Anthropic Unveils Claude Mythos Model, Discovers Thousands of Critical Vulnerabilities

Anthropric has announced Claude Mythos, a specialized AI model designed for cybersecurity vulnerability discovery, alongside Project Glasswing—a multi-organization initiative to secure critical software infrastructure. The model has already identified thousands of high-severity vulnerabilities across every major operating system and web browser, some of which survived decades of human review and millions of automated security tests.

Project Glasswing Partnership

Project Glasswing brings together 12 founding technology companies and organizations: Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. An additional 40+ organizations that develop or maintain critical software have access to the Claude Mythos Preview model.

The initiative's stated goal is to identify and remediate security vulnerabilities before broader deployment, acknowledging that AI-powered vulnerability discovery capabilities will proliferate among actors—not all of whom may deploy them safely.

Capabilities and Performance

Claude Mythos demonstrates improvements over Anthropic's Claude Opus 4.6 in reasoning, agentic search, computer use, and notably agentic coding. One example Anthropic provided involved discovering and chaining together a Linux kernel vulnerability that could enable complete machine compromise.

Anthropic's system card indicates the model shows measurable gains in vulnerability detection compared to prior generations, though specific benchmark scores were not disclosed in the announcement. The model's ability to identify flaws that persisted through extensive human and automated review suggests substantially improved detection capabilities.

Availability and Future Plans

Anthropic explicitly stated it does not plan to make Claude Mythos Preview generally available to the public. However, the company indicated its "eventual goal is to enable our users to safely deploy Mythos-class models at scale—for cybersecurity purposes, but also for the myriad other benefits that such highly capable models will bring."

This suggests a phased approach: controlled preview access to vetted organizations now, with broader availability contingent on developing safety protocols for deployment at scale.

What This Means

Anthropic is deploying its most capable model not for general use but specifically for defensive security purposes—positioning itself as a leader in AI safety through controlled capability release. The coordinated Project Glasswing approach represents an acknowledgment that frontier AI capabilities for vulnerability discovery are inevitable, and that proactive coordination among major technology companies is necessary to ensure such tools are deployed defensively before they proliferate to less responsible actors.

For organizations in the preview program, access to Mythos provides immediate security benefits. For the broader industry, Project Glasswing sets a precedent for how companies might manage the release of potentially dual-use AI capabilities.