Anthropic’s New Claude Mythos Is Too Powerful to Release

A Model That Announced Itself Before Anthropic Was Ready

Most AI model launches follow a predictable pattern: a prepared announcement, a benchmark table, a pricing page. Claude Mythos arrived differently. In late March 2026, Fortune reported that Anthropic had accidentally left nearly 3,000 files, including a draft blog post describing its most powerful model to date, in a publicly accessible data cache. The model was called Claude Mythos. The draft described it as "by far the most powerful AI model we've ever developed" and warned that it "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders."

Cybersecurity stocks fell between 5 and 11 percent on the news. Investors interpreted the leak as a signal that highly capable AI models could fundamentally disrupt the threat landscape, making traditional security products less relevant. CrowdStrike, Palo Alto Networks, Zscaler, SentinelOne, Okta, and others all declined.

On April 7, 2026, Anthropic made the official announcement. Claude Mythos Preview is real, it is the most capable model the company has built, and Anthropic has no plans to release it to the public.

What Claude Mythos Is

Claude Mythos Preview, known internally during development as Capybara, represents a new tier in Anthropic's model lineup. It sits above Opus, which was previously the company's most capable and expensive tier. Anthropic describes it as a general-purpose model, not a cybersecurity-specific one. Its exceptional performance in security tasks is a byproduct of broader improvements in reasoning, coding, and agentic capabilities, not the result of specialized training.

On SWE-bench Verified, the standard benchmark for measuring AI coding ability, Mythos scores 93.9 percent. Claude Opus 4.6, Anthropic's current flagship public model, scores 80.8 percent on the same benchmark. On SWE-bench Pro, a harder evaluation, Mythos achieves 77.8 percent compared to Opus 4.6's 53.4 percent.

These are large gaps. The jump from Opus 4.6 to Mythos on SWE-bench Pro is larger than the cumulative improvement across several prior model generations. Anthropic describes the model as representing "a step change" rather than an incremental improvement, and the benchmark numbers support that characterization.

Why Anthropic Is Withholding It

The dual-use problem is the reason Mythos is not publicly available. A model capable of finding software vulnerabilities at scale and building working exploits from them is genuinely valuable for defense. It is equally valuable for attack. Anthropic determined that releasing Mythos without appropriate safeguards in place would make the second outcome more likely than the first.

Logan Graham, head of Anthropic's frontier red team, told Axios that Mythos Preview is "extremely autonomous" with sophisticated reasoning capabilities that give it the skills of an advanced security researcher. He told CNN directly: "We did not feel comfortable releasing this generally. We think that there's a long way to go to have the appropriate safeguards."

In testing, Mythos Preview found bugs in every major operating system and web browser. It identified thousands of zero-day vulnerabilities, many of which were critical and had survived years or decades of human review and automated security testing. The oldest confirmed find is a 27-year-old vulnerability in OpenBSD, an operating system specifically known for its security practices. In the Linux kernel, Mythos autonomously identified and chained together multiple flaws in a way that would allow a attacker to take complete control of any machine running Linux. When Anthropic gave Mythos known vulnerabilities to test against and asked it to develop proof-of-concept exploits, it succeeded on the first attempt 83.1 percent of the time.

Dianne Penn, Anthropic's head of research product management, described the decision to move carefully: "We really do view this as a first step for giving a lot of cyber defenders a head start on a topic that will be increasingly important."

Anthropic has also privately warned senior US government officials, including briefings with the Cybersecurity and Infrastructure Security Agency and the Center for AI Standards and Innovation, about Mythos Preview's offensive and defensive capabilities. The company has made itself available to support government testing and evaluation of the technology.

Project Glasswing: The Controlled Deployment

Rather than a general release, Anthropic announced Project Glasswing, a structured initiative that gives access to Mythos Preview to a specific set of organizations for defensive security work only.

The name was chosen by Anthropic employees as a reference to the glasswing butterfly, a species with transparent wings. The metaphor reflects the nature of software vulnerabilities, which are relatively invisible, existing in systems for years without being detected, until something exposes them.

The 12 core launch partners in Project Glasswing are Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. In addition, more than 40 other organizations that build or maintain critical software infrastructure have access to Mythos Preview, bringing the total number of participating organizations above 50.

Each partner will use Mythos to scan their own first-party software and open-source code for vulnerabilities. The work is read-only and defensive. Mythos is being used to find and report, not to patch or deploy. The findings and learnings from the initiative will be shared with the wider industry, giving organizations beyond the direct partnership access to the security improvements that result.

To support the initiative, Anthropic is providing up to $100 million in usage credits to the partner organizations testing Mythos Preview. The company is also contributing $4 million to three open-source security organizations: the Open Source Security Foundation, Alpha-Omega, and the Apache Software Foundation.

The Broader Context

Anthropic is not alone in recognizing the inflection point. OpenAI is finalizing a model with comparable capabilities that it plans to release exclusively to a small set of companies through its existing Trusted Access for Cyber program, according to a source familiar with the plans reported by Axios. The parallel development at both labs signals that frontier-level cybersecurity capability is emerging from general AI progress rather than specialized training, and that multiple organizations will soon face the same deployment decisions Anthropic is navigating now.

Alex Stamos, chief product officer at cybersecurity firm Corridor, who previously led security at Facebook and Yahoo, described Project Glasswing as "a big deal, and really necessary." He told Platformer: "We only have something like six months before the open-weight models catch up to the foundation models in bug finding. At which point every ransomware actor will be able to find and weaponize bugs without leaving traces for law enforcement to find."

Anthony Grieco, chief security and trust officer at Cisco, a Project Glasswing launch partner, said in an accompanying statement: "AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back."

The framing from both Anthropic and its partners is consistent: the capabilities Mythos represents are arriving regardless of what any single company decides. The question is not whether models with these abilities will exist, but whether defenders get access to them before attackers do.

What Comes Next

Anthropic has stated clearly that it does not plan to make Claude Mythos Preview generally available in its current form. The company's stated goal is to develop appropriate safeguards, validate them against less capable models first, and eventually enable Mythos-class models to be deployed at scale, for cybersecurity purposes and for the broader use cases that a model with this level of capability would serve.

The path to that general availability runs through the lessons Project Glasswing generates. What vulnerabilities does Mythos find? What safeguards are effective at preventing misuse? What governance structures allow organizations to use the model responsibly? The answers will shape both Anthropic's deployment strategy and the broader industry's approach to frontier model releases.

For now, Mythos Preview is a demonstration of where general AI capability has arrived and a deliberate attempt to ensure that the first meaningful use of that capability is defensive rather than offensive.

If you are looking for a security-aware technology partner to help your organization evaluate AI risk, build resilient software infrastructure, or design systems that account for the evolving threat landscape, please reach out to MonkDA. We work with development and security teams at every stage of building production systems.