Anthropic Withholds Mythos

Anthropic is keeping Claude Mythos Preview out of general release and limiting it to vetted security partners after internal safety testing. (anthropic.com) Anthropic published the decision in a system card dated April 7, 2026, calling Mythos Preview its “most capable frontier model to date” and saying the model’s capability jump led it not to make the system generally available. (anthropic.com) Instead, the company routed the model into Project Glasswing, a defensive cybersecurity program announced the same day with launch partners including Amazon Web Services, Apple, Cisco, Google, JPMorganChase, Microsoft, NVIDIA, Palo Alto Networks, and the Linux Foundation. (anthropic.com) Large language models predict the next token in a sequence, but the same pattern-matching that helps them write code can also help them inspect software for flaws. Anthropic said Mythos Preview stood out at “computer security tasks,” including finding and exploiting bugs in real systems. (red.anthropic.com) Anthropic said Mythos Preview identified and exploited zero-day vulnerabilities in every major operating system and every major web browser during testing. The company also said many of the bugs were old, including a now-patched 27-year-old flaw in OpenBSD. (red.anthropic.com) The company said more than 99% of the vulnerabilities it found were still unpatched, which is why it withheld technical details and used coordinated disclosure instead of a public release. Anthropic said broad deployment before stronger safeguards would be irresponsible. (red.anthropic.com) That release decision sits inside Anthropic’s Responsible Scaling Policy, a framework the company updated to version 3.0 on February 24, 2026 and to version 3.1 on April 2, 2026. Anthropic says the policy is designed to manage catastrophic risks from increasingly capable models before deployment. (anthropic.com) Anthropic’s system card says Mythos Preview was evaluated under both that policy and the company’s Frontier Compliance Framework, which Anthropic published in connection with California’s Transparency in Frontier AI Act. That law took effect on January 1, 2026 and requires frontier AI developers to document how they assess and manage catastrophic risks. (anthropic.com 1) (anthropic.com 2) Project Glasswing is the practical compromise: limited access for defenders, not a public model rollout. Anthropic said it extended access to more than 40 additional organizations that build or maintain critical software infrastructure and committed up to $100 million in usage credits plus $4 million in donations to open-source security groups. (anthropic.com) The public story around Mythos has been amplified by social posts and commentary videos, but the core facts come from Anthropic’s own April 2026 disclosures. For now, the company’s position is simple: Mythos is useful enough for security work and risky enough to keep behind a narrow gate. (x.com) (youtube.com) (anthropic.com)