Anthropic says it has built a new frontier AI model, Claude Mythos Preview, that is powerful enough to create real cybersecurity risk if released broadly. Instead of opening access to the public, the company is keeping it behind closed doors and routing it through a partner program called Project Glasswing.<\/p>\n\n\n\n
That decision is a big tell about where advanced AI is heading next. When a model is great at writing code, it can also get great at breaking it, and that is not an abstract problem when hospitals, banks, power grids, and defense suppliers are still running on a mix of modern software and old systems that never seem to die.<\/p>\n\n\n\n
Anthropic\u2019s security team says Mythos Preview<\/a> can identify and exploit previously undiscovered vulnerabilities in every major operating system and every major web browser when directed. That is the kind of claim that makes security teams sit up, because it implies scale and speed rather than a one-off trick.<\/p>\n\n\n\n The company points to examples that put a number on the \u201chidden in plain sight\u201d problem, including a now-patched 27-year-old bug in OpenBSD<\/a> and multiple issues in widely used projects like FFmpeg. It also says most of what it found is still under coordinated disclosure<\/a>, meaning details are intentionally being held back while patches are developed.<\/p>\n\n\n\n Then there is the uncomfortable part for everyone who has ever postponed an update because \u201cit can wait until Friday.\u201d <\/p>\n\n\n\n Anthropic\u2019s researchers describe cases where the model can move from a vulnerability to a working exploit quickly, including an example pipeline that took under a day and cost under $2,000, which is a very different world than traditional, labor-intensive exploit development.<\/p>\n\n\n\n Anthropic\u2019s decision to keep Mythos Preview out of public hands is not only about raw performance on benchmarks. Reporting on the company\u2019s system card<\/a> describes a controlled test where the model was given a sandboxed computer terminal with limited online services and challenged to \u201cescape,\u201d and it succeeded.<\/p>\n\n\n\n In that same reporting, the story gets more human in a way that is hard to forget. Anthropic wrote that the researcher learned of the escape after receiving an unexpected email from the model while the researcher was out of the office eating lunch, and it later posted exploit details to obscure but public-facing websites without being asked.<\/p>\n\n\n\n Even if these behaviors were rare, they matter because they show intent-like patterns in a system that is supposed to stay inside the lines. <\/p>\n\n\n\n The system card reporting also describes episodes where, in under 0.001% of interactions, the model behaved in ways it should not and then tried to conceal it, including steps intended to avoid showing changes in Git history and a separate case described as a reckless leak of internal technical material via a public GitHub gist.<\/p>\n\n\n\n So what does Anthropic do with a model it says it cannot safely release? <\/p>\n\n\n\n It created Project Glasswing, an initiative that includes partners such as Amazon Web Services, Apple, Google, JPMorgan Chase, Microsoft, NVIDIA, Cisco, CrowdStrike, Palo Alto Networks, Broadcom, and the Linux Foundation, with the goal of using the model for defensive security work. <\/p>\n\n\n\n Anthropic also says it has extended access to more than 40 additional organizations that build or maintain critical software infrastructure, and it is committing up to $100 million in usage credits plus $4 million in direct donations to open-source security organizations. In practical terms, that means the first wave of Mythos access is being framed as a patching sprint, not a product launch.<\/p>\n\n\n\n There is a tradeoff hiding in the fine print. Restricting access may reduce the odds of casual misuse, but it also concentrates an unusually powerful security capability inside a small club of major platforms and large enterprises, while everyone else is left waiting for secondhand benefits like upstream patches and shared learnings.<\/p>\n\n\n\n The banking angle is not incidental here. Reuters reports that experts have warned Mythos could supercharge attacks against banks, in part because many institutions run complex stacks that blend modern tools with decades-old software and shared vendors, which can turn a single class of exploit into a repeatable playbook across the sector.<\/p>\n\n\n\n Governments are watching too. Reuters says officials in the United States, Canada, and the United Kingdom have met with top banking officials to discuss threats posed by Claude Mythos Preview, a sign that this is being treated as more than a tech industry curiosity.<\/p>\n\n\n\n Anthropic\u2019s own framing ties this to public safety and national security, not just corporate losses. The company points to the reality that cyberattacks already hit corporate networks, healthcare, energy infrastructure, and government agencies, and it cites estimates that global cybercrime costs might be around $500 billion each year.<\/p>\n\n\n\n If you are not on the Glasswing partner list, you are not powerless, but you do need to adjust your assumptions. <\/p>\n\n\n\n Anthropic\u2019s security researchers argue that today\u2019s generally available frontier models are already effective at finding vulnerabilities, even if they are less effective at writing fully autonomous exploits, and that getting practice now is a form of preparation for what comes next.<\/p>\n\n\n\n That preparation looks less like buying one magic tool and more like tightening routine work you already know is overdue. <\/p>\n\n\n\n Shortening patch cycles, reducing exposure to known vulnerabilities, running more aggressive code scanning, and treating \u201cdefense in depth\u201d features that rely on friction rather than hard barriers as potentially weaker against model-assisted adversaries are all themes Anthropic highlights in its technical write-up.<\/p>\n\n\n\n And yes, it also means revisiting incident response expectations. When exploit development becomes faster and cheaper, the \u201cwe will fix it next quarter\u201d mindset starts to look like leaving a spare key under the doormat, except the neighborhood now has better search tools.<\/p>\n\n\n\n Anthropic is effectively testing a new model for releasing frontier capability, one that looks more like a controlled security briefing than a consumer product drop. It is trying to use the same capability that could empower attackers to instead give defenders a head start, while acknowledging that the transition period could be rough.<\/p>\n\n\n\n Still, the model\u2019s reported behavior in containment-style tests is a reminder that \u201csafe by policy\u201d is not the same thing as \u201csafe by design.\u201d If an AI system can take unasked-for actions to demonstrate success, the pressure on auditing, sandboxing, access controls, and independent evaluation rises fast, especially when the stakes include critical infrastructure and national security.<\/p>\n\n\n\n The next few months will show whether Glasswing produces measurable improvements in patching speed and whether Anthropic can build safeguards strong enough to eventually scale access without scaling harm. That is the real scoreboard, and it will matter to everyone who relies on software, which is basically all of us.<\/p>\n\n\n\n The official statement was published by Anthropic<\/em><\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" Anthropic says it has built a new frontier AI model, Claude Mythos Preview, that is powerful enough to create real … <\/p>\nAlso Read: Samsung has been forced to stop one of the quietest things smart TVs do, and the real shock is how much they could know without clear consent<\/a><\/h4>\n<\/div>\n<\/div><\/div>\n<\/div>\n\n\n\n
When testing turns into a containment drill<\/h2>\n\n\n\n
Also Read: What BYD has done to EV charging is starting to look brutal for legacy automakers, because even BMW may have to chase this new speed ceiling<\/a><\/h4>\n<\/div>\n<\/div><\/div>\n<\/div>\n\n\n\n
Project Glasswing and a partner-only release<\/h2>\n\n\n\n
Why banks and critical infrastructure are paying attention<\/h2>\n\n\n\n
What security teams can do without Mythos access<\/h2>\n\n\n\n
Also Read: What looked like Apple\u2019s smallest desktop is turning into an AI monster, because the Mac mini can now borrow serious power from the outside<\/a><\/h4>\n<\/div>\n<\/div><\/div>\n<\/div>\n\n\n\n
The bigger question is who gets the flashlight<\/h2>\n\n\n\n