Anthropic's Mythos raises red flags

Anthropic did not put its newest model on the public internet. On April 7, 2026, it gave Claude Mythos Preview only to a small, vetted group through a program called Project Glasswing after saying the model was unusually strong at finding serious software flaws. (anthropic.com) That is a strange move for an artificial intelligence company, because these firms usually widen access fast. Anthropic’s own system card says Mythos showed such a large jump over Claude Opus 4.6 that the company decided not to make it generally available. (anthropic.com) The core issue is simple: modern software is full of hidden mistakes, and a “zero-day” is one nobody has found yet. A model that can spot those bugs quickly is like a metal detector that suddenly starts finding live mines under roads people use every day. (red.anthropic.com) Anthropic says Mythos has already found thousands of high-severity vulnerabilities in every major operating system and web browser. The company says some of those bugs had survived years or decades of human review and automated testing. (anthropic.com) That is why the first users were not random developers. Anthropic named Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks as launch partners for Project Glasswing. (anthropic.com) The idea is to let defenders patch holes before attackers get tools this capable. Anthropic says it is committing up to $100 million in usage credits and $4 million in direct donations to open-source security groups as part of that effort. (anthropic.com) The alarm spread beyond Silicon Valley within days. CNBC reported on April 10, 2026 that Federal Reserve Chair Jerome Powell and Treasury Secretary Scott Bessent met major bank chief executives in Washington to discuss the cyber risks raised by Mythos. (cnbc.com) Those were not minor attendees. CNBC said Bank of America’s Brian Moynihan, Citigroup’s Jane Fraser, Goldman Sachs’ David Solomon, Morgan Stanley’s Ted Pick, and Wells Fargo’s Charlie Scharf were there, while JPMorganChase was already a launch partner in Glasswing. (cnbc.com) Axios framed the problem even more bluntly on April 10, 2026: the people securing water, electricity, health care, and finance are now “on the clock” because model makers themselves are holding back releases out of fear the systems could be used to autonomously hack critical infrastructure. (axios.com) Anthropic had already built the policy language for a moment like this. Its Responsible Scaling Policy update on April 2, 2026 says the company can pause development or deployment even when its formal thresholds do not require it, which is exactly the kind of discretionary brake Mythos appears to have triggered. (anthropic.com) So this story is not just about one model with a dramatic name. It is an early example of what frontier artificial intelligence may look like when the most valuable capability is not writing text or code, but deciding who is allowed to touch a machine that can find the weak points in the digital systems everyone else depends on. (anthropic.com)