Anthropic Built Its Most Powerful Cyber Weapon. Then Locked It in a Vault
Anthropic's Claude Mythos found 27-year-old vulnerabilities and thousands of zero-days -- then refused to release it publicly, launching a $100M industry consortium instead.
- Claude Mythos Preview found 3,000+ zero-day vulnerabilities across every major OS and browser in weeks
- One flaw in OpenBSD dated back 27 years — discovered in an OS used to run firewalls and critical infrastructure worldwide
- Anthropic briefed US government that the same capability makes large-scale cyberattacks significantly more likely
- Project Glasswing consortium includes Microsoft, Google, Amazon, Apple, Cisco, NVIDIA, JPMorgan, and 40+ organizations
On April 7, 2026, Anthropic made a decision that would have been unthinkable a year ago: it built the most capable vulnerability-finding AI ever made, then explicitly decided not to release it.
The model is called Claude Mythos Preview. In just a few weeks of testing, it found thousands of zero-day vulnerabilities across every major operating system and every major web browser. One discovered flaw in OpenBSD, the security-hardened OS trusted for firewalls and critical infrastructure worldwide, had gone undetected for 27 years. Another had evaded automated testing tools that hit the problematic code more than 5 million times without catching it.
Anthropic announced the findings alongside Project Glasswing: a $100 million initiative to give the model to the world’s largest cybersecurity firms and technology companies, while keeping it out of everyone else’s hands.
Every Major Tech Company in One Room
The Glasswing consortium reads like a roll call of the tech industry’s power center. Founding partners include Amazon Web Services, Apple, Cisco, CrowdStrike, Google, JPMorgan Chase, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic is also extending access to over 40 additional organizations that build or maintain critical software infrastructure. The company pledged $100 million in computing credits and an additional $4 million in direct donations to open-source security organizations.
The performance numbers explain why. On CyberGym, a benchmark for vulnerability reproduction, Claude Mythos Preview scored 83.1% against Opus 4.6’s 66.6%. On SWE-bench Verified, it hit 93.9% versus 80.8%. Every benchmark shows a substantial, consistent jump — the kind that changes what’s practically possible in defensive security.
Cisco’s Chief Security Officer Anthony Grieco put it plainly: “AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back.”
Anthropic quietly briefed US government officials that Claude Mythos makes large-scale cyberattacks significantly more likely in 2026 — even as the White House ordered all federal contracts with the company terminated in February. A federal court has since paused that order while Anthropic’s legal challenge proceeds.
The Dilemma Nobody Wants to Talk About
Lee Klarich, chief product officer at Palo Alto Networks, noted that Mythos has already found complex vulnerabilities that prior-generation AI models missed entirely. In the right hands, it’s a genuine defensive breakthrough. In the wrong hands, it’s an exploit-development engine operating at industrial scale.
Anthropic is betting that a curated consortium of verified partners is enough to tip the balance toward defenders. The company plans to report publicly on its findings within 90 days and is working on new safeguards for upcoming Claude Opus models to detect and block dangerous outputs. Whether those guardrails hold against a determined adversary is a question nobody in the consortium is rushing to answer.
Global cybercrime costs an estimated $500 billion annually. State-sponsored attacks from China, Iran, North Korea, and Russia show no signs of slowing. The window between vulnerability discovery and exploitation has already collapsed from months to minutes, as Frontierbeat reported last week. Project Glasswing is the industry’s first serious attempt to weaponize AI back in the other direction — but it may already be a race that defenders are only beginning to realize they’re losing.
