Claude Mythos AI cybersecurity implications have made it the most discussed AI model of 2026 — and one of the few in history to be deliberately withheld from public release on safety grounds. Announced on April 7, 2026, Claude Mythos Preview is Anthropic’s most capable model ever built. It can autonomously hack systems, discover unknown vulnerabilities, and execute multi-stage cyberattacks in hours — tasks that would take human professionals days. Here is everything verified about what it is, what it can do, why it was leaked, and what it means for the future of AI and cybersecurity.
40+
Companies in Project Glasswing
73%
Expert CTF success rate (AISI)
Hours
To map and breach a network
Days
Until it was leaked after launch
What Is Claude Mythos — And Why Does It Exist?
📚 Related Reading
Claude Mythos was not designed as a weapon. Anthropic built it as what company documents describe as “the ultimate developer” — an AI capable of working with vast, complex codebases in ways no previous model could. Internally, the model was also called “Capybara,” representing a new tier above Opus — the largest model in Anthropic’s existing lineup.
An Anthropic spokesperson confirmed it as “a step change” — their strongest language yet about a model’s capability leap. Company documents leaked to Fortune described it as achieving “dramatically higher scores on tests of software coding, academic reasoning, and cybersecurity” compared to Claude Opus 4.6.
The four specific technical capabilities that distinguish Mythos in cybersecurity contexts, according to Bain & Company’s analysis, are:
- Code intent understanding — It can read a codebase and find hidden flaws from a simple natural language instruction, without needing to be told where to look.
- Vulnerability chaining — It can combine multiple small, individually minor vulnerabilities into a single, devastating attack sequence.
- Source code reconstruction — It can reverse-engineer deployed software to find exploitable weaknesses, even without access to the original source.
- Autonomous network operations — Once inside a network, it can map systems, move laterally between them, and build custom tools to extract data — within hours.
The AISI Evaluation — What Independent Testing Found
The UK’s AI Security Institute (AISI) conducted independent cybersecurity evaluations of Claude Mythos Preview. Their findings were unambiguous: “Mythos Preview represents a step up over previous frontier models in a landscape where cyber performance was already rapidly improving.”
The headline number: on expert-level Capture the Flag (CTF) challenges — tasks that no AI model could complete before April 2025 — Claude Mythos Preview succeeds 73% of the time. In multi-step cyber-attack simulations, it demonstrated the ability to execute full attack chains on vulnerable networks autonomously, when given explicit direction and network access.
The AISI was careful to contextualise these results: the evaluations were conducted against systems with weak security posture and no active defences. Real-world well-defended systems present different challenges. But the directional signal is clear: AI-enabled offensive cyber capability has crossed a threshold that requires defenders to respond with urgency, not a wait-and-see posture.
“Two years ago, the best available models could barely complete beginner-level cyber tasks. Now, in controlled evaluations where Mythos Preview was explicitly directed and given network access to do so, we observed that it could execute multi-stage attacks on vulnerable networks.”
— UK AI Security Institute (AISI), April 2026
Project Glasswing — The Controlled Deployment
Rather than a public release, Anthropic announced Project Glasswing — an invite-only consortium of approximately 40 companies given controlled access to Claude Mythos Preview. The list includes Apple, Amazon, Microsoft, and Google. The intent was to allow large enterprises with sophisticated security teams to test the model’s capabilities and help Anthropic understand its real-world implications before any broader deployment.
The name — Glasswing, after the butterfly known for its transparent wings — signals Anthropic’s intent: visible, observable, controllable deployment. In practice, the program also reflects a commercial reality: these 40 companies represent the enterprise segment most capable of paying premium prices for frontier AI capabilities.
The Leak — How Mythos Was Accessed Unauthorised
Within days of the April 7 announcement, a group in a private Discord server accessed Claude Mythos Preview without authorisation. The mechanism was straightforward but alarming: one group member was a third-party contractor for Anthropic. Using prior knowledge about Anthropic’s infrastructure practices — obtained from a separate leak involving AI training startup Mercor — the group guessed the model’s location and accessed it through a vendor environment.
Anthropic confirmed to Bloomberg it was “investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments.” The group had not, as of reporting, used the model for cyberattacks — but had been using it continuously since access was obtained.
The irony is pointed: an AI model restricted on cybersecurity grounds was accessed through precisely the kind of insider threat and supply chain vulnerability it was designed to help detect. David Lindner, CISO at Contrast Security, summarised it: “It was bound to happen. The more they add to this elite group, the more likely it was to get released to someone who shouldn’t probably have access to it.”
What Claude Mythos Means for Cybersecurity in 2026
Bain & Company’s analysis captures the core risk clearly: Claude Mythos is not the problem — it is the signal. OpenAI’s GPT-5.4-Cyber and Google’s Big Sleep already have comparable capabilities in specific domains. The era of AI-enabled cyberattacks has arrived, and Mythos is the most visible milestone in a progression that will continue regardless of any single company’s release decisions.
For organisations, the World Economic Forum’s Global Cybersecurity Outlook 2026 is direct: “More than 60% of organizations say geopolitical tensions have already affected their cybersecurity strategies.” AI accelerates both the offensive and defensive sides of that tension simultaneously.
The defensive implications are as significant as the offensive ones. Mythos-level capability applied to defence means the ability to audit entire codebases for vulnerabilities at speed no human team could match, identify attack patterns before they are exploited, and respond to incidents with a comprehensiveness that compresses remediation time from weeks to hours. The dual-use nature of the capability is real — and the organisations that weaponise it for defence first will hold a significant advantage. This connects directly to the broader deployment of agentic AI systems in enterprise operations.
Sam Altman’s characterisation of Anthropic’s approach as “fear-based marketing” reflects a real tension within the AI industry about how to communicate capability risks without either understating them or creating panic that outpaces evidence. That debate will intensify as models continue to improve. What is not debatable is that the trajectory of AI capability means every organisation needs to treat cybersecurity as a board-level strategic risk — not a technical detail delegated to IT teams.
🚀 A Square Solutions
We specialise in AI Strategy & Digital Growth Systems — helping businesses understand and deploy emerging AI capabilities before competitors do.
Frequently Asked Questions
What is Claude Mythos?
Claude Mythos is Anthropic’s most powerful AI model to date — sitting above the Claude Opus tier. It was announced on April 7, 2026, and restricted to a vetted partner program called Project Glasswing involving around 40 companies including Microsoft, Apple, and Google. Anthropic described it as ‘by far the most powerful AI model we’ve ever developed.’
Why was Claude Mythos not released to the public?
Anthropic restricted Claude Mythos because of its unprecedented cybersecurity capabilities. The model can autonomously identify previously unknown software vulnerabilities, generate working exploits, and carry out complex multi-stage cyberattacks with minimal human input — capabilities that could be catastrophically misused if widely available.
Was Claude Mythos hacked or leaked?
Yes. Within days of its announcement, a small group of users in a private Discord server accessed Claude Mythos Preview by guessing its location using previously leaked information about Anthropic’s infrastructure practices. Anthropic confirmed it was ‘investigating a report claiming unauthorized access through one of our third-party vendor environments.’
What is Project Glasswing?
Project Glasswing is Anthropic’s invite-only program for deploying Claude Mythos with vetted partners. Named after the glasswing butterfly — known for its transparent wings — the program is designed to test the model’s capabilities in controlled enterprise environments before any broader release consideration.
How does Claude Mythos differ from Claude Opus?
Claude Mythos sits above the entire existing Claude model tier — Opus, Sonnet, and Haiku. It features an infinite context window, the ability to understand code intent and find hidden flaws, chain multiple small vulnerabilities into devastating attacks, reconstruct source code from deployed software, and autonomously map and move across networks.
Reference Sources:
Fortune — Mythos Leak Report |
UK AISI Evaluation |
World Economic Forum |
Bain & Company Analysis
💬 Questions about Claude Mythos or AI security?
Use the 🤖 Ask Our AI widget (bottom-right) — instant answers, 24/7.