Claude Mythos

Claude Mythos is a large language model developed by Anthropic. It made the headlines because of its strong ability to find software vulnerabilities; according to Anthropic, it is a result of its strong agentic coding and reasoning skills that the company optimised for. It is used by a consortium of companies to secure software systems. Anthropic has not released the model to the public, citing safety and misuse concerns.^[1] Reactions to Claude Mythos were immediate and mixed.^[2]

DeveloperAnthropic

Initial releaseApril 2026; 2 months ago

Type

LicenseProprietary

Quick facts Developer, Initial release ...

Claude Mythos

Developer	Anthropic
Initial release	April 2026; 2 months ago (2026-04)
Type	Large language model Generative pre-trained transformer
License	Proprietary

Close

History

Leak (March 26, 2026 – April 7, 2026)

The existence of a model named Claude Mythos had become publicly known on March 26, 2026 due to leaked blog post drafts.^[3] Anthropic later acknowledged the development of Mythos to Fortune, and said that the model presented significant risks to cybersecurity.^[4] According to Axios, Anthropic had issued a warning about Mythos's capabilities to government officials that month.^[5]

Launch (April 7, 2026 – present)

Anthropic publicly disclosed Mythos on April 7.^[6] The company stated that it had no plan to release Mythos to the public.^[7] It instead launched Project Glasswing, with a consortium of companies using Mythos to find and fix software vulnerabilities. Over forty companies were granted access, including Microsoft, Apple, Google, Amazon Web Services, the Linux Foundation, Cisco, Nvidia, and Broadcom.^[8] That day, several unauthorized users gained access to Mythos, according to Bloomberg News.^[9]

Reportedly, a few users in a private Discord channel gained access to Mythos the same day it was announced, using details from the recent Mercor data breach.^[10] The NSA has also used Mythos, despite the fact that the DoD, its parent organization, had blacklisted Anthropic after a dispute.^[11] In April 2026, the Chinese government requested access to Mythos, but was rebuffed.^[12]

On June 2, Anthropic expanded access to its Claude Mythos cyber-security model, making it available to 150 organizations in more than 15 countries.^[13]

On June 4, 2026, Several India-based organizations across the cybersecurity, telecom, banking and financial services sectors have secured early access to Claude Mythos.^[14]

Specifications and capabilities

Claude Mythos Preview is a large language model designed to fix vulnerabilities within software.^[15]^[16] The UK AI Security Institute tested Claude Mythos with a cyber range. Claude Mythos ranked highest, with Claude Opus 4.6 coming in second, followed by a tie between GPT-5.4 and GPT-5.3 Codex.^[17]

Vulnerabilities found

Anthropic stated that Mythos had found vulnerabilities in "every major operating system and every major web browser" in its testing.^[18] Two weeks after the limited release, Mozilla announced that it had found and patched 271 security vulnerabilities in Firefox using Mythos Preview.^[19]^[20] On May 14, 2026, employees at Calif.io announced they had used Mythos to create a memory corruption exploit affecting Apple M5.^[21]

Responses

Media response

Thomas Fraise, writing for The Conversation, argued that Mythos could ruin nuclear deterrence.^[22] Brett J. Goldstein, writing for The New York Times, argued that the model puts individuals and smaller teams at a "cybersecurity disadvantage".^[23]

Some Chinese media outlets viewed Mythos positively, defending Anthropic's decisions.^[24]

Financial response

Hours after Anthropic publicly revealed Mythos, U.S. secretary of the treasury Scott Bessent and Federal Reserve chair Jerome Powell convened financial executives to issue a warning on Mythos's capabilities.^[25] Several banks began testing Mythos at their behest, including JPMorgan Chase, Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley.^[26] The Bank of Canada summoned major lenders to a similar meeting the following day.^[27] Mythos was scheduled to be discussed by the Bank of England's Cross Market Operational Resilience Group and CMORG AI Taskforce meetings.^[28]

European Central Bank president Christine Lagarde praised Anthropic for limiting access to Mythos.^[29] In response to European banks that were not given access to Mythos, Mistral AI began developing its own model.^[30]

Governmental responses

On April 14 2026, Bloomberg reported that the United States Department of the Treasury was seeking access to Claude Mythos.^[31] On April 16, the White House and Anthropic held a meeting about Mythos.^[32] On May 13, a bipartisan group of 32 US Representatives wrote to the Office of the National Cyber Director (ONCD) on revisiting the U.S.'s federal cybersecurity policy.^[33]^[34]

On April 23, Nirmala Sitharaman, chair of India's Ministry of Finance held a meeting of banks and government officials to discuss potential new cybersecurity threats following the release of Mythos.^[35]

At a joint public-private meeting hosted by Japan's Financial Services Agency on April 24, participants agreed to form a work-group to counter potential threats caused by Mythos.^[36]

After an April meeting with officials from Anthropic, Evan Solomon, the Canadian minister of artificial intelligence and digital innovation, praised Anthropic for limiting access to Mythos.^[37]

Several meetings with banks were held by the Australian Prudential Regulation Authority in response to Mythos.^[38]

In April 2026, Anthropic declined to give access to Claude Mythos to the Chinese government after a request from a Chinese think tank.^[39]

History

Leak (March 26, 2026 – April 7, 2026)

Launch (April 7, 2026 – present)

Specifications and capabilities

Vulnerabilities found

Responses

Media response

Financial response

Governmental responses

References

External links

Related Articles

Related Articles

"What is Claude Mythos and what risks does it pose?"

"Anthropic's Mythos Model Is Being Accessed by Unauthorized Users"

"Anthropic Limits Mythos Model Release in Bid to Stave Off Hacks"

"Anthropic's Mythos is already finding security flaws in Apple software"

"Anthropic Model Scare Sparks Urgent Bessent, Powell Warning to Bank CEOs"

"Wall Street Banks Try Out Anthropic's Mythos as US Urges"

"Bank of Canada, Major Lenders Met on Anthropic AI Cyber Risk"

"Bank of England Set to Discuss Anthropic's Mythos With Banks"

"Lagarde, Worried About AI, Lauds Anthropic's Approach on Mythos"

"Mistral Developing New AI Model for Banks Lacking Mythos Access"

"US Treasury Seeking Access to Anthropic's Mythos to Find Flaws"

"White House and Anthropic hold 'productive' meeting amid fears over Mythos model"

"If AI Can Hack Faster Than Humans, What Happens Next?"

"Japan rushing to counter threat of cyberattack from Mythos AI model"

"Anthropic Wins Accolades From Canada's AI Minister Over Mythos Approach"