Anthropic's Mythos bug-hunting model accessed by unauthorized users, early tests show performance on par with human rese

Unauthorized Access Through Third-Party Vendor

Anthropic confirmed on April 22, 2026 that unauthorized users accessed its Mythos vulnerability detection model through a third-party vendor environment, not through Anthropic's production API. The company is investigating the incident but stated no evidence indicates unauthorized activity extended beyond the vendor's environment or affected Anthropic systems.

According to Bloomberg, a handful of users gained access by making "an educated guess about the model's online location" based on Anthropic's previous model URL patterns. The access method was reportedly revealed in the recent Mercor data breach. Mercor, an AI staffing startup that supplies specialized contractors to major AI labs including Anthropic, was affected by the LiteLLM supply-chain attack earlier in April.

The unauthorized users reportedly belong to a private Discord channel and gained access on the same day Anthropic announced Project Glasswing, the limited preview program for Mythos.

Model Performance Below Marketing Claims

Anthropic released Mythos under the Project Glasswing preview program to select organizations, positioning it as a model so capable at finding vulnerabilities that public release posed security risks. Early testing results from preview partners tell a different story.

Mozilla CTO Bobby Holley reported that Mythos found 271 vulnerabilities in Firefox 150. "So far we've found no category or complexity of vulnerability that humans can find that this model can't," Holley said. "We also haven't seen any bugs that couldn't have been found by an elite human researcher."

Anthropic claimed Mythos identified "thousands of additional high- and critical-severity vulnerabilities." According to VulnCheck researcher Patrick Garrity, the actual count as of mid-April stood at approximately 40 confirmed vulnerabilities, with questions remaining about whether some discoveries represent genuine novel findings.

Both AWS and Mozilla reported that while Mythos demonstrates speed advantages and requires less hands-on guidance from security engineers compared to traditional tools, its capabilities align with elite human security researchers rather than exceeding them.

Supply Chain Security Concerns

The unauthorized access incident highlights vulnerabilities in AI model deployment and controlled release strategies. "The Mythos breach didn't require a sophisticated attack," said Ram Varadarajan, CEO at Acalvio. "It just required a contractor, a URL pattern, and a day-one guess, which means the 'controlled release' model failed at its weakest link before the model's capabilities were ever the issue."

Tim Mackey, head of risk strategy at Black Duck, noted that "Anthropic's marketing message for Mythos was effectively a challenge, not dissimilar to a capture-the-flag exercise, where success includes claims of unauthorized access to Mythos."

Anthropic declined to name the affected third-party vendor, stating only that it's a company involved in model development work.

What This Means

Mythos appears to be a productivity tool for security teams rather than the "zero-day machine" Anthropic's marketing suggested. The gap between claimed capabilities and observed performance raises questions about AI model marketing practices and controlled release strategies. The unauthorized access through URL pattern guessing demonstrates that supply chain security and basic access controls remain critical vulnerabilities, regardless of model capabilities. Organizations evaluating Mythos should expect performance equivalent to adding a skilled automated security researcher to their team, not superhuman vulnerability detection.