Anthropic, the company behind Claude, has released Claude Mythos Preview, its most capable frontier model to date, with dramatic improvements in reasoning, coding, and cybersecurity. In an unusual move, the company has chosen not to make the model generally available, instead restricting access to a consortium of technology companies through a new initiative called Project Glasswing.
Claude Mythos Preview represents what Anthropic describes as a “step change” over its predecessor, Claude Opus 4.6. During internal testing, the model autonomously discovered and exploited zero-day vulnerabilities in every major operating system and web browser. The oldest it found was a now-patched 27-year-old bug in OpenBSD, a system known primarily for its security. It also found a 16-year-old vulnerability in FFmpeg’s H.264 codec.
Internal benchmarks showed dramatic gains. Where Opus 4.6 developed working JavaScript shell exploits only twice out of several hundred attempts on Firefox vulnerabilities, Mythos Preview succeeded 181 times. On the OSS-Fuzz corpus, it achieved full control flow hijack on ten separate, fully patched targets. Engineers at Anthropic with no formal security training asked the model to find remote code execution vulnerabilities overnight, and woke up to complete, working exploits.
Rather than releasing Mythos Preview publicly, Anthropic has launched Project Glasswing. Project Glasswing brings together AWS, Apple, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic is committing $100M in usage credits. These organizations will use Mythos Preview to identify and patch vulnerabilities in critical software.
Commentary has been swift. On Hacker News someone raised practical concerns around the scale of problem this can uncover:
…hundreds of millions of embedded devices that cannot be upgraded easily and will be running vulnerable binaries essentially forever. This was a problem before of course, but the ease of chaining vulnerabilities takes the issue to a new level.
A post on x shared benchmarks and captioned with: Claude Mythos just obliterated every single benchmark in AI
, with the SWE-bench verified coming in at 93.9%, compared with Claude Opus 4.6 at 80.8%.
Discussion on r/BetterOffline took a more skeptical view, arguing that the benchmarks alone aren’t a good measure:
Only verifiable capability we saw was it’s ability to find and exploit long existing vulnerabilities in existing libraries. I would say it’s a big deal, even if it’s expensive to run. But I bet there are more reasons to not make it public besides “it’s too scary”. For example might both be not good enough in other avenues and extremely expensive.
This model might actually be useful for finding vulnerabilities, but besides that we just don’t know if it’s good/cost effective on anything else. Benchmarks themselves aren’t good enough measure.
A thread on reddit asked whether the discussion around Mythos was hype or more marketing, with commenters referencing previous model releases such as GPT2, that had been announced but withheld due to concerns around safety.
While Mythos Preview will not be publicly released, Anthropic states findings will inform future Claude releases. The system card and risk report are both available for review.
Anthropic is an AI safety company founded by former OpenAI research executives. Its Claude family of models emphasises safety and alignment, using Constitutional AI techniques designed to make models helpful, harmless, and honest. The restricted release of Mythos Preview represents a notable departure from the competitive race-to-release dynamics that have characterised the AI industry in recent years.
