Claude Mythos had been rumored for a few weeks: it was due to slot in above Claude 4.6 Opus, Claude 4.6 Sonnet, and Claude 4.6 Haiku in Anthropic's model hierarchy. Then on April 7, 2026, Mythos Preview was officially announced—except it's apparently too dangerous to release.Â
According to Anthropic, Claude Mythos represents a unique cybersecurity threat. In testing, it's already uncovered "thousands of high-severity vulnerabilities, including some in every major operating system and web browser." They claim that "the fallout—for economies, public safety, and national security—could be severe."
Instead of releasing Mythos to the general public, Anthropic has spun up Project Glasswing. It's a cybersecurity initiative that also involves Amazon, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. The idea is that they'll be able to deploy Mythos for defensive cybersecurity purposes before some open Chinese model develops the same capabilities and throws the whole web wide open.Â
As a tech journalist, I've been covering AI and security (separately and together) for well over a decade, so I have some questions. Namely: is this good marketing, or is it a real concern? Let's dig in.Â
Table of contents:
What is Claude Mythos?
Claude Mythos Preview is a general purpose large language model (LLM) that's particularly good at coding and reasoning. As I write this, there are no independent benchmarks available, but Anthropic reports that it comfortably outperforms Opus 4.6 pretty much across the board, which would make it the most capable model available now. (At least if it was actually generally available.)
If you were using Mythos for day-to-day tasks like summarizing emails or generating marketing materials, you likely wouldn't notice much improvement. But it sounds like its coding capabilities are markedly better than Opus 4.6. From the announcement: "AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities."
And honestly, everything I'm seeing from AI experts backs this framing—at least to some degree. Given the trajectory of AI coding models over the last year, it's entirely believable that Mythos is capable of finding so many bugs and zero-day exploits in the operating systems, open source libraries, websites, and apps that modern life relies on that it shouldn't just be released without thought. I don't think it would be a full Skynet situation or crash the world economy, but Anthropic has always claimed it's trying to build a sensible and safe AI, and allowing security researchers access to Mythos first aligns with that.
How did we get here?
Some context: Since ChatGPT launched in 2022, AI tools have been incredibly impressive technical solutions looking for financially lucrative business problems—and not really succeeding. Chatbots have been bolted on to every app, and some interesting AI-first tools like Jasper and Midjourney have been built, but there was a sense that maybe AI was an iterative feature in most cases, not a product in its own right.Â
Last year, that changed. AI models went from being able to write code that kind of worked most of the time to writing code that almost always works almost all the time. This was a huge shift, as suddenly coding agents didn't need to be babysat. With autonomous tools capable of real work, a $200/month AI subscription isn't a joke anymore but a product people might be interested in.Â
Now that AI has found its first real business case, Anthropic, OpenAI, and other research labs have poured training resources into making better coding models. A big part of that is training them on more code and making them better able to understand the full context of a codebase. Which is how we get to Mythos's cybersecurity capabilities.Â
How dangerous is Claude Mythos?
In an article that coincided with the launch of Glasswing, cybersecurity researchers at Anthropic detailed Mythos's cybersecurity capabilities.Â
As I said, I've been writing about this stuff for years, and their summary seems legitimately concerning. In some of the worst exploits, under the right circumstances, a hacker could use Mythos to go from an unauthenticated visitor on a website to having admin access on the server.Â
The big takeaways are that Mythos sounds to be very good at finding and exploiting subtle vulnerabilities. It's also able to combine multiple vulnerabilities into more powerful exploits. In testing, it's found "zero-day" (or undiscovered) exploits in every major operating system and web browser that have been sitting there unfixed for years. The oldest bug it found was from the '90s in OpenBSD.
Mythos is significantly better at this than Opus 4.6 or Sonnet 4.6. The researchers go into a deep technical explanation of some of the exploits Mythos found, and it's worth reading if you're technically inclined.
The researchers stress that Mythos wasn't trained to have these capabilities. They emerged as an unintended consequence of its improvements in coding, reasoning, and autonomy. It's better at finding and fixing vulnerabilities too, but it's now good enough to exploit them as well.Â
But here's the good news: these kinds of vulnerabilities are often very difficult to exploit in the real world. A lot of them require weird sets of circumstances, physical access to a device, or have been accidentally patched in later updates. It's not that they aren't real issues, but it's not as if Mythos would turn every website into a data collecting engine, make every credit card transaction insecure, and start mining bitcoin with your fridge.Â
It would be another tool for hackers to use. Granted, a very effective tool—and I think Anthropic is right to hold it back for a while—but I don't think it's going to bring about the AI apocalypse.Â
What happens next?
Anthropic intends for Project Glasswing to be the start of something bigger. The 12 launch partners are all receiving access to Mythos Preview. Within 90 days, Anthropic plans to report back what they've learned, what the best practices for AI cybersecurity are, and the bugs they've managed to find and patch. They're also briefing the US government on offensive and defensive cybersecurity.Â
Right now, Anthropic doesn't intend to make Mythos Preview available to the general public, but they do hope to make Mythos-class models available in the future when there are appropriate safeguards in place. They'll apparently debut with an upcoming Opus model.
In the meantime, you can use Claude's other powerful models and put them to work for you on Zapier. By connecting Claude to the rest of your tech stack, you can add the power of Claude's models into all your existing workflows. And with Zapier MCP, you can go even further, giving Claude structured access to the tools and context it needs to take action across your stack. That means turning Claude from a smart assistant into an active part of your systems, triggering workflows, updating records, and orchestrating multi-step processes securely and at scale. Learn more about how to use Zapier MCP with Claude.
Related reading:
