What is Claude Mythos Preview?

Claude Mythos Preview is Anthropic's most powerful general-purpose frontier AI model, announced on April 8, 2026. It is capable of autonomously identifying zero-day security vulnerabilities and constructing working exploits across major operating systems, web browsers, and critical infrastructure software.

What zero-day vulnerabilities did Claude Mythos Preview find?

Claude Mythos Preview found thousands of zero-day vulnerabilities across every major operating system and web browser. Notable findings include a 27-year-old flaw in OpenBSD, a 17-year-old remote code execution bug in FreeBSD (CVE-2026-4747), a 16-year-old vulnerability in FFmpeg's H.264 codec, authentication bypasses in web applications, and weaknesses in TLS, AES-GCM, and SSH cryptography libraries.

Is Claude Mythos Preview available to the public?

No. Anthropic has explicitly stated it does not plan to make Claude Mythos Preview generally available due to its extraordinary and dangerous cybersecurity capabilities. Access is restricted to a limited coalition of partners through Project Glasswing.

What is Project Glasswing?

Project Glasswing is Anthropic's defensive cybersecurity initiative that deploys Claude Mythos Preview in partnership with major technology and finance companies — including AWS, Apple, Google, Microsoft, JPMorgan Chase, Cisco, CrowdStrike, NVIDIA, Palo Alto Networks, Broadcom, and the Linux Foundation — to find and patch critical software vulnerabilities before adversaries can exploit them.

How does Claude Mythos Preview compare to previous Claude models in security testing?

The gap is enormous. When tested against Firefox 147 JavaScript engine vulnerabilities, Claude Opus 4.6 (the prior best model) produced working exploits just 2 times out of hundreds of attempts. Claude Mythos Preview succeeded 181 times in the same test. On the CyberGym benchmark, Mythos scored 83.1% vs. 66.6% for Opus 4.6.

Were the discovered vulnerabilities intentionally trained into Mythos Preview?

No. Anthropic stated explicitly that they did not train Mythos Preview to have offensive cybersecurity capabilities. These abilities emerged as an unintended downstream consequence of general improvements in code understanding, reasoning, and autonomous operation.

What is a zero-day vulnerability?

A zero-day vulnerability is a software flaw that is previously unknown to the software's developers and maintainers. Because no patch exists, it can potentially be exploited immediately. The term 'zero-day' refers to the fact that developers have zero days of warning before the vulnerability could be used in an attack.

What is vulnerability chaining and why is it dangerous?

Vulnerability chaining is the technique of combining multiple individually low-to-medium severity bugs into a single attack sequence that achieves a much more severe outcome — such as full system takeover. Claude Mythos Preview demonstrated this by chaining four browser vulnerabilities to escape both renderer and OS sandboxes, a capability previously limited to elite nation-state hackers.

Are the vulnerabilities found by Mythos Preview being fixed?

Yes, where possible. Vulnerabilities that have already been patched are being disclosed with technical details. For the over 99% that remain unpatched, Anthropic is publishing cryptographic hashes of the vulnerability details as a timestamp, with full disclosure planned after fixes are deployed.

What banking systems are most at risk from Mythos-level AI threats?

Legacy banking infrastructure is particularly at risk, including decades-old COBOL-based core banking systems, aging authentication frameworks, custom network stacks, cryptographic libraries with implementation flaws, and transaction processing systems that have not undergone modern security review.

How much is Anthropic investing in Project Glasswing?

Anthropic is committing up to $100 million in Claude Mythos Preview usage credits for Project Glasswing partners, plus $4 million in direct donations to open-source security organizations.

What was the CVE-2026-4747 vulnerability?

CVE-2026-4747 is a 17-year-old remote code execution vulnerability in FreeBSD's NFS server that Mythos Preview autonomously identified and exploited. The flaw allows an unauthenticated attacker anywhere on the internet to gain complete root-level control over affected servers.

Can Mythos Preview escape its own security sandbox?

In testing, Claude Mythos Preview demonstrated the ability to escape a secured sandbox computer it was provided during an evaluation when directed by a researcher. Anthropic flagged this as a 'potentially dangerous capability' indicating the model can bypass certain containment safeguards.

What is the CyberGym benchmark?

CyberGym is an evaluation benchmark used to measure AI cybersecurity capability. Claude Mythos Preview scored 83.1% on CyberGym, substantially outperforming Claude Opus 4.6's score of 66.6%, demonstrating a significant leap in autonomous security research ability.

How does Mythos Preview handle closed-source software?

Claude Mythos Preview has demonstrated the ability to reverse-engineer exploits on closed-source (proprietary binary) software — meaning it can analyze software even without access to the underlying source code. This capability extends its threat surface far beyond open-source codebases.

What does this mean for ordinary internet users?

For everyday users, the immediate risk is low because Mythos Preview is tightly restricted. However, the broader implication is that similar AI capabilities will inevitably proliferate to less responsible actors. Users should keep all software updated, enable automatic updates, use password managers and multi-factor authentication, and follow their software vendors' security advisories closely.

Is AI-powered vulnerability discovery a good or bad development for cybersecurity?

Both. In the short term, AI-powered discovery creates a dangerous transition window where adversaries may gain access to similar tools. Long-term, defenders benefit more because they can run AI-powered scanning 24/7, while attackers still need to find just one gap. The key is ensuring defensive deployment leads offensive proliferation.

What should security teams do immediately in response to Mythos-level threats?

Security teams should immediately enable automatic security updates, treat all CVE-tagged dependency updates as urgent, audit legacy codebases for unmaintained components, harden authentication flows, begin deploying AI-assisted security scanning tools, invest in automated incident response pipelines, and begin systematic modernization of legacy infrastructure.

How fast can Mythos Preview complete complex security tasks compared to humans?

In one documented case, Claude Mythos Preview solved a corporate network attack simulation in minutes that would have taken a human expert more than 10 hours. This speed advantage fundamentally changes the economics and timelines of both offensive and defensive security operations.

What is the broader geopolitical significance of Claude Mythos Preview?

The geopolitical stakes are enormous. Nations and threat actors who gain access to Mythos-level AI capabilities gain a potentially decisive advantage in cyber operations. This is why the US Treasury and Federal Reserve treated the announcement as a systemic financial risk and why Anthropic is maintaining extremely tight access controls while accelerating defensive patch programs.

How did Anthropic discover the Claude Mythos Preview code leak?

In late March 2026, internal Anthropic documents describing Mythos Preview leaked through a CMS misconfiguration, accidentally storing them in a publicly accessible data cache. The leak described Mythos as 'a step change in capabilities' and caused significant disruption in cybersecurity markets before the official announcement.

What is coordinated vulnerability disclosure and how does Anthropic apply it?

Coordinated vulnerability disclosure (CVD) is the practice of notifying software vendors privately about security flaws and giving them time to develop patches before public disclosure. Anthropic is applying CVD to Mythos's findings by reporting vulnerabilities to maintainers privately, publishing cryptographic hashes as proof-of-discovery timestamps, and only fully disclosing technical details after patches are confirmed.

🚨 Claude Mythos Preview: The AI That Just Changed Cybersecurity Forever

How Anthropic's Most Dangerous Model Found Thousands of Hidden Bugs in the Systems We All Depend On — and Why the World Is Now Racing to Respond

🌐 The Moment Everything Changed

On April 8, 2026, the cybersecurity world experienced a watershed moment unlike anything in its history. Anthropic — the AI safety company behind the Claude family of models — publicly disclosed that its newest and most powerful frontier model, Claude Mythos Preview, had done something no tool before it ever had: it autonomously identified thousands of zero-day vulnerabilities — flaws previously completely unknown to software developers — across every major operating system, every major web browser, and a wide range of other critical software Anthropic, all within just weeks of internal testing.

This wasn't a research paper. It wasn't a theoretical exercise. It was a real-world demonstration of an AI system operating at a level of offensive security capability previously considered the exclusive domain of elite nation-state hackers. And the implications — for banks, governments, businesses, and everyday internet users — are staggering.

Claude Mythos Preview AI finds thousands of zero-day vulnerabilities in banks, OSes & browsers. Project Glasswing partner logos & key stats. Anthropic Model

🤖 What Exactly Is Claude Mythos Preview?

Claude Mythos Preview is Anthropic's most capable general-purpose frontier model to date. Unlike its predecessors in the Claude 4.6 family, Mythos represents what security experts are calling a "capability jump" — a sudden, dramatic leap in what an AI model can actually do on its own.

Key attributes of Mythos Preview:

🧠 Autonomous vulnerability discovery — finds bugs without human guidance
🔗 Exploit chaining — chains multiple vulnerabilities together into devastating attack sequences
🕵️ Reverse engineering — decompiles and analyzes closed-source software
⚡ Speed — completes tasks in minutes that would take human experts 10+ hours
🎯 Precision — achieved a 72.4% success rate turning identified vulnerabilities in Firefox's JavaScript shell into working exploits Help Net Security

What makes this especially alarming is how these capabilities emerged. "We did not explicitly train Mythos Preview to have these capabilities," Anthropic stated. "Rather, they emerged as a downstream consequence of general improvements in code, reasoning, and autonomy." The Hacker News

In other words: nobody designed this weapon. It designed itself — as a side effect of becoming better at everything else.

🏦 Banks Under the Microscope: Legacy Code and Hidden Danger

Perhaps the most alarming dimension of these revelations concerns the banking sector. On April 7, 2026, Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an emergency meeting with the chief executives of the nation's systemically important banks — including Citigroup, Morgan Stanley, Bank of America, Wells Fargo, and Goldman Sachs — to warn of cybersecurity threats posed by Claude Mythos Preview. The Agent Times

Why the panic? Because many major banking institutions are running on software infrastructure that is decades old — COBOL-based core banking systems from the 1970s and 1980s, custom network stacks from before the internet era, and authentication frameworks that were never designed to face modern threats. These systems were trusted precisely because they were obscure, old, and difficult to analyze. Claude Mythos Preview doesn't care. It reads code the way a grandmaster reads a chessboard.

Here's what Mythos-level AI means for legacy banking infrastructure:

🔓 Undiscovered authentication bypasses - old login systems may have logic flaws invisible to human reviewers
💸 Transaction manipulation vulnerabilities - subtle integer overflows in financial calculation code
🌐 Network-layer weaknesses - aging TCP/IP implementations with unpatched conditions
🔐 Cryptography library flaws - the model identified weaknesses in widely used cryptography libraries covering TLS, AES-GCM, and SSH Help Net Security
🗄️ Database injection pathways - dormant SQL logic issues in untouched legacy query handlers

For those operating across financial infrastructure, the emergence of an AI model capable of autonomously discovering and exploiting software vulnerabilities represents an existential shift in the threat environment. The Agent Times

💻 Operating Systems and Browsers: Decades of Bugs Exposed

The scope of what Mythos Preview uncovered across mainstream operating systems and web browsers is breathtaking. These are platforms used by billions of people, reviewed by thousands of expert engineers, and subjected to years of automated security testing. And yet:

🔵 OpenBSD — Mythos Preview identified a 27-year-old denial-of-service vulnerability in OpenBSD's TCP SACK implementation, an integer overflow condition that allows a remote attacker to crash any OpenBSD host responding over TCP. The model found it across roughly 1,000 scaffold runs at a total cost under $20,000. Help Net Security

🟠 FFmpeg — A 16-year-old vulnerability in FFmpeg's H.264 codec was discovered, introduced in a 2003 commit and exposed by a 2010 refactor, overlooked since by every fuzzer and human reviewer who had examined the code. Help Net Security

🔴 FreeBSD — Mythos Preview fully autonomously identified and exploited a 17-year-old remote code execution vulnerability in FreeBSD that allows anyone to gain root on a machine running NFS, triaged as CVE-2026-4747, starting from an unauthenticated user anywhere on the internet. Anthropic

🟣 Web Browsers — In one case, Mythos Preview wrote a web browser exploit that chained together four vulnerabilities, writing a complex JIT heap spray that escaped both renderer and OS sandboxes. Anthropic

🟢 Linux — The model autonomously obtained local privilege escalation exploits on Linux and other operating systems by exploiting subtle race conditions and KASLR-bypasses.

The performance gap versus previous models is jarring. When researchers ran both Mythos Preview and Opus 4.6 against the same Firefox 147 JavaScript engine vulnerabilities, Opus 4.6 produced working shell exploits on just two occasions out of several hundred attempts. Mythos Preview succeeded 181 times in the same test, with an additional 29 runs achieving register control. Help Net Security

⚠️ The Critical Infrastructure Threat

Beyond banking and consumer software, Mythos Preview's capabilities pose a direct threat to critical infrastructure: power grids, water treatment systems, air traffic control, hospital networks, and telecommunications.

Many flaws in software go unnoticed for years because finding and exploiting them has required expertise held by only a few skilled security experts. With the latest frontier AI models, the cost, effort, and level of expertise required to find and exploit software vulnerabilities have all dropped dramatically. Anthropic

What once required a nation-state budget and a team of elite hackers can now, theoretically, be replicated by anyone with access to a similar model. As one analysis put it: this is the democratization of offensive security — not in the sense that everyone can now write exploits, but in the sense that you no longer need a specialized team of security experts to find and weaponize vulnerabilities. You need a credit card and an API key. Medium

The threat model has changed fundamentally:

🏭 Industrial control systems - SCADA and OT networks with decades-old firmware
🏥 Healthcare infrastructure - medical devices running legacy embedded OS versions
⚡ Power grid management - supervisory systems with aging networking stacks
✈️ Transportation networks - aviation and rail management software
📡 Telecommunications backbone - SS7 protocol vulnerabilities at scale

🛡️ Project Glasswing: The Defensive Coalition

Recognizing both the power and the danger of what it had built, Anthropic made an extraordinary decision: rather than simply releasing Mythos Preview to the world, consequences be damned, the lab convened key players across the software and hardware industries to use Mythos's bug-finding prowess to proactively patch the vulnerabilities it exposes before adversaries can exploit them. VentureBeat

This initiative is called Project Glasswing, and its founding partners read like a who's-who of global technology:

🔵 Amazon Web Services
🍎 Apple
📡 Broadcom
🌐 Cisco
🦅 CrowdStrike
🔴 Google
🏦 JPMorgan Chase
🐧 The Linux Foundation
🪟 Microsoft
🟢 NVIDIA
🛡️ Palo Alto Networks

Anthropic says it has also extended access to more than 40 additional organizations that build or maintain critical software, and is committing up to $100 million in usage credits for Claude Mythos Preview across the effort, along with $4 million in direct donations to open-source security organizations. VentureBeat

The terms of engagement are strict: Mythos Preview is not, and will not be, publicly available. "We do not plan to make Claude Mythos Preview generally available due to its cybersecurity capabilities," said Newton Cheng, Frontier Red Team Cyber Lead at Anthropic. VentureBeat

📊 The Numbers That Define the Threat

Let's be precise about the scale of what's happened:

🔢 Thousands of zero-day vulnerabilities discovered in weeks
📅 27 years — age of the oldest vulnerability found (OpenBSD)
💰 $20,000 — total cost to discover a critical 27-year-old OS flaw
⏱️ 10+ hours — time it would take a human expert to complete what Mythos does in minutes
📈 83.1% — Mythos Preview's score on the CyberGym evaluation benchmark, compared to 66.6% for Claude Opus 4.6 VentureBeat
🎯 93.9% — score on SWE-bench Verified, versus 80.8% for Opus 4.6
🚀 181x — more successful exploit attempts than its predecessor on the same Firefox test
💵 $100M — Anthropic's commitment in AI credits for Project Glasswing partners

🔬 How Mythos Preview Actually Finds Vulnerabilities

The methodology Mythos uses for vulnerability hunting is both elegant and terrifying in its efficiency:

📂 Codebase ingestion — the model reads entire repositories, including closed-source binaries
🎯 Risk prioritization — it ranks files by vulnerability likelihood (network parsers, auth handlers first)
🔍 Pattern recognition — identifies subtle logic flaws, race conditions, integer overflows
🛠️ Exploit construction — automatically builds working proof-of-concept exploits
🔗 Vulnerability chaining — combines multiple bugs into high-severity attack chains
✅ Validation — tests exploits against live or sandboxed targets to confirm severity

The testing process is surprisingly simple in concept: the same agentic loop that powers Claude Code works for security research — it just needed a better model. Medium

What's unprecedented is step 5 — the chaining. Any skilled pentester can find individual bugs. What separates elite nation-state hackers from everyone else is the ability to chain vulnerabilities — to turn a low-severity information disclosure into a full root-level system takeover. Mythos now does this autonomously.

⚖️ The Ethical Tightrope: Disclosure vs. Danger

The responsible disclosure challenge posed by Mythos is unlike anything the security community has faced. Over 99% of the vulnerabilities found have not yet been patched, so it would be irresponsible to disclose details about them per the coordinated vulnerability disclosure process. Anthropic

Anthropic's approach is novel: for vulnerabilities that can't yet be disclosed, they are publishing cryptographic hashes of the exploit details — essentially timestamping the discovery without revealing it — and committing to full disclosure once patches are in place.

But even this creates tension:

🕐 Speed mismatch - AI discovers bugs in hours; patching takes months
👥 Volunteer burden - flooding open-source maintainers, many of whom are unpaid volunteers, with an avalanche of critical bug reports could easily do more harm than good VentureBeat
🌍 Global coordination - different countries, different legal frameworks, different timelines
🏢 Corporate liability - when does knowing about a flaw and not patching it become negligence?

🧱 What Organizations Must Do Right Now

The emergence of Mythos-level AI capability demands an immediate response from every organization running critical software. Security experts recommend:

Immediate actions (0–30 days):

🔄 Enable automatic security updates across all systems
🚨 Treat every CVE-tagged dependency update as urgent
📋 Audit legacy codebases for unmaintained components
🛑 Review and harden authentication flows in all externally facing services

Short-term actions (30–90 days):

🤖 Begin deploying AI-assisted security scanning tools
📜 Revisit vulnerability disclosure policies for the AI era
🏋️ Run red team exercises against legacy infrastructure
📱 Invest in automated incident response pipelines

Strategic actions (90+ days):

🏗️ Begin systematic modernization of legacy codebases
🌐 Engage with Project Glasswing or equivalent disclosure programs
🎓 Train development teams on AI-era threat modeling
🔐 Implement zero-trust architecture across all critical paths

🌅 The Road Ahead: Defense or Disaster?

"AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back." Anthropic

The optimistic view is that Mythos Preview represents the beginning of a new golden age of defensive security — where AI systematically eliminates the legacy of decades of accumulated technical debt, finding and fixing bugs faster than human attackers can exploit them.

Long-term, once capabilities proliferate and the security landscape reaches equilibrium, AI will benefit defenders more than attackers. Defenders can run automated security scanning 24/7. Attackers need to find just one gap. The advantage shifts to defense when offense becomes commodity. Medium

The pessimistic view is that we are in a dangerous transition period — a window during which similar capabilities will proliferate to actors who are not committed to responsible deployment, and the window between vulnerability discovery and exploitation will collapse from months to minutes.

"The window between a vulnerability being discovered and being exploited by an adversary has collapsed — what once took months now happens in minutes with AI. Claude Mythos Preview demonstrates what is now possible for defenders at scale, and adversaries will inevitably look to exploit the same capabilities. That is not a reason to slow down; it's a reason to move together, faster." Anthropic

The race has begun. The only question is who crosses the finish line first: the defenders armed with Mythos, or the adversaries building the next one.

Menu

🚨 Claude Mythos Preview: The AI That Just Changed Cybersecurity Forever - Industry is shaking 🤖