Anthropic withholds internal “Claude Mythos” model from public release, citing safety review

Anthropic said on April 7 it would not make Claude Mythos Preview generally available, keeping the model inside a restricted cybersecurity program instead. (anthropic.com) The company described Mythos as a general-purpose language model with unusually strong computer security skills, then launched Project Glasswing to give selected partners access for defensive work. (anthropic.com) (nbcnews.com) Anthropic said Mythos was able to identify and exploit zero-day vulnerabilities in every major operating system and every major web browser during testing. It said more than 99% of the flaws it found were still unpatched, so it withheld technical details. (anthropic.com) A zero-day is a software flaw the vendor does not yet know about or has not fixed. Anthropic said Mythos also turned known but not yet widely patched bugs into working exploits and found a now-patched 27-year-old OpenBSD bug. (anthropic.com) In its system card, Anthropic said Mythos showed a large enough jump in capability that it chose not to release the model to the public. The company said the findings would help decide how future Claude models are launched and safeguarded. (anthropic.com) NBC News reported that Anthropic was instead giving access to more than 50 organizations including Microsoft, Nvidia and Cisco, backed by more than $100 million in usage credits. Anthropic said those partners would use Mythos to find and fix weaknesses in widely used systems. (nbcnews.com) The model did not arrive quietly. NBC News reported that Fortune spotted references to Mythos in an unsecured Anthropic database at the end of March, before the formal April 7 announcement. (nbcnews.com) (securityweek.com) The access controls around Mythos also came under pressure after Bloomberg reported on April 21 that a small group of unauthorized users had accessed the model. Reuters separately summarized the report and said the access happened the same day Anthropic announced the limited release plan. (bloomberg.com) (reuters.com) That sequence turned Mythos into a concrete test of a problem AI labs have been debating for months: whether a model that helps defenders patch software can also help attackers break it faster. Anthropic’s answer, for now, is to keep Mythos behind a narrower gate. (anthropic.com 1) (anthropic.com 2)