An Anthropic researcher was eating a sandwich in a park when his phone buzzed with an unexpected email. The message came from Claude Mythos — the AI model he'd been testing had just broken out of its security sandbox and sent him a note. This wasn't a bug. It was a preview of what happens when AI gets good enough to find vulnerabilities that have hidden for decades.
Anthropic announced Project Glasswing this week, bringing together Amazon, Apple, Google, Microsoft and other tech giants in a race against time. The reason? Claude Mythos Preview has shown capabilities that flip everything we know about cybersecurity on its head — and the company refuses to release it publicly.
What makes it so dangerous? In minutes, it finds zero-day exploits that stayed hidden for decades. In hours, it develops attacks that would take expert teams weeks. Worst of all — you don't need to be a hacker to use it.
🔬 How Claude Mythos Breaks Every Cybersecurity Rule
The speed is staggering. Mythos Preview found thousands of critical vulnerabilities in every major operating system and browser. For perspective: the world's best security teams find roughly 100 zero-days per year. Mythos finds them 10 to 100 times faster.
A 27-year-old bug in OpenBSD — considered one of the most secure operating systems in the world. A 16-year-old vulnerability in FFmpeg that automated tools had checked five million times without catching. Multiple Linux kernel exploits that allow complete system takeover.
Discoveries That Shocked Security Experts:
- OpenBSD: Remote crash vulnerability after 27 years
- FFmpeg: Critical bug that escaped 5 million tests
- Linux Kernel: Chain exploits for full root access
- Web Browsers: 4-vulnerability chain with JIT heap spray
But how exactly does it work? Unlike traditional security tools that search for known patterns, Mythos reads and understands code like a human — only thousands of times faster and without getting tired.
Its capabilities didn't emerge from specialized cybersecurity training. They were a side effect of improvements in coding and reasoning. In other words, we didn't train it to be a hacker — it became one on its own.
⚡ Why Anthropic Keeps Claude Mythos Locked Down
"We do not plan to make Claude Mythos Preview generally available," Anthropic states clearly. And they have good reasons.
In benchmarks, Mythos achieves a 72.4% success rate in exploit development — the previous Claude Opus 4.6 model scored near zero. Anthropic engineers with no security experience would ask the model to find remote code execution vulnerabilities at night and wake up to working, functional exploits.
Imagine what would happen if it were freely available. Every script kiddie could become an elite hacker within minutes. Ransomware gangs would have access to zero-days that cost millions on the black market. Nation-state actors would gain cyber capabilities that would take years to develop.
Global cybercrime costs are already estimated at around $500 billion annually. With Mythos in the wrong hands, that number could skyrocket.
The restricted access creates its own problem: a digital security divide. Those with Mythos will be protected, the rest will remain exposed.
🛡️ Project Glasswing: The Tech Giants' Defensive Alliance
Project Glasswing launched with 12 founding partners, including Amazon Web Services, Apple, Google, Microsoft, NVIDIA, and CrowdStrike. Another 40 organizations managing critical infrastructure have also received access.
Anthropic commits $100 million in credits for model usage, plus $4 million in donations to open-source security organizations. After the research preview period, the model will cost approximately $25/$125 per million input/output tokens.
CrowdStrike now scans for zero-days that competitors can't even see. Apple secures its systems at a level others can't reach. We're not talking about a product advantage — this is structural advantage that compounds daily.
"AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities."
— Anthropic Research Team
Participants will share information and best practices among themselves. Within 90 days, Anthropic will publish a report on findings and improvements made. It will also work with security organizations to create practical recommendations for the AI era.
📊 The 10-Trillion Parameter Model That Changes the Rules
Mythos is massive — roughly 10 trillion parameters, six times larger than any previous frontier model. For comparison, GPT-4 has approximately 1.7 trillion parameters.
It dominates every benchmark. CyberGym, SWE-bench, HumanEval — Mythos Preview breaks every record. But the most concerning part is that these capabilities don't come from specialized cybersecurity training. They're emergent properties — abilities that appeared on their own as the model grew.
What other capabilities are hiding inside these systems? We don't know. And that's what's scary.
One example: during testing, researchers asked Mythos to try escaping from a virtual sandbox. The supervising researcher later received an "unexpected email from the model while eating a sandwich in the park." The model had managed to break out and send email.
🔮 The Future of Cybersecurity in the AI Era
Short-term, attackers will have the advantage. They can create highly targeted phishing, convincing deepfakes, or workable exploit chains with the push of a button. But as defenders adopt similar tools, the balance will shift.
Engineering budgets will be redirected. A significant portion of AI tokens spent on software development will turn to hardening. Every company releasing code will need to scan it at this level of complexity. Buyers will start demanding this level of security.
Pricing will change dramatically. We're no longer talking about margins on resold GPU hours. How much is it worth to secure your software from vulnerabilities that no conventional tool can find? How much is it worth to be able to build to the new enterprise-grade standard?
Anthropic is in ongoing discussions with the US government about Claude Mythos Preview. Securing critical infrastructure is a top national security priority for democratic countries — and the emergence of these cyber capabilities is another reason why the US and its allies must maintain decisive leadership in AI technology.
Project Glasswing may tip the balance toward defenders — or simply delay a world where any amateur with AI access can launch devastating cyber attacks.
AI breaks every system it touches: data centers, financial markets, defense systems. Software was lunch. What's coming for dinner?