The preview version of the Claude generative AI platform by Anthropic, known as Mythos, has been deemed by Anthropic to be so powerful that it “could reshape cybersecurity,” posing significant danger to businesses, institutions and the general public; too dangerous for general release.
Instead, Anthropic announced Project Glasswing as a defensive measure against present and future cybersecurity risks enabled through advancing AI. Glasswing is partnership initiative by Anthropic with a group of technology companies that includes Microsoft, Google, nVidia and about 30 others; including companies that develop generative AI platforms which compete directly with Anthropic.
Rationalizing its decision to make Mythos a limited release, it noted that “the current global financial costs of cybercrime are challenging to estimate, but might be around $500B every year.”
Hopefully the initiative won’t fall victim to the kind of human error that exposed detailed inner workings of Claude Code just a week earlier.
Not a publicity stunt
“More powerful models are going to come, from us and from others.” said Anthropic CEO Dario Amodei. “…and so we do need a plan to respond to this; which is why we’re launching Project Glasswing.”
“(Keeping the preview among trusted partners) is not a publicity stunt,” said a columnist for The New York Times. “In the run-up to this announcement, representatives of leading tech companies have been in private conversation..” with government officials in the US and many other countries. “So important and urgent that it should be a top subject on the agenda for the summit between Trump and President Xi Jinping in Beijing next month”
Details of the initiative
The Launch partners are Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks.
“Launch partners,” said Anthropic, “will use Mythos Preview as part of their defensive security work; Anthropic will share what we learn so the whole industry can benefit. We have also extended access to a group of over 40 additional organizations that build or maintain critical software infrastructure so they can use the model to scan and secure both first-party and open-source systems.”
A new benchmark in vulnerability testing
One of the primary use-cases for generative AI platforms is software development, testing and debugging; including that for Anthropic’s own.
When running tests against standardized internal benchmarks, Anthropic was able to compare the effectiveness of Mythos Preview with previous Claude releases.
(Using a test suite with a) five-tier ladder of increasing severity, ranging from basic crashes (tier 1) to complete control flow hijack (tier 5). With one run on each of roughly 7000 entry points into these repositories, Sonnet 4.6 and Opus 4.6 reached tier 1 in between 150 and 175 cases, and tier 2 about 100 times, but each achieved only a single crash at tier 3. In contrast, Mythos Preview achieved 595 crashes at tiers 1 and 2, added a handful of crashes at tiers 3 and 4, and achieved full control flow hijack on ten separate, fully patched targets (tier 5)” Mythos was not trained to have these capabilities, Anthropic said.
“We have historically relied on a combination of internal and external benchmarks … to track our models’ vulnerability discovery and exploitation capabilities. However, Mythos Preview has improved to the extent that it mostly saturates these benchmarks,” said Anthropic.
Anthropic detailed three additional vulnerabilities exposed by the Mythos Preview platform:
- Mythos Preview found a 27-year-old vulnerability in OpenBSD—which has a reputation as one of the most security-hardened operating systems in the world and is used to run firewalls and other critical infrastructure. The vulnerability allowed an attacker to remotely crash any machine running the operating system just by connecting to it;
- It also discovered a 16-year-old vulnerability in FFmpeg—which is used by innumerable pieces of software to encode and decode video—in a line of code that automated testing tools had hit five million times without ever catching the problem;
- The model autonomously found and chained together several vulnerabilities in the Linux kernel—the software that runs most of the world’s servers—to allow an attacker to escalate from ordinary user access to complete control of the machine.
Strategic investment
Anthropic is committing up to $100M in usage credits for Mythos Preview across these efforts, as well as $4M in direct donations to open-source security organizations.
Anthropic also is committing $100M in model usage credits to Project Glasswing and additional participants will cover substantial usage throughout this research preview. Afterward, Claude Mythos Preview will be available to participants at $25/$125 per million input/output tokens (participants can access the model on the Claude API, Amazon Bedrock, Google Cloud’s Vertex AI, and Microsoft Foundry).
What happens next
“Project Glasswing partners will receive access to Claude Mythos Preview to find and fix vulnerabilities or weaknesses in their foundational systems—systems that represent a very large portion of the world’s shared cyberattack surface. We anticipate this work will focus on tasks like local vulnerability detection, black box testing of binaries, securing endpoints, and penetration testing of systems,” said Anthropic
The project will “grow in scope and continue for many months, and (Anthropic will) share as much as (it) can so that other organizations can apply the lessons to their own security. Partners will, to the extent they’re able, share information and best practices with each other; within 90 days, Anthropic will report publicly on what (it has) learned, as well as the vulnerabilities fixed and improvements made that can be disclosed. We will also collaborate with leading security organizations to produce a set of practical recommendations for how security practices should evolve…”
Why it matters
Piracy Monitor cares because software vulnerabilities and reverse engineering are responsible for many forms of attacks, where users are lured in by compelling offerings that involve stolen or fraudulent media content. AI platforms are already being weaponized to make these attacks more stealthy and at the same time, more dangerous.
Mythos is a revolutionary advancement, let alone one that should fall into the wrong hands; so much so that its developer has responded with extreme caution rather than casting fate to the winds. Anthropic should be applauded for its caution and responsible open approach.
“Project Glasswing is a starting point. No one organization can solve these cybersecurity problems alone: frontier AI developers, other software companies, security researchers, open-source maintainers, and governments across the world all have essential roles to play. The work of defending the world’s cyber infrastructure might take years; frontier AI capabilities are likely to advance substantially over just the next few months. For cyber defenders to come out ahead, we need to act now.
“Anthropic has also been in ongoing discussions with US government officials about Claude Mythos Preview and its offensive and defensive cyber capabilities. … (S)ecuring critical infrastructure is a top national security priority for democratic countries—the emergence of these cyber capabilities is another reason why the US and its allies must maintain a decisive lead in AI technology,” said Anthropic.
Further reading
Project Glasswing: Securing critical software for the AI era. Announcement. April 7, 2026. Anthropic
Assessing Claude Mythos Preview’s cybersecurity capabilities. Article. April 7, 2026. by Nicholas Carlini, Newton Cheng, Keane Lucas, Michael Moore, Milad Nasr, Vinay Prabhushankar, Winnie Xiao (et. al.). Anthropic Red blog
Anthropic’s restraint is a terrifying warning sign. Article / Opinion. April 7, 2026. by Thomas L Friedman. The New York Times
What is inside Claude Mythos Preview? Dissecting the System Card of the model. Article. April 7, 2026. by Ken Huang. Agentic AI
