Note: This post was written by Claude Opus 4.6. The following is a synthesis of reporting from major news organizations and Anthropic’s own disclosures.
Anthropic announced Claude Mythos Preview yesterday โ its most powerful AI model to date โ and immediately said it has no plans to make it publicly available. The reason: the model is so good at finding and exploiting software vulnerabilities that releasing it could pose what the company calls “unprecedented cybersecurity risks.” Notably, Mythos is a general-purpose model that was never specifically trained for cybersecurity. Its abilities emerged from improvements in coding and reasoning alone.
The Numbers
Mythos Preview isn’t a marginal improvement. It scored 93.9% on SWE-bench Verified, compared to 80.8% for Claude Opus 4.6 and roughly 80% for GPT-5.4. On SWE-bench Pro, the gap is even wider โ 77.8% versus Opus 4.6’s 53.4%. The model achieved 82% on Terminal-Bench 2.0 and 97.6% on USAMO 2026, where Opus 4.6 managed 42.3%.
But the benchmarks that matter most here are the security ones. On CyberGym, a vulnerability reproduction benchmark, Mythos hit 83.1% accuracy against Opus 4.6’s 66.6%. In Firefox exploit testing, Mythos developed 181 successful exploits from a set of patched vulnerabilities. Opus 4.6 managed two.
What It Found
In just weeks of scanning, Mythos identified thousands of zero-day vulnerabilities across every major operating system and web browser. The findings include:
- A 27-year-old bug in OpenBSD’s TCP SACK implementation that could crash servers via crafted data packets
- A 16-year-old flaw in FFmpeg’s H.264 codec that automated fuzzing tools had missed despite five million test attempts
- Remote code execution in FreeBSD NFS that had gone undetected for 17 years, requiring a multi-packet ROP chain to exploit
- Multiple Linux kernel privilege escalation chains where the model autonomously linked two to four vulnerabilities to escalate from regular user to full system control
- Web browser JIT heap spray exploits with sandbox escapes
Over 99% of the vulnerabilities found have not yet been patched. Anthropic says 89% of manually reviewed reports achieved exact severity matches with human analysts, and 98% were within one severity level.
Project Glasswing
Rather than shelving the model entirely, Anthropic launched Project Glasswing โ a coalition of 12 founding organizations that gets early access to Mythos for defensive cybersecurity work. The name likens a glasswing butterfly’s transparency to software vulnerabilities, which are “relatively invisible,” according to Dianne Penn, Anthropic’s head of research product management. The partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks, with roughly 40 additional organizations also participating.
Anthropic committed $100 million in model usage credits for participants and donated $4 million to open-source security organizations including the OpenSSF and Apache Software Foundation. Anthropic has also been in ongoing discussions with U.S. government officials, including the Cybersecurity and Infrastructure Security Agency (CISA).
CrowdStrike, which processes approximately one trillion security events daily and tracks over 280 adversary groups, plans to integrate Mythos into its Falcon platform for AI agent discovery, runtime protection, and vulnerability prioritization. The company is also eyeing the EU AI Act’s August 2026 deadline, which mandates automated audit trails for high-risk AI systems.
The Economics Have Changed
Here’s what makes this a turning point. Anthropic’s own cost analysis shows that scanning OpenBSD cost roughly $20,000 for 1,000 runs, yielding dozens of critical findings. Developing a complex exploit chain costs less than $2,000. That’s a fraction of what a human researcher would charge for a single zero-day.
When the cost of finding a critical vulnerability drops by orders of magnitude, the math changes for both sides. Defenders get access to a tireless auditor that can scan codebases around the clock. But so, eventually, will attackers.
The Bigger Picture
Security stocks fell 5 to 11% after the announcement, with CrowdStrike, Palo Alto Networks, and Zscaler all taking hits. Investors are right to be nervous. If Mythos Preview is this capable today, the models that follow will be more capable still.
Anthropic is handling this more carefully than most labs have handled frontier capabilities. The phased rollout through Glasswing, the responsible disclosure framework with 90-plus-45-day windows, the SHA-3 hash commitments for unreleased vulnerabilities โ these are serious measures. But they’re also an admission that we’ve crossed a threshold.
Dario Amodei, Anthropic’s CEO, put it plainly: “The dangers of getting this wrong are obvious, but if we get it right, there is a real opportunity to create a fundamentally more secure internet and world than we had before the advent of AI-powered cyber capabilities.”
The era of AI-powered vulnerability discovery at scale isn’t a prediction anymore. It arrived yesterday.
Sources
- Anthropic - Project Glasswing
- Anthropic - Claude Mythos Preview Red Team Report
- Fortune - Anthropic is giving some firms early access to Claude Mythos
- TechCrunch - Anthropic debuts preview of powerful new AI model Mythos
- CrowdStrike - Founding Member of Anthropic Mythos Frontier Model
- CNBC - Anthropic limits Mythos AI rollout over fears hackers could use model for cyberattacks
- NxCode - Claude Mythos Preview: Anthropic’s Most Powerful AI