Credit: Shutterstock
The most capable AI model ever built isn’t available to the public for a reason.
On April 7, Anthropic announced Claude Mythos Preview, a frontier AI model it describes as a significant leap forward in coding and autonomous reasoning. The announcement came with an unusual caveat that Anthropic has no plans to release it to the public. The reason is its capability.
What Makes Mythos Different
Mythos wasn’t specifically trained for cybersecurity. Its capabilities emerged as a downstream consequence of general improvements in code, reasoning, and autonomy. These are the same improvements that make the model more effective at patching vulnerabilities and also at exploiting them.
Over the past few weeks, Anthropic used Mythos to identify thousands of zero-day vulnerabilities that were previously unknown even to the software’s own developers. And many of them were critical across every major operating system and web browser.
Zero-day vulnerabilities are particularly dangerous because there are no existing patches for them. They are the crown jewels of hackers and state-sponsored spy agencies.
Here are some findings by Mythos that tell the story:
- A 27-year-old bug in OpenBSD — an operating system specifically designed to be difficult to hack, widely used in firewalls and critical infrastructure.
- A 16-year-old vulnerability in the widely used FFmpeg video processing library that automated testing tools had probed five million times without catching.
- A 17-year-old remote code execution vulnerability in FreeBSD (CVE-2026-4747) that lets an unauthenticated attacker gain complete root control of a machine over the internet.
Beyond individual bugs, Mythos chained multiple vulnerabilities to produce sophisticated exploits that would have been impossible with a single flaw alone.
The Banking Industry Is Particularly Exposed
Financial institutions face a compounded risk. Banks use technology stacks that mix modern tools with software written decades ago. They are never designed to withstand AI-level scrutiny.
CrowdStrike’s 2026 Global Threat Report found an 89% increase in attacks by adversaries using AI year-over-year. A model like Mythos could accelerate that trend significantly.
Government officials in the U.S., Canada, and the UK have already met with senior banking leaders to assess the threat. The U.S. Treasury confirmed that further meetings are planned.
Anthropic’s Response: Project Glasswing
Rather than shelving the model entirely, Anthropic launched Project Glasswing. The AI giant will be giving access to a group of major tech and cybersecurity firms, including Amazon, Apple, Cisco, Google, Microsoft, JPMorgan Chase, CrowdStrike, Nvidia, Palo Alto Networks, Broadcom, and the Linux Foundation, to use Mythos for defensive security work.
The name is deliberate. The glasswing butterfly hides in plain sight, using transparent wings much like the vulnerabilities Mythos is now surfacing, bugs buried inside complex systems that nobody noticed for decades.
Anthropic is committing $100 million in usage credits and $4 million in direct donations to open-source security organizations as part of the initiative. Over 40 additional organizations maintaining critical software infrastructure also have access.
CrowdStrike CTO Elia Zaitsev put the urgency in words: “The window between a vulnerability being discovered and being exploited by an adversary has collapsed. What once took months now happens in minutes with AI.”
The Double-Edged Problem
Anthropic’s core argument is that it’s running the model against public and proprietary software to find and patch vulnerabilities before hackers get access to equivalent capabilities. But some security experts, including Bruce Schneier, have noted that this doubles as a significant PR move, and that the line between responsible disclosure and competitive positioning isn’t always clear.
The harder question is structural.
As Anthropic’s own chief science officer, Jared Kaplan noted, Mythos capabilities will eventually be available in other models. Anthropic itself acknowledged it did not explicitly train Mythos to have these capabilities, but they emerged on their own. That makes them very difficult to contain in the long term.
What Comes Next
Anthropic is clear that Mythos is not the ceiling. More capable models are coming.
The company plans to develop new safeguards through an upcoming Claude Opus model, using it as a lower-risk testbed before eventually deploying Mythos-level capabilities more broadly.
The goal of Project Glasswing is to give defenders a head start, not to keep the model permanently locked away. Whether that head start proves sufficient depends on how fast the rest of the industry moves, and how quickly adversaries develop equivalent tools of their own.
The 20-year equilibrium in cybersecurity, where attackers and defenders both operated at a human scale, is effectively over.
