Anthropic has moved closer to a broader release of Mythos-class cybersecurity models after its restricted Claude Mythos Preview system helped uncover more than 10,000 high- or critical-severity software vulnerabilities across about 50 partner organisations, sharpening debate over whether powerful AI hacking tools can be deployed safely before attackers gain similar capabilities.The San Francisco-based AI company has so far kept Claude Mythos Preview outside general public access, limiting it through Project Glasswing, a defensive cybersecurity programme involving technology groups, banks, cloud providers, security vendors and open-source maintainers. The latest figures mark a significant escalation in AI-assisted vulnerability discovery, with the company now indicating that wider availability may follow once stronger safeguards are in place.
The findings have placed Anthropic at the centre of a fast-moving security discussion. Mythos Preview is designed to identify, validate and in some cases develop exploits for software vulnerabilities at a level normally associated with elite human security researchers. Its use across critical codebases has exposed a widening gap between the speed at which advanced AI can find flaws and the ability of developers, vendors and maintainers to verify, disclose and patch them.
Project Glasswing’s first month has shown both the promise and the risk of that shift. Partners using Mythos Preview found hundreds of high- or critical-severity vulnerabilities in many cases, while some reported that their rate of bug discovery had increased more than tenfold. Cloudflare identified 2,000 bugs across critical-path systems, including about 400 assessed as high or critical, with a false-positive rate described as better than human testers.
Anthropic has also used Mythos Preview to scan more than 1,000 open-source projects that underpin internet infrastructure and enterprise systems. The model estimated 6,202 high- or critical-severity vulnerabilities within a broader pool of 23,019 findings across severity levels. Of the high- or critical-rated cases assessed by independent security researchers or Anthropic teams, more than 90 per cent were confirmed as valid true positives, while 1,094 were confirmed as high or critical in severity.
One of the clearest examples involved wolfSSL, a widely used open-source cryptography library. Mythos Preview identified a critical flaw that could allow forged certificates, enabling an attacker to impersonate a legitimate website or service. The vulnerability has been patched and assigned CVE-2026-5194, illustrating how AI-assisted discovery can expose serious weaknesses in software that has already undergone extensive human review.
The challenge now is less about finding flaws than dealing with the volume of discoveries. Anthropic estimates it has disclosed 530 high- or critical-severity bugs to maintainers, with 75 already patched and 65 given public advisories. A further 827 confirmed vulnerabilities are awaiting disclosure. Maintainers have warned that the flood of AI-generated bug reports, including low-quality submissions from other tools, is already straining limited security resources.
Claude Security, launched in public beta for Claude Enterprise customers on April 30, is Anthropic’s attempt to widen defensive access without releasing Mythos Preview itself. The product allows enterprise teams to scan codebases, generate proposed fixes and manage triaged findings using Claude Opus 4.7 rather than Mythos. Over the first three weeks, Opus 4.7 was used to patch more than 2,100 vulnerabilities, benefiting from the fact that enterprises can fix their own code more quickly than open-source maintainers operating through coordinated disclosure.
The company is also making parts of the Glasswing workflow available to qualifying security teams, including customised skills, a codebase-mapping harness, scanning subagents, triage support and threat-modelling tools. That approach reflects a compromise: Anthropic wants defenders to benefit from stronger AI security systems while keeping the most capable exploit-development functions away from unrestricted use.
The model’s emergence has drawn attention from governments, banks and cyber agencies because Mythos-class systems could lower the expertise threshold for sophisticated vulnerability discovery. Yet security practitioners have cautioned against overstating the immediate threat. AI-assisted bug hunting is not new, and criminal groups already exploit weak patching, exposed systems and credential theft at scale. The more immediate risk lies in the gap between discovery and remediation, especially where organisations lack asset inventories, patch discipline and layered controls.
Topics
Technology