Anthropic announced at the HumanX AI conference that it will withhold its Claude Mythos model from public release due to the system’s unprecedented ability to generate functional software exploits. The decision, detailed by Anthropic’s Mike Krieger, restricts access to a select group of 40 critical technology and finance organizations to prevent potential misuse of the model’s advanced hacking capabilities. According to reports from The Guardian, the model has demonstrated an ability to identify and exploit software vulnerabilities at a scale that exceeds previous industry benchmarks.
This shift marks a pivotal change in AI deployment strategies, as Claude Mythos demonstrates “superhuman” speed in identifying vulnerabilities that previously evaded human detection for decades. The model has already uncovered thousands of security flaws across every major operating system and web browser, highlighting a level of autonomous exploit generation that could potentially disrupt global digital infrastructure if released without guardrails. By pivoting to a restricted, defensive-first model, Anthropic is prioritizing the mitigation of systemic risks over the standard industry practice of rapid public scaling.
Technical Performance Benchmarks in Exploit Generation
In rigorous research evaluations, Claude Mythos successfully generated 181 working exploits, a figure that represents a massive leap in capability. This performance stands in stark contrast to Anthropic’s previous flagship model, Opus 4.6, which achieved a near 0% success rate in similar exploit-generation testing environments. The ability to move from negligible success to nearly 200 functional exploits indicates a fundamental shift in how the model processes and applies code-based logic to security flaws.
The depth of these findings is evidenced by the model’s identification of a critical vulnerability that had remained hidden within legacy software for 27 years. According to The Guardian, this specific flaw had persisted through decades of manual audits and automated scanning tools until Mythos flagged it. Such results suggest that the model possesses a unique capacity for reasoning through complex, long-standing codebases that human researchers may overlook due to the sheer volume of legacy documentation.
The model’s reliability was further tested against modern video software that had already undergone extensive vetting. In this instance, Mythos detected a significant flaw in a program that had survived more than 5 million creator-led tests. This suggests that the model does not merely find “low-hanging fruit” but can identify sophisticated edge cases that traditional stress-testing methodologies fail to capture.
Speed remains the most disruptive element of the Mythos architecture. While expert human penetration testers often require weeks of dedicated analysis to develop a single viable exploit, Mythos can complete similar tasks in a matter of hours. As reported by 80,000 Hours, the model can process and analyze 303 pages of technical documentation or code in just 21 minutes, providing a depth of insight that would take a human researcher days to read, let alone synthesize into an actionable security report.
This “303 pages in 21 minutes” metric highlights the efficiency gap between biological and artificial intelligence in the realm of vulnerability research. For a security professional, reviewing hundreds of pages of documentation involves cross-referencing dependencies, checking for logic errors, and testing hypotheses. Mythos automates this entire pipeline, effectively compressing the timeline of vulnerability discovery and exploit development into a single afternoon session.
Project Glasswing and the Defensive Alliance Strategy
To manage the risks associated with these capabilities, Anthropic has launched Project Glasswing, a collaborative cybersecurity initiative designed to focus on defensive testing. This project serves as the primary gateway for the 40 selected firms to interact with the model’s findings. By creating a controlled environment for vulnerability disclosure, Anthropic aims to ensure that the model’s “superhuman” hacking skills are used to patch systems rather than compromise them.
Anthropic has committed $100 million in computing resources specifically to support Project Glasswing’s defensive mission. This investment is directed toward the infrastructure required to run Mythos for the benefit of its partners, allowing them to scan their own internal systems for the types of flaws the model is uniquely qualified to find. The scale of this financial commitment underscores the company’s belief that the model’s output is valuable enough to justify a massive, specialized operational budget.
The list of participants in Project Glasswing includes some of the world’s most significant technology and infrastructure providers. Major partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, Microsoft, Nvidia, and Palo Alto Networks. The Linux Foundation is also a key participant, reflecting the model’s demonstrated ability to find flaws in the open-source kernels that power much of the world’s cloud infrastructure.
The choice to adopt a collaborative defensive strategy stems from the realization that the model’s capabilities are too potent for a standard release. If Mythos were available via a public API, bad actors could theoretically use it to generate zero-day exploits at scale. By restricting access to these major infrastructure players, Anthropic ensures that the “first movers” using the model are the entities responsible for securing the digital landscape.
This alliance creates a closed loop for vulnerability management. When Mythos identifies a flaw in a Microsoft operating system or a Cisco networking protocol, the relevant partner is notified immediately through the Project Glasswing framework. This allows for the development and deployment of patches before the vulnerability is ever made public, effectively flipping the traditional script of the “arms race” between hackers and security researchers.
Global Regulatory and Financial Sector Reactions
The capabilities of Claude Mythos have drawn the attention of high-level government officials and financial leaders. Silicon Republic reports that Wall Street banks have already begun testing the model under strict supervision. This early adoption by the financial sector is driven by the potential for Mythos to identify systemic risks in the complex software stacks that manage global capital markets.
On April 10, a significant gathering of international stakeholders took place to discuss the cybersecurity risks raised by the model. Participants included top Canadian banks, the parent company of the Toronto Stock Exchange, and various state departments. This meeting highlights the level of concern among institutional leaders regarding the potential for an AI model to destabilize financial infrastructure through automated exploit generation.
The warnings from US officials have been equally pointed. US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell have both urged Wall Street leaders to take the threat and potential of Mythos “seriously.” This level of intervention from the Treasury and the Federal Reserve is rare for a single software release, signaling that the model’s performance in benchmarks has been interpreted as a matter of national economic security.
For financial institutions, the risk is twofold. While Mythos can help them secure their own systems, the existence of such a model implies that similar capabilities may eventually be developed by adversarial nations or criminal syndicates. The proactive engagement of the Federal Reserve suggests a desire to establish a regulatory precedent for how “dual-use” AI models—those with both significant beneficial and harmful potential—should be handled by the private sector.
This regulatory interest also extends to the speed of disclosure. In the financial world, a single unpatched vulnerability can lead to billions of dollars in losses. The ability of Mythos to find flaws in minutes creates a new urgency for the “defensive-first” model, as traditional regulatory reporting timelines may be too slow to keep pace with AI-driven exploit discovery.
Operational Impact on Security Research and Infrastructure
The restriction of Claude Mythos fundamentally changes the workflow for security researchers at the 40 partner firms. Instead of relying solely on manual code reviews, these teams now have access to an automated “red team” that can simulate sophisticated attacks. This allows researchers to focus their efforts on high-level architecture and remediation, while the AI handles the granular task of finding specific memory leaks or logic flaws.
For organizations like the Linux Foundation, the model’s ability to scan the kernel for unknown vulnerabilities is a transformative development. Open-source software often suffers from a lack of dedicated security funding compared to proprietary systems. Having an AI that can perform the work of hundreds of human auditors provides a massive boost to the security of the global open-source ecosystem, provided the findings are managed responsibly within the Glasswing framework.
The involvement of cloud providers like AWS, Google, and Microsoft suggests that Mythos will be used to harden the very foundations of the internet. If the model can find and help fix vulnerabilities in the virtualization layers and hypervisors used by cloud giants, the security benefits will trickle down to every business and individual that uses cloud-based services. This “top-down” security approach is a direct result of Anthropic’s decision to limit access to the largest infrastructure owners.
However, this restricted access model also creates a new form of “security inequality.” Smaller firms and independent researchers do not have access to the model’s findings until the partners choose to release patches or disclosures. This centralizes the power of vulnerability discovery in the hands of a few large corporations and Anthropic itself, a shift that may face scrutiny from the broader cybersecurity community which often relies on decentralized, open disclosure.
Ultimately, the performance of Claude Mythos serves as a proof of concept for a new era of “autonomous security.” The transition from human-led testing to AI-augmented defense is no longer a theoretical possibility but a current operational reality for the world’s most critical organizations. The success of Project Glasswing will likely determine whether this restricted, collaborative model becomes the standard for all future AI systems with significant cybersecurity capabilities.
