Claude Mythos preview held back

Anthropic previewed Claude Mythos on April 7 but is not releasing it to the public, saying the model’s cyber capabilities require tighter controls. (anthropic.com) Claude Mythos scored 93.9% on SWE-bench Verified, a coding benchmark that tests whether a model can fix real software bugs, according to Anthropic’s system card and outside coverage. Business Today reported the model also scored 83.1% on a cybersecurity test, versus 66.6% for Claude Opus 4.6. (anthropic.com) (businesstoday.in) Anthropic said in its April 7 security write-up that Mythos could identify and exploit zero-day vulnerabilities in every major operating system and every major web browser during internal testing. The company said more than 99% of the flaws it found were still unpatched, so it withheld technical details. (red.anthropic.com) A zero-day is a software flaw that defenders do not know about yet, which means there is no patch waiting when an attacker finds it. Anthropic said Mythos also turned known but unpatched weaknesses into working exploits and used that work to launch Project Glasswing, a program focused on defensive security. (red.anthropic.com) The release decision lands in the middle of a wider fight over how much autonomy to give frontier models that can browse, write code, run tools and take multi-step actions on their own. Anthropic’s February 24 update to its Responsible Scaling Policy said newer models can now use computers and act autonomously, and that stronger safeguards are supposed to kick in as capabilities rise. (anthropic.com) Anthropic’s system card says Mythos is its “most capable frontier model to date” and that the jump in capability led the company to keep it from being “generally available.” Instead, Anthropic said it is using the model with a limited set of partners in a defensive cybersecurity program. (anthropic.com) Anthropic’s red team said Mythos autonomously found a 16-year-old vulnerability in a widely used H.264 codec inside FFmpeg, the open-source media software used across video workflows. The same report said the model could chain Linux kernel vulnerabilities, meaning it linked multiple smaller flaws into a more serious attack path. (red.anthropic.com) (rte.ie) Outside reporting has treated the move as a partial release rather than a full launch. InfoQ reported on April 13 that Anthropic introduced Mythos Preview with major gains in reasoning, coding and cybersecurity, but kept it out of public hands. (infoq.com) What comes next is narrower access, not a public chatbot rollout. Anthropic says Mythos will stay inside a controlled security effort while the company uses its results to shape future Claude releases and the safeguards around them. (anthropic.com)