A.I. Safety Is So Back + Mythos Mayhem with Nikesh Arora + Hot Mess Express

Summary of A.I. Safety Is So Back + Mythos Mayhem with Nikesh Arora + Hot Mess Express

by The New York Times

1h 7mMay 15, 2026
Listen to Episode

Overview of A.I. Safety Is So Back + Mythos Mayhem with Nikesh Arora + Hot Mess Express

This episode of Hard Fork centers on a major shift in AI politics: the Trump administration, which had previously downplayed AI safety concerns, now appears far more alarmed by the power of frontier models—especially Anthropic’s Claude Mythos preview, which is reportedly capable of finding novel cyber vulnerabilities. The hosts discuss how this has pushed the federal government toward possible new model-testing and oversight regimes. The second half features a wide-ranging interview with Palo Alto Networks CEO Nikesh Arora about how AI is changing cybersecurity, followed by the recurring “Hot Mess Express” segment covering tech and internet chaos from Venmo privacy changes to a ridiculous OpenAI inheritance joke.

The Trump Administration’s Sudden AI Safety Pivot

From “let AI cook” to “slow down”

  • The hosts argue that the Trump administration’s attitude toward AI safety has shifted dramatically in a short period.
  • During the Biden era, Republicans framed pre-release testing and AI oversight as anti-innovation and overly restrictive.
  • Now, the Trump team is reportedly considering:
    • An AI working group with tech executives and officials
    • Possible government review/testing of new AI models before release
  • The episode highlights the irony: ideas once mocked as “doomer” policy are now being considered by the very people who opposed them.

Why Mythos changed the conversation

  • Anthropic’s Claude Mythos preview is the catalyst for the shift.
  • According to the discussion, the model can:
    • Discover new code vulnerabilities
    • Chain exploits together
    • Surface serious security issues at scale
  • The hosts suggest the administration’s old “AI is just another normal technology” stance no longer holds up in the face of models that can actively identify zero-day style weaknesses.

Political and institutional turf wars

  • There’s an apparent struggle over who should oversee frontier-model testing:
    • The Commerce Department’s AI standards/safety group
    • The intelligence community, including the NSA
  • The episode notes the absurdity of the same administration:
    • Removing “safety” from the agency name
    • Then turning around and making safety a policy priority
  • At the same time, Trump is courting NVIDIA and other tech leaders to loosen chip exports to China, creating a contradiction between export expansion and safety restrictions.

Broader implications

  • The hosts suggest AI safety is becoming less partisan:
    • Republicans and Democrats alike are increasingly skeptical of AI
    • Even GOP figures like Ted Cruz are talking about catastrophic risk
  • Their takeaway: the government is finally reacting to the reality that these systems are becoming genuinely powerful and potentially dangerous.

Interview with Nikesh Arora: Why Cybersecurity Is Being Rewritten by AI

Nikesh Arora, CEO and chairman of Palo Alto Networks, joins to explain how advanced AI models are transforming both attack and defense in cybersecurity.

The core shift: attacks are now measured in minutes, not days

  • Arora says the time it takes attackers to breach systems and extract valuable data has collapsed from days to minutes.
  • That means cybersecurity defenses must also operate in real time.
  • He argues the industry must “find AI with AI” to keep up.

What Mythos and similar models are showing

  • Palo Alto and other companies were given early access to models like:
    • Claude Mythos
    • GPT-5.5 Cyber
  • Arora says these models are useful because they reveal “the art of the possible” for both attackers and defenders.
  • He emphasizes:
    • They are good at finding vulnerabilities
    • They can also daisy-chain exploits
    • They expose huge amounts of technical debt in older codebases

What companies are finding

  • Palo Alto publicly said it patched about 26 critical exploits covering 75 issues—far above its normal baseline.
  • Arora expects many companies to uncover similar hidden vulnerabilities as they run these models over their systems.
  • He predicts:
    • Lots of patching in the next 3–6 months
    • More audits of servers, switches, routers, and other infrastructure
    • A broad “cleansing” of vulnerability debt

The 90-day disclosure window may be too slow

  • In traditional security, researchers often give companies 90 days to fix a bug before disclosure.
  • Arora suggests AI makes that timeline much shorter.
  • His company believes:
    • In an AI-assisted attack, initial access and exfiltration could happen in as little as 25 minutes
  • The hosts and Arora agree the old disclosure model may no longer fit the speed of AI-enabled exploitation.

Defenders vs. attackers

  • Arora is blunt that these tools currently favor attackers:
    • Attackers only need to find one path in
    • Defenders must block everything
  • He thinks the bad actors benefit more from the asymmetry, at least for now.
  • Still, he argues defenders need to use these tools immediately to harden systems before adversaries catch up.

Who is most at risk

  • Arora is especially worried about:
    • Small businesses
    • Hospitals
    • Industrial and non-tech companies
  • His view: organizations that don’t have deep technical teams are most vulnerable.
  • Financial institutions, by contrast, are better prepared because they already have strong security teams and resources.

Consumer security is lagging behind enterprise security

  • He notes that enterprise systems can often block phishing and malicious links across many customers at once.
  • Consumers don’t have the same kind of centralized protection.
  • He argues email providers and telecom companies need to do more to stop obvious scams and phishing attempts.

AI won’t necessarily mean fewer jobs

  • Arora pushes back on the idea that AI will simply replace engineers.
  • His view:
    • Better tools create more capacity
    • More capacity leads to more backlog being tackled
    • Companies will likely hire more people with new skills, not fewer overall
  • He sees AI as driving a decade-long business transformation, not a simple headcount reduction.

Hot Mess Express: Tech Chaos of the Week

Venmo becomes less nosy

  • Venmo is testing a redesign that makes new users’ transactions friends-only by default.
  • The hosts mourn the loss of public transaction posts, which were a rich source of gossip and reporting.
  • Verdict: a cleanup, not a mess.

Amazon’s token-spending problem

  • Amazon employees are allegedly using its internal AI agent tool to generate unnecessary token usage to look productive.
  • The hosts frame this as classic Goodhart’s law: when a metric becomes a target, it stops being a good metric.
  • Verdict: a “hot mesh.”

Students boo an AI commencement speech

  • A commencement speaker called AI “the next industrial revolution” and was loudly booed by graduates.
  • The hosts note that students are increasingly hostile to AI, even if some secretly use it in school.
  • Verdict: understandable backlash, and a warning to future speakers.

Dua Lipa sues Samsung

  • Dua Lipa is reportedly suing Samsung for using her face on TV packaging without permission.
  • The hosts joke about Samsung’s history of explosive hardware failures.
  • Verdict: a true hot mess.

GameStop tried to buy eBay

  • GameStop reportedly made an unsolicited $55 billion takeover bid for eBay, despite not having the money.
  • eBay rejected it as “neither credible nor attractive.”
  • Verdict: an absurd corporate mess.

Shein vs. Temu

  • The fast-fashion rivals are fighting in court over copyright infringement and image copying.
  • The hosts emphasize the irony of two copy-heavy companies suing each other for copying.

Grindr’s disastrous Madonna ad

  • Madonna’s Grindr ad campaign reportedly played audio that outed users in public settings.
  • The hosts call it one of the worst ad executions in recent memory.
  • Verdict: dangerous and irresponsible.

Sam Altman on Elon Musk’s OpenAI inheritance idea

  • In the OpenAI lawsuit, Sam Altman testified that Elon Musk once suggested control of OpenAI should pass to his children if he died.
  • The hosts treat this as another example of the bizarre, document-rich drama surrounding OpenAI.

Closing Takeaways

  • AI safety is suddenly back at the center of U.S. policy, but in a messy and contradictory way.
  • Frontier models are no longer hypothetical risks; they are already uncovering real-world vulnerabilities.
  • Cybersecurity teams are bracing for a much faster, more automated era of attacks.
  • The episode’s broader message: the AI debate has moved from theory to crisis management.

Listener Call to Action

The hosts end by asking listeners to email in if they’ve made major career changes in response to AI, especially if they’ve moved from desk work to more hands-on jobs like HVAC or tree trimming.

  • Email: hardfork@nytimes.com
  • They also invite listeners to tell them what they would do with Mythos if they had access to it.