Anthropic Mythos: The AI Model Too Dangerous to Release Publicly

Anthropic's new Mythos model can find thousands of zero-day vulnerabilities in real codebases. It is so capable that Anthropic decided not to release it to the public. Instead, they handed access to 12 of the world's largest tech companies, Amazon, Apple, Cisco, Microsoft, and others, exclusively for defensive security work.

This is the most significant AI development this week, and possibly this month. Here is everything you need to know about Anthropic Mythos.

What Is Anthropic Mythos?

Anthropic Mythos Preview is a new frontier AI model from Anthropic, announced on April 7, 2026. It is the most capable model Anthropic has ever built, but it will not be available to the public in its current form.

Mythos was not specifically trained for cybersecurity. Its advanced security capabilities are a byproduct of its exceptional coding and reasoning skills. The model is so capable at identifying and exploiting software vulnerabilities that Anthropic concluded a general public release would pose unacceptable risks.

Anthropic has $67.3 billion in total funding, 4,704 employees, and was founded in 2021 by former OpenAI researchers including Dario Amodei and Daniela Amodei. Claude, their flagship public AI, is used by millions of developers and businesses. Mythos is a different beast entirely.

What Can Anthropic Mythos Actually Do?

The capabilities Anthropic has disclosed are significant:

• Zero-day vulnerability discovery, Mythos identified "thousands of zero-day vulnerabilities, many of them critical" in real-world open-source codebases in a matter of weeks
• Exploit development, the model can reverse-engineer exploits on closed-source software
• N-day exploitation, takes known but unpatched vulnerabilities and develops working exploits
• First-party code scanning, can scan both proprietary and open-source software systems for vulnerabilities at scale

To put this in context: security researchers typically find one zero-day vulnerability after weeks or months of focused work. Mythos found thousands in weeks, autonomously. This is a qualitative step change in AI security capability.

Project Glasswing: How Anthropic Is Deploying Mythos

Rather than a public API release, Anthropic launched Project Glasswing, a controlled deployment initiative focused exclusively on defensive cybersecurity. The 12 organizations receiving early access to Mythos Preview are:

• Amazon
• Apple
• Broadcom
• Cisco
• CrowdStrike
• The Linux Foundation
• Microsoft
• Palo Alto Networks
• (Plus four additional undisclosed organizations)

These organizations will use Mythos to scan their own software for vulnerabilities before attackers find them. The goal is to use Mythos's offensive capabilities defensively, finding holes so they can be patched before exploitation.

Anthropic is committing $100 million in usage credits for these Mythos Preview deployments, plus $4 million in direct donations to open-source security organizations.

Why Is Anthropic Withholding Mythos from the Public?

The reasoning is straightforward: the same capabilities that make Mythos valuable for defense make it dangerous for offense. A threat actor with access to a model that can autonomously discover and exploit zero-day vulnerabilities in any codebase would have an unprecedented advantage.

Anthropic's decision reflects a genuine tension in frontier AI development: the most capable models are the most dangerous. The company believes the defensive value, hardening critical infrastructure before attacks happen, outweighs the lost revenue from a public launch.

The move also prompted an unusual response: U.S. Treasury Secretary Bessent and Federal Reserve Chair Powell convened a meeting with Wall Street CEOs to discuss the systemic cyber risk implications of the Mythos announcement. Financial infrastructure, which runs on legacy software full of known vulnerabilities, is considered particularly at risk if similar models reach malicious actors.

How Does Mythos Compare to Other AI Models?

Mythos is notably not the same as Claude Sonnet 4.6, which remains Anthropic's publicly available flagship. Mythos is a separate, more capable model being held back from general release.

What Does Mythos Mean for the AI Landscape?

Several implications are worth watching:

The End of Unconditional Public Releases

Anthropic's decision to restrict Mythos signals a new phase of AI development where the most capable frontier models may never see general public release. This is a departure from OpenAI's and Google's approach of making top models broadly available via API. If the trend continues, we will see a bifurcated AI market: powerful restricted models for enterprise/government, and capable-but-limited models for public consumption.

AI as a Cybersecurity Weapon, Both Ways

Every organization now has to assume that adversaries, state-level actors especially, are developing or acquiring models with similar capabilities to Mythos. The window between "AI discovers vulnerability" and "AI exploits vulnerability at scale" could collapse from months to hours. Security teams that are not using AI defensively are falling behind.

Regulatory Pressure on Frontier Models

The Bessent/Powell meeting signals that U.S. financial regulators are taking AI-enabled cyber risk seriously at the systemic level. Expect regulatory frameworks for frontier model disclosure to accelerate in the coming months.

What Happens Next for Anthropic?

The Mythos Preview is exactly that, a preview. Anthropic has indicated this represents the beginning of a new capability tier, not the final version. Two scenarios are likely:

1. Controlled expansion, the Project Glasswing partner list grows to include critical infrastructure operators (energy, water, finance) while Mythos remains off-limits to general developers
2. Public release with guardrails, a version of Mythos with the most dangerous capabilities restricted ships as a next-generation Claude model

What will not happen: a full public API release of Mythos Preview in its current form. Anthropic has been too explicit about the risk calculus to reverse course quickly.

How Does This Affect Anthropic's Competitors?

OpenAI, Google DeepMind, and Meta all have frontier models with strong coding capabilities. They are almost certainly evaluating similar vulnerability-finding capabilities internally. The competitive question is not whether these capabilities exist at other labs, it is whether those labs will make the same choice to restrict access.

Meta recently launched Muse Spark, its most capable public model yet, without similar cybersecurity restrictions. OpenAI's GPT-5.4 Thinking is publicly available. The industry has not converged on a standard for when frontier models become too dangerous to release.

Anthropic's move with Mythos may force that conversation. Or it may simply slow Anthropic's revenue growth while competitors continue shipping.

Frequently Asked Questions

Can I access Anthropic Mythos?

No. Mythos Preview is restricted to 12 Project Glasswing partner organizations. There is no public API or waitlist. Anthropic has not announced a timeline for broader availability.

Is Mythos the same as Claude?

No. Mythos is a separate model from Claude. The publicly available Claude Sonnet 4.6 remains Anthropic's flagship for general use. Mythos is a more capable model being held back from general release due to its cybersecurity risk profile.

How many zero-day vulnerabilities did Mythos find?

Anthropic reported that Mythos identified "thousands of zero-day vulnerabilities, many of them critical" in real open-source codebases over the past several weeks of internal testing.

What is Project Glasswing?

Project Glasswing is Anthropic's initiative to deploy Mythos Preview exclusively for defensive security purposes. Twelve partner organizations, including Amazon, Apple, Cisco, CrowdStrike, Microsoft, and Palo Alto Networks, are using the model to scan critical software for vulnerabilities before attackers can find and exploit them.

Bottom Line

Anthropic Mythos is the most significant AI capability announcement of 2026. A model that autonomously discovers thousands of critical zero-day vulnerabilities, and that its own creator decided was too dangerous for public release, represents a genuine inflection point in AI capability.

Project Glasswing is the right call. Using Mythos to harden critical infrastructure before release is a defensible approach to responsible deployment. The harder question, what happens when state actors or well-funded groups develop equivalent capabilities without the same restraint, remains unanswered.

Watch Anthropic closely. What they do next with Mythos will shape how the entire AI industry handles frontier model safety for years to come.