model releaseAnthropic

Anthropic withholds Claude Mythos Preview from public release due to autonomous cybersecurity exploit capabilities

TL;DR

Anthropic has declined to publicly release Claude Mythos Preview, its most capable AI model, citing critical cybersecurity risks. Instead, the company launched Project Glasswing, providing controlled access to 50+ organizations including AWS, Apple, Google, and Microsoft, along with $100 million in usage credits and $4 million in direct donations to open-source security initiatives.

3 min read
0

Anthropic Withholds Claude Mythos Preview Over Autonomous Cybersecurity Exploit Capabilities

Anthropic has declined to release Claude Mythos Preview publicly, citing risks from its autonomous ability to discover and chain together vulnerabilities across major operating systems and web browsers. Instead, the company established Project Glasswing, a controlled-access initiative distributing the model exclusively to vetted critical infrastructure organizations.

Project Glasswing: Controlled Deployment Model

The initiative's core launch partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. Access extends to over 40 additional organizations responsible for maintaining critical software infrastructure.

Anthropic is committing $100 million in usage credits for Mythos Preview through the program, plus $4 million in direct donations to open-source security organizations. The Linux Foundation received $2.5 million for Alpha-Omega and OpenSSF initiatives, while the Apache Software Foundation received $1.5 million—enabling open-source maintainers to access AI-powered vulnerability scanning at previously unavailable scale.

Autonomous Vulnerability Discovery at Scale

Mythos Preview was not specifically trained for cybersecurity tasks. Anthropic states the capabilities "emerged as a downstream consequence of general improvements in code, reasoning, and autonomy." The model has saturated existing security benchmarks, forcing the company to focus on real-world zero-day vulnerabilities previously unknown to software developers.

The model's findings include:

  • A 27-year-old security bug in OpenBSD, an operating system known for rigorous security practices
  • Autonomous identification and exploitation of CVE-2026-4747, a 17-year-old remote code execution vulnerability in FreeBSD enabling unauthenticated internet users to obtain complete server control via NFS
  • Capacity to chain three to five vulnerabilities sequentially to create sophisticated exploits

Nicholas Carlini, Anthropic researcher, stated: "I've found more bugs in the last couple of weeks than I found in the rest of my life combined."

Why Restricted Release

Newton Cheng, Frontier Red Team Cyber Lead at Anthropic, explained the decision: "We do not plan to make Claude Mythos Preview generally available due to its cybersecurity capabilities. Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors committed to deploying them safely. The fallout—for economies, public safety, and national security—could be severe."

Anthropic previously documented the first confirmed cyberattack largely executed by AI, involving a Chinese state-sponsored group using AI agents to autonomously infiltrate approximately 30 global targets. The company has privately briefed senior U.S. government officials on Mythos Preview's full capabilities, with the intelligence community actively evaluating how the model could reshape offensive and defensive hacking operations.

Safeguards Before Scale

Anthropic plans eventual large-scale deployment of Mythos-class models only after implementing new safeguards. The company will introduce these safeguards first with an upcoming Claude Opus model, allowing refinement before deployment of higher-risk models.

OpenAI classified its GPT-5.3-Codex as high-capability for cybersecurity tasks under its Preparedness Framework when released in February. Anthropic's Glasswing initiative signals that frontier labs are adopting controlled deployment—rather than open release—as the emerging standard for models at this capability level.

What This Means

Anthropic's decision reflects a fundamental shift in how frontier labs handle models with dual-use offensive capabilities. Rather than releasing and hoping for responsible use, Anthropic implemented gatekeeping with meaningful resource allocation ($104 million total commitment) to accelerate defensive security infrastructure. The approach acknowledges that capabilities like autonomous zero-day exploitation cannot be responsibly released broadly, while simultaneously addressing market demands through restricted enterprise partnerships. Whether this restraint standard persists as capabilities proliferate across the entire AI industry remains an open question.

Related Articles

product update

Anthropic launches Claude Cowork on iOS, Android, and web with cloud processing

Anthropic is expanding Claude Cowork beyond its desktop app to iOS, Android, and web platforms. The AI assistant now runs in the cloud by default, enabling users to continue sessions across devices and run tasks in the background even when devices are offline.

product update

Anthropic expands Claude Cowork to web and mobile, usage data shows 33% of tasks are business operations

Anthropic launched Claude Cowork on web and mobile Tuesday for Max subscribers, allowing tasks to run in the background across devices. Usage data from 1.2 million sessions shows business operations account for 33.4% of Cowork tasks, while software development represents just 8.7%.

product update

Anthropic brings Claude Cowork agent to mobile and web with background task execution

Anthropic is expanding Claude Cowork from desktop-only to mobile and web platforms. The autonomous agent feature will run tasks in the background across devices, with scheduled execution requiring no device to be online, starting with Max plan subscribers in a gradual rollout over the next several weeks.

product update

Anthropic Launches Claude Desktop App for Linux, Local AI Integration Fails

Anthropic has released an official Linux desktop app for Claude, bringing feature parity with macOS and Windows versions. However, the app currently fails to reliably connect to locally-installed AI models like Ollama, limiting Linux users to cloud-based Anthropic plans.

Comments

Loading...