← Back to Blog

Claude Mythos Preview: When AI Becomes Better at Hacking Than Humans

Anthropic's new frontier model can find thousands of zero-day vulnerabilities autonomously. So they're not releasing it to the public.

Yesterday, Anthropic officially announced Claude Mythos Preview - and it's not a leak anymore. The company revealed a frontier model so capable at finding and exploiting software vulnerabilities that they've made a deliberate choice: keep it out of public hands.

Instead, they're launching Project Glasswing, a coalition of 45+ tech giants including Apple, Google, Microsoft, AWS, and NVIDIA. These organizations will get private access to Mythos Preview to scan and secure their critical infrastructure. Anthropic is committing $100M in usage credits and $4M in direct donations to open-source security organizations.

The Numbers

Claude Mythos Preview isn't just incrementally better - it's setting records:

From Dario Amodei, Anthropic's CEO: "We haven't trained it specifically to be good at cyber. We trained it to be good at code, but as a side effect of being good at code, it's also good at cyber."

Project Glasswing: The Coalition

The partner list reads like a who's who of tech and infrastructure:

The goal is simple but urgent: give defenders time to find and fix vulnerabilities before malicious actors - or future AI systems - discover them.

"We need to prepare now for a world where these capabilities are broadly available in 6, 12, 24 months. Many of the assumptions that we've built the modern security paradigms on might break." - Logan Graham, Anthropic's frontier red team lead

Why Withhold It?

This is the key question. Anthropic could release Mythos Preview as a paid API, charge premium prices, and make a fortune. Instead, they're restricting access.

The reason is stark: AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities. The fallout - for economies, public safety, and national security - could be severe if these capabilities proliferate without safeguards.

It's a dual-use technology in the purest sense. The same capabilities that can harden critical infrastructure can also be weaponized.

What This Means for Practitioners

For those of us building with AI today, Mythos Preview signals three things:

1. The Capability Gap Is Widening

Mythos isn't a gradual improvement - it's a qualitative leap. If you're planning AI deployments, assume the next generation of models will be substantially more capable than what's available today.

2. AI-Powered Security Is Here

We're entering an era where AI will find vulnerabilities faster than human teams can patch them. Defensive AI will become table stakes for security operations.

3. The Cat-and-Mouse Game Accelerates

When both attackers and defenders have AI tools, the pace of vulnerability discovery and exploitation will accelerate. Organizations need to prepare for this new reality.

The Bigger Picture

Project Glasswing is a starting point, not a solution. As Anthropic notes: "The work of defending the world's cyber infrastructure might take years; frontier AI capabilities are likely to advance substantially over just the next few months."

The consortium brings together competitors - Apple, Google, Microsoft - because the threat is bigger than any single company. If AI can hack everything, everyone loses.

Mythos Preview represents a inflection point: the moment when AI's offensive capabilities outpace our defensive readiness. Project Glasswing is an attempt to get ahead of that reality.

Whether it succeeds will shape not just the AI industry, but the security of the digital infrastructure we all depend on.