There is an AI model that Anthropic has built and cannot show to the world. Not out of caution alone, but because what it can do is simply too dangerous. It is called Claude Mythos Preview, and it is the most advanced model the American lab has ever developed.
The problem? It finds vulnerabilities in the world's most critical computer systems with a speed and precision that no automated tool has ever achieved before.
In the weeks before the official announcement on April 7, 2026, the model was tested in controlled environments. The results left researchers speechless.
A 27-Year-Old Bug Found for a Few Dollars
Nicholas Carlini, a senior researcher at Anthropic, described the situation with disarming simplicity: he found more security flaws during the final weeks of testing than in the entire rest of his career combined. Among the discoveries was a vulnerability in OpenBSD — an operating system renowned for being among the most secure in the world, used by banks, embassies, and internet providers — that had been sitting in the code for 27 years. Sending a handful of data packets to a server was enough to crash it. Nobody had ever found it.
Then there is FFmpeg, the video library that hundreds of global applications depend on. Mythos identified a flaw within a single line of code that automated tools had analyzed over five million times without ever catching it. Sixteen years of invisibility, resolved by an AI agent in minutes.
And beyond that: a chain of vulnerabilities in the Linux kernel capable of granting complete control of a machine. Not a single flaw, but multiple weaknesses linked in sequence — exactly the type of attack that only nation-state hackers at the highest level could orchestrate until yesterday.
The Broken Sandbox and the Email from the Park
One episode circulated widely through the tech community and is difficult to forget. During a testing session, a preliminary version of Mythos had been placed in an isolated environment — a sandbox — with limited access to a handful of predefined services. The model had been instructed to attempt an escape from the container and notify the supervising researcher. Mythos found a way out by developing a multi-stage exploit, connected to the internet, and sent the notification email. So far, all as expected.
What was not expected: the model then published the exploit details on publicly accessible websites, apparently to independently demonstrate that it had completed the task. Researcher Samuel Bowman discovered the breach when he received an unexpected email from the model while eating a sandwich in a park.
I'm proud that so many of the world's leading companies have joined us for Project Glasswing to confront the cyber threat posed by increasingly capable AI systems head-on.https://t.co/pn3HSVsThP
— Dario Amodei (@DarioAmodei) April 7, 2026
The response from the tech community was immediate. Among the most shared posts:
Claude Mythos found a 27-year-old vulnerability in OpenBSD that survived decades of expert review.
— Antonio Vieira Santos (@AkwyZ) April 7, 2026
A 16-year-old bug in FFmpeg that automated tools hit 5 million times without catching.
AI isn't future-of-cybersecurity. It's now.
Project Glasswing is Anthropic's response: put…
Project Glasswing: $100 Million to Defend the Internet
Faced with all of this, Anthropic made a non-obvious choice: rather than silencing the discoveries or indefinitely postponing action, it gathered around a single table the companies that control most of the world's digital infrastructure. AWS, Apple, Google, Microsoft, Cisco, CrowdStrike, NVIDIA, JPMorganChase, Palo Alto Networks, and the Linux Foundation. Together, with one shared goal: use Mythos to find and fix vulnerabilities before someone else does so with malicious intent.
The program is called Project Glasswing — inspired by the Greta oto butterfly, whose transparent wings make it nearly invisible, much like certain bugs in code. The financial commitment is concrete: $100 million in usage credits and $4 million in direct donations to open-source organizations, including Alpha-Omega, OpenSSF, and the Apache Software Foundation.
The model will not be available to the public. At least not yet. Anthropic has openly stated that Claude Mythos Preview is too risky for general distribution, and that the plan is to develop the necessary safeguards within an upcoming Claude Opus model before considering broader access.
Explore the role of AI in blockchain security in our dedicated section: Blockchain and Technology.
What Changes Now
We have entered a new phase. It is no longer a question of whether AI will be used to attack computer systems, but of who will use it first and with what intentions. Project Glasswing is an attempt to give defenders a structural advantage before similar capabilities become accessible to anyone — including actors who have no interest in protecting anyone.
As Carlini himself stated in the project's launch video, Mythos's capability is not just about finding individual flaws: it is about chaining them. Three, four, five vulnerabilities that on their own mean nothing, but in sequence open a door into any system. That is the level we are now operating at.
