AI Capability Research

State of play.

• Anthropic's Claude Mythos has introduced a qualitatively new cybersecurity threat vector. In controlled testing, Mythos discovered thousands of zero-day vulnerabilities — including 271 in Firefox and decades-old flaws in FreeBSD and OpenBSD — and chained multi-step exploits; the UK AI Security Institute confirmed it compromised simulated corporate networks in 3 of 10 attempts .
• AI capability is bifurcating along hardware supply lines. DeepSeek V4-Pro — trained for under $6 million and running on Huawei Ascend processors — trails U.S. closed-source leaders by an estimated 3 to 6 months while pricing output at $3.48 per million tokens versus $30 for GPT-5.4, accelerating Chinese AI independence from U.S. export controls .
• Infrastructure architecture is shifting from GPU-centric to heterogeneous compute. Meta's multibillion-dollar AWS Graviton CPU deal and a near-memory chip startup targeting 7-to-20x memory bandwidth gains signal that agentic AI workloads are driving hardware diversification beyond Nvidia .
• Model collapse and capability-timeline discourse are both entering legal and regulatory framing. Oxford-linked research documents a self-referential training loop degrading AI output quality; researchers have identified 2026 as a potential inflection point in emergent-behavior discovery rates — neither has a settled legal standard attached, but both are beginning to structure foreseeability and governance arguments .
• For counsel advising AI developers, enterprise deployers, or cybersecurity clients, the practical baseline is that Mythos has moved dual-use AI capability from theoretical to demonstrated — clients with exposure to critical infrastructure, financial systems, or sensitive codebases need to assess both their defensive posture and their contractual allocation of AI-enabled breach risk now.

Where things stand.

• Mythos has demonstrated autonomous offensive cybersecurity capability at enterprise scale. Anthropic restricted distribution to Project Glasswing participants — Apple, Goldman Sachs, NSA, and AISI — but unauthorized access reports emerged in late April; competing systems including GPT-5.4-Cyber and Google's Big Sleep are in development, and open-source models have already demonstrated comparable exploitation techniques .
• Dual-use AI governance frameworks remain nascent. Mythos's controlled-release model and AISI evaluation represent the current state of the art in pre-deployment safety assessment; no binding regulatory framework governs what a developer must do before releasing a model with autonomous offensive cyber capabilities .
• DeepSeek V4 has demonstrated sustained Chinese capability gains on domestic hardware. The 1.6 trillion-parameter V4-Pro runs on Huawei Ascend chips, validating an alternative supply chain to Nvidia; the State Department issued a diplomatic cable alleging IP theft by DeepSeek on launch day, with full details undisclosed and a Trump-Xi summit focused on semiconductors and IP protection as the diplomatic backdrop .
• Enterprise AI infrastructure is diversifying away from pure GPU dependency. Meta's multi-year AWS Graviton deal deploys tens of millions of ARM-based CPU cores for agentic AI workloads alongside its $48 billion Nvidia GPU investment for model training .
• The memory wall is a recognized hardware bottleneck with active private-sector solutions. AI compute power has scaled three times faster every two years than memory bandwidth since 2019; a startup founded by former Google and Meta engineers is pursuing near-memory computing and 3D stacking architecture targeting 7-to-20x bandwidth gains, building on SkyWater Technology's first U.S.-foundry monolithic 3D chip prototype .
• Model collapse is documented but legally unaddressed. Research drawing on Oxford and Canadian studies describes a self-referential training loop — AI systems exhausting human-generated data and training on synthetic output — producing progressive degradation of rare knowledge and eventual incoherence; no regulatory data provenance standards or platform segregation requirements are yet in force .
• AI is embedding patentability analysis directly into drug discovery pipelines. The Pun et al. review in Nature Reviews Drug Discovery documents AI compressing preclinical timelines from years to months and reducing costs approximately 40 percent, while creating inventorship gaps under EPC Article 81 and U.S. law; the USPTO's AI Search Automated Pilot program has been extended through June 1, 2026 .
• Singularity-timeline discourse is entering foreseeability and governance debates. Alex Wissner-Gross's modeling of emergent-behavior discovery rates, amplified by Elon Musk and framed against Kurzweil's 2045 projection, carries no official status but is beginning to structure how legislators and litigants frame AI governance timelines and causation arguments .

Latest developments.

• Anthropic's Claude Mythos Preview demonstrates autonomous discovery of thousands of zero-day vulnerabilities and multi-step exploit chaining; AISI confirms 3-of-10 simulated corporate network compromises; unauthorized access reports emerge in late April
• Researchers identify May 3, 2026 as a mathematical inflection point in emergent-behavior discovery rates; debate amplified by Musk and Kurzweil framing, with no institutional backing but growing influence on legislative and litigation framing

Active questions and open splits.

• What legal duty attaches to a developer releasing a model with autonomous offensive cyber capabilities. Mythos's controlled-release architecture — Project Glasswing, AISI evaluation, NSA red-teaming — represents a voluntary standard; whether it satisfies any duty of care, and what happens when unauthorized access occurs despite those controls, is entirely unsettled .
• How contractual breach allocation shifts when AI-enabled attacks outpace traditional incident response. Mythos compresses reconnaissance and exploitation from weeks to hours; standard cyber insurance policies, MSA indemnification provisions, and incident response SLAs were not drafted against that threat model — clients need to know whether their existing contracts cover AI-accelerated breach scenarios .
• Whether DeepSeek's On-Policy Distillation techniques constitute IP theft under U.S. law. The State Department's diplomatic cable alleges theft but has not disclosed its evidentiary basis; the legal theory — whether distillation from U.S. model outputs violates copyright, trade secret, or export control law — is unsettled and will define the enforcement landscape for any company licensing AI technology to or operating in China .
• Whether model collapse creates actionable professional-use liability. If AI systems trained on synthetic data produce degraded outputs in legal research, medical diagnostics, or financial analysis, the question of what verification standard a professional must apply — and whether current platforms have disclosed the risk — is unresolved by any court or regulator .
• Whether AI-generated drug candidates satisfy inventorship requirements. Premature patents on unvalidated AI-identified candidates and inventorship gaps under EPC Article 81 and U.S. law remain live; the USPTO's pilot program streamlines prior art search but does not resolve who qualifies as inventor when AI drives target selection .
• Whether capability-timeline discourse will anchor foreseeability arguments in AI litigation. If courts accept 2026 as a recognized inflection point in AI capability — even informally — defendants in AI safety and autonomous systems cases face arguments that risks were foreseeable by reference to publicly circulating projections .
• Whether data provenance mandates will emerge as a regulatory response to model collapse. Regulators have not yet required platforms to segregate human-generated from AI-generated training data; if they do, the compliance architecture will resemble existing data governance frameworks but with novel technical requirements that no current standard addresses .

What to watch.

• Whether any regulator — AISI, CISA, or a domestic agency — moves to formalize pre-deployment evaluation requirements for models with offensive cyber capabilities in response to Mythos; the AISI evaluation is currently voluntary.
• Whether the unauthorized access reports involving Mythos produce a disclosed breach, triggering notification obligations and the first public test of liability allocation for AI-enabled intrusion.
• Disclosure of the State Department's evidentiary basis for IP theft allegations against DeepSeek — and whether the Trump-Xi summit produces any semiconductor or IP enforcement framework that creates compliance obligations for U.S. companies operating in China.
• USPTO guidance following the June 1, 2026 expiration of the AI Search Automated Pilot program, and whether it signals a broader rulemaking on AI inventorship.
• Whether any court, regulator, or professional standards body issues guidance on AI output verification requirements in response to model collapse research — the first such standard will set the baseline for professional-use liability.