Imagine waking up to find that an AI has, overnight, discovered thousands of zero-day vulnerabilities—flaws unknown to developers, some lurking in software for 16-27 years despite millions of automated tests and expert scrutiny. Not in obscure code, but in every major operating system (think Linux kernel, Windows, macOS) and every major web browser (Chrome, Firefox, Safari, Edge). And this AI didn't just flag them; it chained them into working exploits for remote code execution, full control flow hijacks, and more.[1][2]
That's not science fiction. That's Anthropic's Claude Mythos Preview, unveiled on April 7, 2026, as part of Project Glasswing. But here's the kicker: Anthropic isn't releasing it to the public. Why? Because this frontier model is so potent at cybersecurity tasks that it outperforms all but the elite humans—and in the wrong hands, it could unleash AI-driven attacks at unprecedented scale.
Hey folks, Wayne here from WikiWayne. If you're knee-deep in AI tools like me, you've seen models evolve from chatty assistants to code wizards. But Mythos? It's a game-changer for Anthropic AI cybersecurity, forcing the industry to reckon with a dual-edged sword: defense supercharged, offense democratized. In this deep dive, we'll unpack the launch, the tech, the risks, and what it means for your stack. Buckle up—this is the future of secure software in the AI era.
What is Project Glasswing and Claude Mythos Preview?
Launched on April 7, 2026, Project Glasswing is Anthropic's bold response to AI's cybersecurity leap. It's a coalition of tech titans—Amazon Web Services (AWS), Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks—plus over 40 other organizations maintaining critical infrastructure.[1][3]
At its core is Claude Mythos Preview, an unreleased general-purpose frontier model (not a narrow security tool). Priced at $25/$125 per million input/output tokens via Claude API, AWS Bedrock, Google Vertex AI, or Microsoft Foundry—but gated access only for vetted partners.[4]
Anthropic's committing up to $100M in usage credits and $4M in donations to open-source security orgs like Alpha-Omega, OpenSSF ($2.5M via Linux Foundation), and Apache Software Foundation ($1.5M). The goal? Scan, patch, and share findings on the world's shared attack surface before attackers weaponize similar AI.[5]
Partners' takes?
- Microsoft: "Identify and mitigate risk early... better protect customers."[1]
- Google: Hosting on Vertex AI for cross-industry cyber initiative.[6]
- CrowdStrike: "Anthropic builds the model. CrowdStrike secures AI where it executes."[7]
This isn't hype—Mythos has already flagged thousands of zero-days, many critical, across OSes, browsers, and more.[1]
See our guide on AI agents for cybersecurity to prep your workflow.
Claude Mythos Preview: Capabilities That Redefine Vulnerability Hunting
Mythos isn't just smarter—it's a step-change. Anthropic's system card and cybersecurity assessment detail how it crushes benchmarks and real-world tasks.[8]
Key feats:
- Autonomous zero-day discovery: Engineers with no security training prompt it overnight: "Find remote code execution vulns." Morning? Complete, working exploits.[2]
- Tiered exploits: On ~7,000 entry points, prior models (Sonnet/Opus 4.6) hit Tier 1/2 crashes 150-175 times, one Tier 3. Mythos? 595 Tier 1/2 crashes, Tier 3/4 handfuls, 10 full Tier 5 control flow hijacks on patched targets.[9]
- Real-world wins: Thousands of high-severity zero-days in every major OS/browser. Examples: Decades-old bugs in OpenBSD, FFmpeg, Linux kernel—surviving fuzzers and humans.[10]
- Agentic power: Chains vulns (e.g., Linux kernel escalation from user to root). Scores 83.1% on exploit chains.[11]
| Benchmark | Claude Opus 4.6 | Mythos Preview | Leap |
|---|---|---|---|
| Tier 1/2 Crashes | 150-175 | 595 | 3-4x[9] |
| Tier 5 Hijacks | 0-1 | 10 | 10x+ |
| Zero-Days Found | Hundreds | Thousands | Order of magnitude[1] |
It's generalist: Tops coding, reasoning, even patches vulns. But cyber emerges naturally—no fine-tuning needed.[12]
Pro tip: Tools like CrowdStrike Falcon or Palo Alto Networks integrate nicely for runtime defense—check 'em out (affiliate links incoming).
Why Anthropic Is Withholding Public Release: The Dual-Use Dilemma
Blunt truth: Mythos is too dangerous for open access. Anthropic's Responsible Scaling Policy triggered—no general release.[8]
Risks:
- Offense scales faster: Non-experts generate exploits. Bad actors? Tidal wave of AI zero-days.
- Proliferation: "It will not be long before such capabilities proliferate beyond safe actors."[13]
- Catastrophic fallout: Economies, safety, national security.[14]
Mitigations:
- Probe classifiers: Monitor prohibited (worms), high-risk dual-use (exploits), dual-use (vuln detection).
- Gated to defenders: No blocks for partners, but rapid response monitoring.
- 90-day public report: Patched vulns shared industry-wide.
This echoes GPT-2: Power demands caution. External tests by METR/Epoch AI confirmed risks.[8]
Our deep dive on AI safety frameworks has more.
The Stellar Lineup: Partners and Their Roles
Glasswing's roster covers the stack:
Launch Partners:
- Cloud/Infra: AWS (Bedrock), Google (Vertex AI), Microsoft (Foundry).
- Hardware: NVIDIA, Broadcom.
- Security: Cisco, CrowdStrike, Palo Alto Networks.
- OS/Open-Source: Apple, Linux Foundation.
- Finance: JPMorgan Chase.
+40 others: Critical infra maintainers, open-source projects.
Access paths:
Platforms:
- Claude API: $25/$125/M tokens
- AWS Bedrock: Gated preview (US East)
- Google Vertex AI: Private preview
- Microsoft Foundry: Research preview
They're turning Mythos inward: Apple scans macOS/Safari, Microsoft Azure/Windows, Linux kernel maintainers patch OSS.
Early wins? Patches incoming, lessons public in 90 days.
If you're in enterprise, eye Microsoft Azure AI or Google Vertex AI for similar gated frontier access.
Implications for AI Cybersecurity and Your Workflow
This shifts paradigms:
- Defenders first: AI closes the patch gap before attacks.
- New arms race: Offense/defense both accelerate—assume zero-days everywhere.
- Industry prep: 90-day report = blueprint for safeguards in next Opus.
For you:
- Tools to try: Claude Code Security (Opus 4.6 precursor found 500+ zero-days).[15] Integrate with Snyk or GitHub Advanced Security for vuln scans.
- Workflow: Agentic scaffolds (Mythos-style) for auto-exploits/patches.
- Stats: Mythos saturates evals; expect OSS vulns to plummet, then explode from copycats.
Broader: Validates Anthropic's safety-first ethos amid $30B ARR rumors.[10]
Check our roundup of top AI cybersecurity tools like CrowdStrike Falcon (partner perk).
FAQ
What exactly makes Claude Mythos Preview so good at finding zero-days?
It's agentic: Reads code, traces data flows, reviews commits, targets paths fuzzers miss. No human steering—autonomous overnight exploits. Beats humans except elites via reasoning + scale.[2]
### Can small teams or indie devs access Mythos Preview?
No—gated to Glasswing partners +40 orgs. But credits cover costs; public learnings coming. Use public Claude Opus/Sonnet for now.[16]
### How does Project Glasswing prevent misuse?
Restricted access, probe monitoring (worms/exploits flagged), focus on defense. No general release; tests inform future safeguards.[8]
### When will we see public results or a full Mythos release?
90-day report on patches. No GA plans yet—feeds Opus 5 safeguards. Watch Anthropic's red.anthropic.com.[17]
What do you think—does Glasswing buy us time against AI attacks, or is the genie out? Drop your take below!