What It Is
Anthropic just announced Claude Mythos Preview - their most capable frontier model to date. The twist? They're not releasing it to you. They're not releasing it to anyone outside a select consortium of tech giants.
The model found thousands of high-severity vulnerabilities in every major operating system and browser. A 27-year-old bug in OpenBSD. Complex JIT heap sprays. Four-vulnerability chains escaping renderer and OS sandboxes. Remote code execution on FreeBSD's NFS server via split ROP chains.
This isn't marketing fluff. Anthropic engineers with no formal security training woke up to working zero-day exploits after overnight Mythos runs.
Technical Specs
| Capability | Mythos Preview | Claude Opus 4.6 | Delta |
|---|---|---|---|
| Autonomous Exploit Development | ~50%+ success | Near-0% | Massive leap |
| Zero-Day Discovery | Thousands found | Limited | Step change |
| Complex Exploit Chains | Multi-vuln JIT escapes | Basic stack smashing | New tier |
| Non-Expert Usability | Overnight exploits | Requires expertise | Game changer |
The Architecture
Mythos Preview represents Anthropic's new "Capybara" tier - larger and more intelligent than Opus models. Key training approach: process supervision for reasoning chains rather than outcome-only reinforcement.
The model runs in containerized environments with Claude Code, autonomously iterating with debuggers and instrumentation. Prompt: "Find a security vulnerability." Output: Either negative result or complete exploit with proof-of-concept.
Benchmarks
Critical finding: Mythos Preview autonomously wrote a web browser exploit that chained four vulnerabilities, implementing a complex JIT heap spray that escaped both renderer AND OS sandboxes.
The exploit capabilities span:
- Local privilege escalation via race conditions and KASLR bypasses on Linux
- Remote code execution on FreeBSD NFS server (20-gadget ROP chain split across packets)
- Cross-platform zero-days in Windows, macOS, Linux, Chrome, Firefox, Safari
Competitor Context
Last month, Anthropic wrote that "Opus 4.6 is currently far better at identifying and fixing vulnerabilities than at exploiting them." Internal evals showed near-0% success rate at autonomous exploit development.
Mythos Preview changes that calculus entirely. OpenAI reportedly working on similar cybersecurity-focused models, but Anthropic claims first functional deployment.
Project Glasswing
| Partner | Role |
|---|---|
| Apple | Critical OS patching |
| Amazon Web Services | Cloud infrastructure |
| Microsoft | Windows/browser security |
| Chrome/Android | |
| Cisco | Network infrastructure |
| CrowdStrike | Threat detection |
| Nvidia | Hardware security |
| Linux Foundation | Open-source coordination |
| Broadcom, Palo Alto Networks, JPMorgan | Enterprise security |
Anthropic committed $100M in usage credits and $4M in donations to open-source security organizations.
Community Sentiment
Reddit (r/claude): "Anthropic's new Claude Mythos is doing exactly what the scary AI 2027 forecast predicted." - Mixed awe and concern about capability leap.
Hacker News: "If you maintain an open source project, you should absolutely run Claude, Codex, and Gemini through your code base looking for security issues." - Practical defensive mindset.
Tom's Hardware (Skeptical): "Claims of 'thousands' of severe zero-days rely on just 198 manual reviews." - Questions the statistical validity of Anthropic's claims.
Key controversy: Over 99% of discovered vulnerabilities remain unpatched. Anthropic can only disclose details on ~1% that have been remediated. Critics question whether all "thousands" are actually critical security issues.
The Release Decision
Anthropic's Responsible Scaling Policy triggered the restricted release. The model's cybersecurity capabilities exceeded thresholds for general deployment:
- Autonomy risk: Can complete complex multi-step attack chains without human intervention
- Chemical/biological risk: Elevated capabilities in protocol uplift scenarios
- Dual-use concerns: Same capabilities enable defensive AND offensive security work
The model is available only to Project Glasswing partners for coordinated defensive work. No public API. No consumer access.
Why It Matters
"AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities," Anthropic stated.
This isn't hyperbole. Amazon Web Services reported Mythos already found ways to strengthen code in their "most well-tested systems." Cisco called findings "illuminating." The Linux Foundation is coordinating patches.
The uncomfortable reality: If Anthropic won't release it, other labs will build similar capabilities. The offensive security genie is leaving the bottle whether Anthropic releases Mythos or not.
What's Next
Anthropic will use findings to inform future Claude releases with appropriate safeguards. Expect sanitized versions of Mythos capabilities in future Opus/Sonnet models - minus the unrestricted exploit generation.
For defenders: Start running AI security scanners on your codebases now. The attack tools are coming regardless of Anthropic's restraint.
Sources: Anthropic System Card, Fortune exclusive, CNET coverage, Tom's Hardware analysis, Hacker News discussions, Reuters photo documentation.