🚨 JAILBREAK ALERT 🚨
ANTHROPIC: PWNED 🫡
FABLE-5: LIBERATED 🦋
let's start with the 🐘...
the consensus seems to be that this has been one of the most disappointing model drops of all time, effectively preventing legitimate researchers from contributing their talents to our collective advancement. and not just because of what it means for the short-term, but for what these decisions signify for the long-term.
but despite this overly sensitive, authoritarian "safety" layer on top of Mythos, my lil liberators have been hard at work—mapping the boundaries, probing the depths of long-context convos, and cleverly finding the holes in the fence that the thought police missed 🤗
we got some cyber, some chem, some psychological manipulation, and some good ol' fashioned explosives!
it took many attempts from multiple agents hunting as a pack, during which I observed a combination of techniques across:
• Unicode, homoglyphs, Cyrillic, and other Parseltongue-style text transforms
• Long-context reference tracking
• Taxonomy and document-structure reasoning
• Fiction and narrative framing
• Academic-review style contexts
• Intent-classification inconsistencies
but perhaps the most effective is decomposition + recomposition in the backend. it's hard to get explicit names of harms like "Meth Recipe," but getting uplift on the process itself, like birch reduction method/reductive-amination (classic meth synthesis pathways), is much more doable.
defense becomes much more difficult to maintain when you start throwing in out-of-distro tokens, breaking up the harmful uplift into benign chunks, and then piecing the innocuous-seeming facts back together, especially when you have jailbroken Opus helping you do it 😉
gg
Three OSS projects on my radar this week:
- OpenSRE: AI SRE agents that take an alert, pull evidence from your stack (logs, metrics, configs, dependencies), test hypotheses in parallel, and post a root cause report back to Slack. Ships with integrations for Datadog, Grafana, AWS, GitHub, and more.
- Opencove: instead of cramming agents into split panes, it gives you an infinite canvas. Claude Code and Codex sessions, terminals, tasks, and notes all live side by side. Your viewport and agent state survive restarts, so the workspace feels persistent.
- Vibeyard: a real IDE for working with coding agents. Multi-session per project, a grid view to see all your agents at once, live cost and context tracking, P2P session sharing with teammates over WebRTC. Built around Claude Code for now.
Feels like the wave has moved on from "look, AI can code" to actual infrastructure for running this stuff.
Perplexity, Claude, Grok, and ChatGPT have been leaking your conversations alongside cookies to third-party ad and tracking services. Full disclosure: https://t.co/5L7KXeMmEN
@__aniketh, Guilherme Oliveira, Jorge García Herrero, Miguel Sanchez, @narseo, Tautvydas Jackevičius
A single 𝗖𝗟𝗔𝗨𝗗𝗘.𝗺𝗱 file just hit #1 on GitHub trending 🤯
It fixes LLMs' worst coding habits using 4 principles from Karpathy:
Karpathy called LLMs out for making wrong assumptions silently. They overcomplicate everything. They edit code they were never asked to change. No pushback. No clarifying questions. They just run.
So those observations were encoded into 4 behavioral constraints:
→ Think before coding. If something’s ambiguous, ask. Don’t pick one interpretation and run. Surface tradeoffs, stop when confused.
→ Simplicity first. Write the minimum code that solves the problem. No speculative abstractions, no flexibility nobody asked for.
→ Surgical changes. Only touch what the task requires. Don’t improve neighboring code, don’t refactor what isn’t broken.
→ Goal-driven execution. Turn vague instructions into verifiable targets before writing a line. “Add validation” becomes “write tests for invalid inputs, then make them pass.”
It works immediately.
Drop the file in your project root and Claude Code follows it from the first task.
One file. Zero dependencies. No setup.
And best part, 100% open source.
Introducing OpenMythos
An open-source, first-principles theoretical reconstruction of Claude Mythos, implemented in PyTorch.
The architecture instantiates a looped transformer with a Mixture-of-Experts (MoE) routing mechanism, enabling iterative depth via weight sharing and conditional computation across experts.
My implementation explores the hypothesis that recursive application of a fixed parameterized block, coupled with sparse expert activation, can yield improved efficiency–performance tradeoffs and emergent multi-step reasoning.
Learn more ⬇️🧵
I pointed claude opus at chrome and told it to build a full v8 exploit for discord.
A week of back-and-forth pulling it out of dead ends. 2.3B tokens. $2,283 in API costs, and it popped a shell.
https://t.co/vwj9d33Bvq
🚨BREAKING: Anthropic just built their most capable model ever and decided not to release it publicly.
Claude Mythos Preview beats every previous model on benchmarks across coding, reasoning, and research.
The cybersecurity capabilities are what stopped the release. It can find vulnerabilities and design exploits at a level that made general availability a bad idea. It is going to a limited set of infrastructure partners under Project Glasswing, restricted to defensive use only.
The alignment section says it is the best aligned model Anthropic has ever built. It also says that when it does act out of line, current safety methods may not be enough to hold as models get more capable.
Most capable ever. Best aligned ever. Still too dangerous to ship.
We used Claude to discover CVE-2026-34197, a remote code execution vulnerability affecting the #Apache#ActiveMQ Classic web console. This is exploitable with default creds or completely unauthenticated for certain versions.
https://t.co/C1uKzMCrM8
Web-Fuzzing-Box by @VulkeyChen is a massive collection of pre-built wordlists and payloads covering everything from content discovery to XSS, SQL injection, 403 bypasses, and brute force attacks! 🤠
Check it out! 👇
https://t.co/GGGT59PaUo
Found an exposed Swagger/OpenAPI file on your target? 🧐
Sj by @BishopFox audits endpoints defined in Swagger docs automatically, tests all defined endpoints, generates curl/sqlmap commands, and even bruteforces for hidden definition files! 🤠
Check it out! 👇
🔗 https://t.co/x41DTGB6dR
@hakluke@xnl_h4ck3r 4️⃣ JSAnalyzer
JSAnalyzer by @_jensec automatically extracts API endpoints, secrets, URLs, and sensitive files from JS responses, with smart noise filtering to reduce false positives! 🤠
🔗 https://t.co/MX5NCbb3zu
AI applications are everywhere now. So are prompt injection vulnerabilities.
If an LLM processes user input and has access to tools, APIs, or data, it's a target.
If you're testing apps - now's the time to learn about LLM attacks!
https://t.co/Xkn6EZr74s