Anthropic unveils Claude Mythos Preview but keeps it locked down over extreme cyber risk
5 min. read 
Published on
Anthropic has introduced Claude Mythos Preview, a new unreleased model the company says can outperform almost all human experts at finding and exploiting software vulnerabilities. The company did not launch it publicly. Instead, it placed the model inside a restricted program called Project Glasswing for selected defenders and infrastructure operators.
The core claim in your sample is real. Anthropic says Mythos Preview can do far more than ordinary bug hunting. In its own technical write-up, the company says the model can find vulnerabilities, build reliable exploits, and in some cases chain multiple flaws together against hardened targets.
Access content across the globe at the highest speed rate.
70% of our readers choose Private Internet Access
70% of our readers choose ExpressVPN
Browse the web from multiple devices with industry-standard security protocols.
Faster dedicated servers for specific actions (currently at summer discounts)
Anthropic also says these offensive capabilities were strong enough to justify a limited rollout rather than a consumer release. The company launched Project Glasswing to work with major software and infrastructure organizations on responsible disclosure and patching before broader model access becomes possible.
Why Claude Mythos Preview is drawing so much attention
This is not just another coding model announcement. Anthropic says Mythos Preview reached a level where it can surpass all but the most skilled humans at finding and exploiting software flaws. That puts it in a very different category from typical AI developer tools that help with code completion or basic debugging.
In Anthropic’s published testing, the model reportedly achieved control-flow hijacking against fully patched open-source targets and produced advanced browser exploit chains. The company says these results did not come from explicitly teaching the model how to attack systems step by step. Instead, they emerged from broader gains in reasoning and autonomous coding ability.
Anthropic’s material also says Mythos Preview discovered old, deeply buried flaws in major software, including a 27-year-old OpenBSD bug and a 16-year-old FFmpeg bug. Those details match the sample article’s central examples.
What Anthropic says Mythos can do
| Capability area | What Anthropic says |
|---|---|
| Vulnerability discovery | Finds serious flaws in major software systems at very high skill levels |
| Exploit development | Can generate working exploits and chain multiple bugs together |
| Browser exploitation | Built browser exploits that bypassed strong mitigations in Anthropic testing |
| Autonomous workflow | Reads code, tests ideas, writes proofs of concept, and iterates inside isolated environments |
| Access model | Not publicly released; limited to trusted organizations through Project Glasswing |
Project Glasswing is the real story behind the launch
Anthropic did not frame this as a product launch for ordinary Claude users. It framed it as a defensive security effort. Project Glasswing brings together major technology, security, and infrastructure organizations so they can use the model to identify and fix dangerous bugs before attackers catch up.
Reuters reported that the partner list includes companies such as Amazon, Apple, Google, Microsoft, Nvidia, CrowdStrike, and Palo Alto Networks. Anthropic also said it plans to expand access to around 40 additional organizations that manage critical software infrastructure.
Anthropic says it is also supporting the effort with major usage credits and open-source security funding. That shows this is not only about model access. It is also about scaling patch work and disclosure work around the vulnerabilities the model can uncover.
Why Anthropic is holding Mythos back
Anthropic’s explanation is straightforward. The company believes models with this level of cyber capability could give malicious actors a temporary advantage if released too broadly. Its Glasswing page says the goal is to help defenders secure critical software before similarly capable systems become widely available.
That concern goes beyond ordinary bug reports. Anthropic’s cybersecurity assessment says Mythos Preview can turn vulnerability discovery into exploit generation at a much higher level than older models. The company’s system card and risk materials also show it treated the release decision as a serious safety issue, not a normal feature rollout.
The result is unusual but clear. Anthropic unveiled the model publicly, described its capabilities in rare detail, and then refused to release it as a normal product. That tension is exactly why the announcement is getting so much attention across the security industry.
Key takeaways
- Claude Mythos Preview is real, and Anthropic says it has powerful zero-day discovery and exploit-building abilities.
- Anthropic is not offering Mythos as a public Claude release. It is limiting access through Project Glasswing.
- Anthropic says the model found longstanding bugs in software including OpenBSD and FFmpeg.
- The company says the model can help defenders now, but it also believes wider release could create immediate risk.
FAQ
It is an unreleased Anthropic model that the company says has unusually strong cybersecurity capabilities, including vulnerability discovery and exploit generation.
No. Anthropic says access is restricted to selected organizations through Project Glasswing.
It is Anthropic’s limited-access cybersecurity initiative built to help trusted partners identify and patch critical vulnerabilities using Mythos Preview.
Yes. Anthropic’s published materials cite a 27-year-old OpenBSD flaw and a 16-year-old FFmpeg flaw among its examples.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
Improve this guide
User forum
0 messages