Claude Mythos: Why Anthropic Is Not Releasing Its Most Powerful Model

On April 7th, Anthropic did something unusual in the recent history of artificial intelligence: it announced it would not publish its most advanced model until further notice. It's called Claude Mythos Preview, it finds vulnerabilities in software that had been hidden for up to 27 years, and it can build complex exploits without human supervision. Much of the press covered it with headlines about "terror" and "a new era of cyber threats."

We believe it is important news, yes, but not frightening. It is, above all, logical. And it contains two very useful lessons for any company that's still wondering whether to integrate AI into its processes or wait and see.

A Fish Swimming in the Ocean

AI is not an intruder in the software world. It is a fish in its ocean.

Let's put it in a simple image. Computing is the environment where artificial intelligence is born and lives.

Models like Claude are not tourists in this world: they are fish in their ocean. They grew up reading billions of lines of code, technical documentation, security incidents and forensic analysis. They reason about software the way a fish swims: naturally.

Humans have spent decades finding vulnerabilities in computer systems with great effort and notable results. We are creative and ambitious, but we have biological limits: we don't process millions of tokens per second, we don't remember every published CVE, we can't read the OpenBSD codebase from start to finish in a single session.

When an artificial intelligence that can do all of this encounters code, the result is predictable: it will find flaws. Many of them. Some that had gone undiscovered for decades, not because nobody looked, but because they were beyond what any human can cover in a professional lifetime.

That this happens is not an anomaly or an apocalyptic omen. It's what happens when a fish crosses the ocean: it's not a feat, it's its element.

What Claude Mythos Actually Is

Beyond the name, what Anthropic has done is measure the model's capabilities on real cybersecurity tasks and publish the results. The data is concrete and worth looking at without drama:

• On the CyberGym cybersecurity benchmark, Mythos Preview scored 83.1%, compared to 66.6% for Claude Opus 4.6, the current public model. A jump of nearly 17 points in just a few months.
• In autonomous exploit development tests for Firefox, Mythos achieved 181 successful exploits out of 191 attempts. Opus 4.6, the model available to everyone, barely reached 2 hits across several hundred attempts.
• The model found a vulnerability in OpenBSD related to TCP sequence number handling that had gone undiscovered for 27 years, and another in FFmpeg's H.264 codec that was 16 years old.
• It autonomously built a remote code execution exploit for FreeBSD (CVE-2026-4747) involving a 20-gadget ROP chain spread across multiple network packets.

Anthropic's technical team explains that these capabilities "emerged as side effects of general improvements in code reasoning." They didn't train the model to hack. They improved its general understanding of code, and the ability to find flaws arrived on its own.

More than 99% of the vulnerabilities discovered by Mythos remain unpatched today. Anthropic uses SHA-3 cryptographic commitments to prove it found them without revealing details, respecting the standard responsible disclosure process with manufacturers (up to 135 days).

A Company Acting with Common Sense

Project Glasswing: 12 founding companies, over 40 organizations, one common goal — defend before the attackers arrive.

Faced with those capabilities, Anthropic has made a decision that seems simply sensible to us: don't publish the model publicly until adequate safeguards exist, and instead give restricted access to a specific group of organizations that can use it to defend their systems. That group, called Project Glasswing, includes 12 founding companies:

Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks, and Anthropic itself. More than 40 additional organizations maintaining critical software have also received access.

It's the first time in a long while that cloud hyperscalers, systemic banks, hardware manufacturers, Linux kernel custodians, and cybersecurity firms have aligned on the same technical initiative. They normally compete with each other. The fact that all of them accepted without hesitation suggests their security teams recognize the risk is real and prefer to get ahead of the attackers who will inevitably come.

Anthropic is committing $100 million in model usage credits for participants, plus $4 million in donations to the Apache Software Foundation and the open-source security projects Alpha-Omega and OpenSSF. Participants, in turn, commit to publishing reports every 90 days on the findings and improvements they achieve.

This isn't alarmism. It's industrial responsibility. A company with a potentially dangerous product and a coalition to use it defensively before it gets replicated. It's precisely what we'd expect from any responsible manufacturer in any other sector — pharmaceuticals, aerospace, energy — when it discovers something with dual-use potential.

The Part Almost Nobody Is Talking About

Many companies are still doing manually what AI can already do today. It's not a technology problem: it's a cultural one.

This is where the article stops talking about Mythos and starts talking about your company.

If Claude Mythos is so good at finding vulnerabilities, it's because its code reasoning capabilities have made a significant leap. But that leap isn't exclusive to Mythos. It's the same trend that has improved Claude Sonnet 4.6 and Claude Opus 4.6, the public models you can use right now with any enterprise subscription. It's the same trend that has improved GPT and Gemini.

And here is the paradox that almost nobody is pointing out: while headlines are alarmed by what a restricted model can do in cybersecurity, the majority of companies are still not using the tiny fraction of those capabilities that are available to them today for tasks infinitely simpler than finding a bug in OpenBSD.

Many companies are still:

• Manually drafting commercial documentation that is 80% standard
• Reading 100-page reports to extract five conclusions
• Consolidating data from Excel to Excel by hand
• Searching for clauses in contracts one by one
• Responding to repetitive emails that a properly configured assistant would resolve in seconds
• Preparing minutes, proposals, tenders and presentations without the support of an AI system that knows their context

If a model can find a 27-year-old vulnerability in OpenBSD, what excuse does a company have for not asking it to draft a first version of a commercial proposal, analyze a tender document, or summarize a two-hour meeting?

The answer, in our experience, is not technical. It's cultural. It's inertia. It's fear. It's the difficulty teams have imagining that a different tool demands a different way of working. It's the distance between what technology can already do and what we're actually adopting day to day.

What This Means for a Spanish Company in 2026

The next phase of the European AI Regulation (EU AI Act) enters full application on August 2, 2026, less than four months from this article. For systems classified as high-risk, automated audits, specific cybersecurity requirements, continuous risk management, and formal technical documentation are required.

The world's largest companies are coming together now to prepare. Project Glasswing is not an academic exercise: it is the explicit recognition that cybersecurity in the AI era requires using AI. And the 12 founding companies are absolutely clear about something that mid-sized companies are still debating internally: there is no alternative to integrating AI seriously, with governance, into the operational base of the business.

This isn't panic-urgency. It's calm urgency. The competitive advantage of the coming years will not go to companies that wait for "AI to mature." It will go to those that already have their processes designed to take advantage of it when the new waves of capabilities arrive — and they will arrive every few months, just as Mythos has arrived a few months after Opus 4.6.

What's Clear

Claude Mythos is not a threat, it's a signal. Anthropic has demonstrated that a company can discover powerful capabilities and act responsibly rather than deploying them for media impact. Project Glasswing demonstrates that defense requires coordination, and that coordination is possible when the threat is recognized by those who know.

And behind all the news is a far more pragmatic message for the rest of us: the capabilities that today allow a model to find impossible bugs also allow it to automate much of the repetitive work in an average company. Not tomorrow. Not next year. Today. With public models. With accessible tools.

The question stops being "Is AI safe?" and becomes "Am I using what's already available, or am I waiting to be overtaken?". At Tecnea, we've spent years helping Spanish companies answer that question with real integration projects, with the calm determination to change the processes that need it and the judgment to know which ones don't.

Frequently Asked Questions

What exactly is Claude Mythos Preview? It's a frontier model developed by Anthropic that has demonstrated unprecedented capabilities for finding and exploiting software vulnerabilities. Anthropic has decided not to publish it publicly as a precaution and is instead giving restricted access to a group of organizations that will use it to defend critical infrastructure.

Is it dangerous that Claude Mythos exists? The capabilities it shows are part of the natural evolution of AI models: the better they reason about code, the better they find flaws in that code. It's not a weapon built on purpose — it's a side effect of general progress. Anthropic has chosen to restrict its use precisely to prevent it from falling into hands that wouldn't use it responsibly.

What is Project Glasswing and who participates? It's a coalition led by Anthropic with 12 founding companies (AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks and Anthropic) and over 40 additional organizations maintaining critical software. Its goal is to identify and fix vulnerabilities in the world's digital infrastructure using Claude Mythos as a defensive tool.

How does this affect a Spanish company in 2026? The full application of the European AI Regulation begins August 2, 2026, with specific audit and cybersecurity requirements for systems classified as high-risk. Beyond regulatory compliance, the Mythos case shows that the capabilities of public models (Claude, GPT, Gemini) are already sufficient to transform many repetitive business tasks. The question for each company is not whether it should integrate AI, but with what strategy and what urgency.

Sources

1. Anthropic — Project Glasswing: Securing critical software for the AI era
2. Anthropic Red Team — Assessing Claude Mythos Preview's cybersecurity capabilities
3. Fortune — Anthropic says testing Mythos powerful new AI model after data leak reveals its existence
4. Simon Willison — Anthropic's Project Glasswing
5. CrowdStrike — CrowdStrike founding member of Anthropic Mythos frontier model
6. CNBC — Anthropic limits Mythos AI rollout over fears hackers could use model for cyberattacks
7. The Hacker News — Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems