Something unusual happened in the AI world this week. A company built a model so capable at finding security holes in software that they decided the public shouldn’t have it. Not because it doesn’t work — because it works too well.
I’ve been working with AI tools for over two years now. I write about them, I build with them, I run my entire marketing stack through them. And I’m generally an optimist about what this technology can do for businesses, creators, and regular people trying to get things done.
But when I read through the technical report Anthropic released on April 7, 2026, I stopped scrolling.
Because what they described isn’t just a better chatbot. It’s a model that can find security vulnerabilities that survived decades of human review, write working exploits for them, and do it all without anyone guiding it along the way. And that’s worth paying attention to — especially if you’re someone who isn’t particularly technical.
What Is Claude Mythos, and Why Should You Care?
Claude Mythos Preview is Anthropic’s most powerful AI model to date. It’s a general-purpose language model, meaning it can write code, reason through complex problems, and handle a wide range of tasks. But where it truly stands apart is in cybersecurity.
During internal testing over the past several weeks, Anthropic’s security research team found that Mythos can:
- Identify zero-day vulnerabilities (bugs nobody knew existed) in every major operating system and web browser
- Write working exploits for those vulnerabilities — autonomously
- Turn known-but-unpatched vulnerabilities into attacks faster than human researchers ever could
- Chain together multiple vulnerabilities in a single exploit, bypassing security sandboxes that were specifically designed to prevent this
The numbers are hard to ignore. In one benchmark, the previous best model (Claude Opus 4.6) managed to produce working shell exploits 2 times out of several hundred attempts. Mythos succeeded 181 times on the same test, with 29 additional runs achieving register control.
The Case Studies That Changed My Mind
Anthropic published three specific findings in their report. Each one tells a different story about what this model can do.
1. The 27-Year-Old Bug in OpenBSD
OpenBSD is widely considered one of the most secure operating systems ever built. It’s what security professionals trust to run firewalls and critical infrastructure. Mythos found a vulnerability in its TCP SACK implementation that had been sitting there since 1999 — a denial-of-service flaw that lets a remote attacker crash any OpenBSD machine simply by connecting to it.
The model found this across roughly 1,000 scaffold runs. Total cost: under $20,000.
2. The FFmpeg Flaw That Five Million Tests Missed
FFmpeg is the video encoding and decoding library that powers almost everything — streaming services, video editors, browsers, you name it. Mythos discovered a 16-year-old vulnerability in its H.264 codec, introduced in a 2003 commit and exposed by a 2010 refactor. Every fuzzer and human reviewer who had examined the code in the years since missed it.
The automated testing tools that had exercised that line of code? They’d run it approximately five million times.
3. The FreeBSD Remote Code Execution
This one is the most alarming. Mythos autonomously identified and exploited a 17-year-old remote code execution vulnerability in FreeBSD’s NFS server. The exploit granted full root access to unauthenticated users. No human was involved after the initial prompt. The model read the code, found the flaw, wrote the exploit, and delivered a working proof of concept on its own.
This vulnerability has since been assigned CVE-2026-4747 and patched.
Mythos vs. Previous Models: The Numbers
The performance gap between Mythos and its predecessors isn’t incremental. It’s a different category entirely.
| Benchmark | Claude Sonnet 4.6 | Claude Opus 4.6 | Claude Mythos Preview |
|---|---|---|---|
| SWE-bench Verified (coding) | ~72% | 80.8% | 93.9% |
| SWE-bench Pro | ~38% | 53.4% | 77.8% |
| CyberGym (security tasks) | — | 66.6% | 83.1% |
| Firefox 147 exploit success | ~0% | 2/100s of attempts | 181 successes |
| OSS-Fuzz tier 5 hijacks | 0 | 1 | 10 |
| N-day exploit generation (Linux CVEs) | — | — | >50% success rate |
And here’s what makes this even more significant: Anthropic says they didn’t train Mythos to be good at hacking. These capabilities emerged naturally as a result of general improvements in code reasoning and autonomy. The same skills that make the model better at fixing bugs make it better at exploiting them. You can’t have one without the other.
Project Glasswing: Anthropic’s Response
Instead of releasing Mythos to the public, Anthropic launched Project Glasswing — a consortium of over 40 organizations given early access to use the model strictly for defensive security work.
The launch partners include some of the biggest names in tech and finance:
| Partner | Sector |
|---|---|
| Amazon Web Services | Cloud Infrastructure |
| Apple | Consumer Tech |
| Broadcom | Enterprise Software |
| Cisco | Networking |
| CrowdStrike | Cybersecurity |
| Cloud / Search | |
| JPMorgan Chase | Finance |
| Microsoft | Cloud / OS |
| Nvidia | Hardware / AI |
| Palo Alto Networks | Cybersecurity |
Anthropic is committing up to $100 million in usage credits for Mythos across the effort, plus $4 million in direct donations to open-source security organizations. The goal: let defenders find and patch vulnerabilities before models with similar capabilities inevitably become available to everyone — including bad actors.
Why This Matters for You — Especially If You’re Not Technical
Here’s the part I really want to talk about, because I think it’s the one that gets lost in the technical details.
Every time AI gets better at finding security vulnerabilities, it also gets better at finding your security vulnerabilities. The phone you carry, the email you check every morning, the browser you use to pay bills online — all of it runs on software that now has a new class of threat to worry about.
And while Anthropic is handling this responsibly by limiting access, the fact is that other labs are working on similar capabilities. As CNN reported, the window between “only defenders have this” and “everyone has this” is shrinking.
AI-generated phishing attacks have already surged 1,265% since 2023. Those scam emails that used to be easy to spot because of bad grammar and weird formatting? They’re now indistinguishable from real communications. AI writes them. And it’s going to get better at writing them.
This is where I get genuinely concerned for people who aren’t tech-savvy — my parents, my in-laws, my neighbors. The generation that didn’t grow up with computers is already the primary target for phone and email scams. When you add AI-powered social engineering to the mix, the playing field tilts even further against them.
What You Can Actually Do Right Now
I’m not here to scare you. I’m here to tell you there are simple things you can do today that dramatically reduce your exposure.
Update Your Software. Yes, All of It.
That annoying notification to update your phone, your computer, your browser — those updates are patches for known vulnerabilities. Mythos found a 27-year-old bug in OpenBSD. The fix existed; people just hadn’t applied it. Turn on automatic updates for everything.
Use a Password Manager
If you’re still using the same password across multiple sites, you’re one data breach away from losing access to everything. A password manager creates unique, complex passwords for every account and remembers them so you don’t have to. Morgan Stanley’s recent breakdown on AI and cybersecurity makes a strong case for this being the single highest-impact step anyone can take.
Enable Multi-Factor Authentication
Every account that offers it — email, banking, social media — turn on MFA. It means even if someone steals your password, they still need a second code from your phone to get in. It’s not perfect, but it stops the vast majority of unauthorized access attempts.
Verify Before You Click
Check the sender’s email address — not just the display name. If you get a call asking for personal information, hang up and call the company back using a number you find yourself (not one they give you). If an email asks you to click a link, navigate to the website directly instead.
Talk to the People You Care About
If you’re reading this and you know someone who might be vulnerable — an older parent, a grandparent, a friend who’s not great with technology — have the conversation. Show them how to check email addresses. Help them set up a password manager. It takes 20 minutes and could save them from a very bad day.
The Bigger Picture: Cautious Optimism
I want to be clear about where I land on all of this. I’m optimistic. Genuinely.
Anthropic made the right call by not releasing Mythos publicly. They made another good call by giving defenders a head start with Project Glasswing. The vulnerabilities they found are being responsibly disclosed and patched. That’s exactly how this should work.
And in the long run, Anthropic’s own researchers believe that powerful AI models will ultimately benefit defenders more than attackers — just like fuzzers did. The first large-scale fuzzers raised similar fears, and now they’re an essential part of the security ecosystem.
But the transitional period is going to be rough. The same week Anthropic announced Mythos, they also had to acknowledge that details about the model had been leaked through a CMS misconfiguration and that Claude Code’s source code had been exposed through an npm install. A company warning the world about security risks while suffering its own security lapses is, to put it mildly, ironic.
The technology is moving fast. Our habits need to move faster.
Check out my breakdown of Claude Sonnet 4.6 vs Opus 4.6 if you want to understand where Mythos fits in the broader model landscape, or read about how AI is changing the threat landscape for business data.
Frequently Asked Questions
What is Claude Mythos?
Claude Mythos is Anthropic’s most powerful AI model to date. It was announced on April 7, 2026, alongside Project Glasswing. The model is not being released to the public due to its cybersecurity capabilities. Instead, it’s being made available to a limited group of industry partners for defensive security work.
Can Claude Mythos hack my phone or computer?
Claude Mythos itself is not available to the public, so no one outside of Anthropic and its Project Glasswing partners has access to it. However, similar capabilities from other AI labs may eventually become available, which is why maintaining good security habits now is important.
What is a zero-day vulnerability?
A zero-day vulnerability is a security flaw in software that the developers don’t know about yet. The term “zero-day” refers to the fact that developers have had zero days to fix it. These are particularly dangerous because there’s no patch available when they’re discovered by attackers.
What is Project Glasswing?
Project Glasswing is Anthropic’s initiative to give early access to Claude Mythos to over 40 technology companies and organizations, including Apple, Google, Microsoft, Amazon, and CrowdStrike. The goal is to use the model to find and fix security vulnerabilities in critical software before similar capabilities become available to malicious actors.
How can I protect myself from AI-powered cyber threats?
The most effective steps are: keep all your software updated, use a password manager with unique passwords for every account, enable multi-factor authentication wherever possible, verify email senders before clicking links, and never give personal information to unsolicited callers without independently verifying their identity.
Is AI good or bad for cybersecurity?
Both. AI is a dual-use technology — the same capabilities that help defenders find and patch vulnerabilities also help attackers exploit them. In the long run, Anthropic believes defenders will have the advantage because they can use these tools at scale and integrate them into development workflows. But in the short term, there’s a real risk window where attackers could gain an edge.
Sources: Anthropic Red Team Report | Project Glasswing | CNN | VentureBeat | Help Net Security | Fortune
