Anthropic investigates Mythos access

Anthropic said this week it is investigating a report that a small group got unauthorized access to Claude Mythos Preview through a third-party vendor environment. (bbc.com) Mythos is Anthropic’s newest frontier model, announced on April 7, 2026, and the company said in its system card that it would not make the model generally available. Anthropic instead limited it to a defensive cybersecurity program with selected partners. (anthropic.com) Anthropic told reporters it had found no evidence that its own systems were affected by the reported access. TechCrunch reported the group may have reached Mythos by using a contractor-linked vendor environment rather than a direct Anthropic customer account. (techcrunch.com) The model was built for software defense work: Anthropic says launch partners are using it to find and fix vulnerabilities in critical code and infrastructure. Project Glasswing’s named partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, Nvidia and Palo Alto Networks. (anthropic.com) Anthropic said it also extended access to more than 40 additional organizations that build or maintain critical software infrastructure, and committed up to $100 million in usage credits and $4 million in donations to open-source security groups. That limited rollout was the company’s answer to its own finding that Mythos had crossed a capability threshold that required tighter controls. (anthropic.com, anthropic.com) In plain terms, Mythos is a language model that can read code, reason through systems and help spot flaws that humans might miss. Anthropic’s public materials say those same skills can also be turned toward offensive hacking if the model is widely released. (anthropic.com, cnbc.com) Bloomberg’s report, cited by TechCrunch and other outlets, said the group gained access on the same day Mythos was publicly announced and showed screenshots and a live demonstration as proof. TechCrunch said the people involved were part of a Discord community focused on unreleased AI models. (techcrunch.com) Anthropic’s system card says the model showed a large jump in capability over Claude Opus 4.6, especially on cybersecurity evaluations, and that increase drove the decision to keep Mythos out of general release. The company said the findings from this preview program will help determine how future Claude models are released and safeguarded. (anthropic.com) The immediate question is no longer only what Mythos can do, but whether the controls around it worked as designed. Anthropic has said the investigation is ongoing and, so far, has not tied the reported access to a compromise of its internal infrastructure. (bbc.com, techcrunch.com)