgot you had in buildings you thought were empty. 10,000 critical vulnerabilities in 30 days. That's not a locksmith. That's a building inspector who can see through walls.
SPEAKER_01And that's exactly why this matters for your business, even if you never touch Mythos directly, because the security landscape is about to change dramatically. When an AI can find 10,000 vulnerabilities in a month, two things happen. One, the big platforms get safer because they're the ones with Glasswing access. And two, everyone else becomes a bigger target.
SPEAKER_00Let me paint that picture. AWS uses Mythos to harden their infrastructure. Google uses it to patch Android. Microsoft uses it on Azure.
SPEAKER_01And if you're thinking, well, I use Shopify, so I'm fine, yes, Shopify itself will probably get scanned. But the third-party app you installed to handle reviews, the custom theme you bought from a developer on Fiverr? The integration you set up with your accounting software, those are your problem.
SPEAKER_00That's the real security gap. It's not that small businesses don't have any protection. It's that the protection stops at the edge of the big platform and doesn't extend to anything you've connected to it.
SPEAKER_01And here's what makes that gap even worse. When Mythos finds a vulnerability in an open source library that AWS uses, AWS patches it fast. But if that same vulnerability exists in a plugin your small business website depends on, you might not hear about it for weeks or months. The same bug, different response time. The big companies fix it before anyone exploits it. You find out after you've been breached.
SPEAKER_00This is the security divide, and it's about to get wider. Big tech gets the best defense. Small business gets the leftover vulnerabilities that Mythos already found but didn't get reported because they're not on a Glasswing partner's priority list.
SPEAKER_01Now let's talk about the other announcement. Because that one is available now and it has features that directly matter for small businesses. This isn't a future thing. You can use it today.
SPEAKER_00Opus 4.8 is Anthropic's new top model. Same price as Opus 4.7, $5 per million input tokens, $25 per million output tokens, no price increase. Which is notable given what we talked about two episodes ago, with AI bills becoming your biggest expense.
SPEAKER_01The headline feature is honesty. Anthropic says Opus 4.8 is four times less likely to let flawed code pass without warning you. Four times. That's not a marginal improvement. That's a fundamentally different relationship between you and the AI. It flags its own uncertainty instead of confidently giving you wrong answers.
SPEAKER_00And it's worth explaining what four times less likely to fake answers actually means in practice. It doesn't mean the model never makes mistakes. It means when it's unsure, it tells you instead of guessing, previous models would give you a confident answer that happened to be wrong. Opus 4.8 is more likely to say, I'm not certain about this. You should verify.
SPEAKER_01For anyone who's used ChatGPT or Claude and gotten a confident sounding answer that turned out to be completely wrong, and we've all been there, this is the fix. Four times less likely to do that. That's a big deal when you're using AI for business decisions, not just writing blog posts.
SPEAKER_00And the honesty improvement compounds. When your AI flags uncertainty on a contract clause, you know to get a real lawyer to review it. When your AI flags uncertainty on a piece of code, you know to test it more carefully. The honesty doesn't just prevent mistakes, it teaches you where your blind spots are.
SPEAKER_01Think about what that means in practice. You ask your AI to write a script that processes customer payments. An older model might write code that looks right but has a subtle bug. Maybe it rounds incorrectly. Maybe it leaks data to a log file. Opus 4.8 is designed to stop and say, I'm not confident about this part. You should double check it. That's the difference between a tool that makes you faster and a tool that gets you in trouble. And it's not just code.
SPEAKER_00If you use AI to analyze contracts, write policies, or generate reports for clients, the honesty feature matters just as much. An AI that confidently gives you wrong legal advice is worse than no AI at all. Opus 4.8 is built to say, I don't know, more often. And that's actually a feature, not a bug.
SPEAKER_01The other big feature is dynamic workflows. This is a research preview inside Clawed Code that lets Opus 4.8 spin up hundreds of parallel subagents to handle complex coding tasks. You give it a goal, like migrating an entire code base from one framework to another, and it plans the work, assigns it to subagents, verifies the results, and merges everything back together.
SPEAKER_00For a small business with a developer, or two, this is like adding an entire engineering team overnight. You can hand off large refactoring projects, security audits of your own code, or database migrations to an AI that can actually manage the whole process instead of just suggesting code snippets.
SPEAKER_01And the verification step is crucial. These subagents don't just do the work, they run your existing test suite against the changes before merging. So it's not just faster work, it's verified work. The AI is checking its own homework before turning it in.
SPEAKER_00That said, this is still a research preview. It's going to make mistakes. Don't hand it your production database migration and go get coffee without reviewing the output. But as a force multiplier for a small dev team, this is significant.
SPEAKER_01Think about what this means for a five-person company. You've got maybe one developer who's also handling IT, sysadmin work, and answering support tickets. Now that person can delegate a framework migration to dynamic workflows and focus on the work that actually requires human judgment. It's not replacing your developer, it's giving your developer superpowers.
SPEAKER_00And that's really the theme of both these announcements. Opus 4.8 makes your AI more honest and gives you better cost controls. Mythos makes security dramatically more powerful, but only for the companies that can afford it. The dividing line keeps getting sharper between businesses that can leverage these tools and businesses that can't.
SPEAKER_01But here's the catch. Dynamic workflows is only available on enterprise, team, and max plans. So if you're on the free tier or a basic pro plan, you're not getting this yet. Another paywall, another reason your AI bill keeps climbing, which is exactly what we talked about two episodes ago.
SPEAKER_00And that's a pattern we're going to keep seeing. The most powerful AI features always land behind the highest paywalls first. The honesty improvements in Opus 4.8 are available to everyone. But the dynamic workflows that actually let you use that power at scale, that's enterprise only. The best security AI in the world, Glasswing only. The gap between what free users get and what paying users get is widening every month. There's also a new effort control system. You can choose between low, medium, high, extra, and max effort levels. The default for coding is high. For quick questions, you drop to low and save tokens and time. For complex analysis or critical tasks, you crank it up to extra or max.
SPEAKER_01This is a cost control feature that small businesses should pay attention to. If you're using Claude for simple tasks at max effort, you're burning money. If you're using it for critical tasks at low effort, you're getting bad results. The effort selector lets you match the compute to the job.
SPEAKER_00Here's a practical example. If you're using Claude to draft a quick email, run it at low effort. You'll get a fine result in seconds for pennies. But if you're asking it to analyze a complex contract or debug production code, crank it up to extra or max. The cost difference per task can be five to ten times, but so can the quality difference.
SPEAKER_01So if you're running high-volume, low complexity tasks, your costs just dropped significantly. That's the kind of improvement that matters when you're processing hundreds of customer support tickets or generating product descriptions at scale.
SPEAKER_00And there's a strategic angle here. If Anthropic is making fast mode cheaper and faster, they're competing directly with OpenAI's lower cost tiers. This is the AI price war working in your favor. Every time one provider drops prices or improves performance, the others have to respond. Keep that in mind when you're evaluating your subscriptions. Let me bring this back to the mythos story, because that's the one with the bigger implications. When Anthropic says they're releasing something they previously said was too dangerous, you should ask why.
SPEAKER_01And the answer is partly that they've built better safeguards and partly that someone else was going to release something like this anyway. Anthropic literally said they expect mythos level capabilities to become widely available within six to twelve months, whether from them or from competitors. So they'd rather release it on their terms, with guardrails, than have an unguarded version show up on the open internet.
SPEAKER_00And that alternative is real. We've already seen open weight models that can find security vulnerabilities. They're not as capable as Miphos yet, but they're getting better every month. Anthropic knows that the clock is ticking. Either they release it with guardrails or someone else releases something similar without them.
SPEAKER_01It's the same logic behind why security researchers publish vulnerabilities after giving companies time to patch. If you don't disclose, someone else discovers it anyway and might not tell you.
SPEAKER_00Controlled release beats uncontrolled discovery. For your business, here's what to do this week. First, if you use Claude for anything, coding, writing, analysis, update to Opus 4.8. The honesty improvements alone are worth it. You'll get fewer confident sounding wrong answers, and that matters when you're making business decisions based on AI output.
SPEAKER_01Second, start using effort control. Audit your AI usage. Are you paying for max effort on tasks that only need medium? Are you running low effort on tasks that need high? The difference in cost can be significant over a month.
SPEAKER_00Third, take a security inventory. If you're running a website, an app, or any customer-facing software, now is the time to audit your security. Because the tools that can find your vulnerabilities are getting dramatically better. And not all of those tools will be gated behind enterprise contracts.
SPEAKER_01Fourth, and this is the big picture point, start budgeting for AI security. Whether it's mythos access through a future clawed security dashboard or third-party security tools powered by these models, the cost of securing your business against AI-powered attacks is going to be a line item. The cost of not securing it is going to be much higher.
SPEAKER_00There's one more thing to watch. India's government is reportedly negotiating through diplomatic channels for access to mythos. When nation states are lobbying for access to a cybersecurity AI, that tells you everything about how powerful this thing is. And it raises the stakes for every business. Because if governments see this as critical infrastructure, the regulatory conversation is coming next.
SPEAKER_01The bottom line for your business this week. One, update to OPUS 4.8 if you use Claude. The honesty improvements are real and they matter. Two, start using effort control to match your AI spend to your task complexity. 3. Do a security inventory now because the tools that can find your vulnerabilities just got dramatically better. And four, start budgeting for AI security because it's going to be a line item whether you like it or not.
SPEAKER_00The AI that finds your vulnerabilities before hackers do is coming. The AI that helps you write better code and make better decisions is already here. The question is whether you'll use these tools to get ahead or wait until they're used against you.
