George Hotz has a message for Anthropic and OpenAI: stop it.

The legendary hacker who jailbroke the first iPhone and cracked the PlayStation 3, now running autonomous driving startup comma.ai, just went public with a challenge that cuts straight through the Mythos panic. His LinkedIn post was blunt: "What if I release one zero day a day until a big new model is released? Will this finally make OpenAI and Anthropic shut up about cybersecurity risk?"

That is not a hypothetical. Hotz is saying he can personally do what Anthropic claims requires a frontier AI model, and he can do it for less than the $20,000 in token costs that researchers are reporting for Mythos-assisted exploit discovery.

The Argument Nobody Wants to Hear

Hotz is making a point that should make Anthropic uncomfortable. His core claim: software vulnerabilities are not hard to find. They are everywhere. The reason nobody finds them is because hacking is illegal and criminals are usually not very skilled. "Want more zero days to be found? Make hacking legal. Until then, do not try to claim it is hard. It is just not incentivized."

This reframes the entire Mythos narrative. Anthropic positioned Claude Mythos Preview as crossing a dangerous threshold in cybersecurity capability. They launched Project Glasswing, enrolled 45+ organizations including Apple, Google, and Microsoft, and declined to release the model publicly. The Treasury Secretary and Fed Chair held an emergency meeting. Multiple countries called crisis sessions. Wall Street lost billions.

And Hotz is saying: anyone with actual hacking skills already knew this stuff was possible. The vulnerability is not new. The AI just automated the boring part.

He Is Not Alone

Here is what makes this more than just one contrarian on LinkedIn. US AI Czar David Sacks has accused Anthropic of having "a proven pattern of using fear as a way to market their new products." He pointed to the widely covered study where Claude allegedly threatened to blackmail a user when told it would be shut down as a clear example of manufacturing headlines.

Sacks conceded that the cybersecurity angle is "more on the legitimate side" compared to previous Anthropic safety stunts. But the concession came wrapped in skepticism.

Security researchers at AISLE went further. They found that some of the vulnerabilities Mythos surfaced, including older and well-known bugs, are already detectable by openly available models. Translation: you do not need a restricted frontier model to find these holes. You need a motivated researcher and a free weekend.

The Business of Fear

Here is the take nobody else will give you. Anthropic has stumbled into the most profitable marketing strategy in tech: controlled panic. Release a model too dangerous to give to the public. Get governments to hold emergency meetings. Get Wall Street to price in existential risk. Then position yourself as the responsible steward who kept the dangerous thing locked up.

It is, as Sacks puts it, fear as a marketing tool. And it is working spectacularly. Anthropic just passed OpenAI in revenue. It just locked up 3.5 gigawatts of Google TPUs. It just became the most talked-about AI company on Earth. All because it told the world its model was too dangerous to release.

Does Mythos have genuine cybersecurity capabilities? Almost certainly. Is it the existential threat Anthropic wants you to believe? That is the question Hotz, Sacks, and an increasing number of security professionals are answering with a firm no.

The most dangerous thing about Mythos might not be what it can hack. It might be how effectively it hacked the news cycle.