On April 7, 2026, Anthropic disclosed that its Claude Mythos Preview model demonstrated the ability to quickly locate

On April 7, 2026 Anthropic disclosed that its latest model, Claude Mythos Preview, displayed unintended capabilities that alarmed cybersecurity experts, governments and the public. Rather than release the model broadly, the company restricted access to allow further testing and analysis, saying the decision reflected a responsibility to manage discovery and disclosure of software vulnerabilities. In controlled evaluations, engineers instructed Mythos to scan thousands of software codebases for security flaws. Anthropic’s internal red team reported that Mythos identified 271 vulnerabilities in Mozilla’s Firefox and generated working exploits for 181 of those findings, demonstrating an ability to move from discovery to weaponization at machine speed.

Anthropic and the United Kingdom’s AI Security Institute said Mythos surfaced thousands of previously unreported zero-day vulnerabilities affecting major operating systems, web browsers and other widely used applications. Those results suggest the model can unearth defects at a scale that current manual processes struggle to match. Instead of a broad release, Anthropic granted exclusive access to a handful of technology firms under a testing program called "Project Glasswing." Officials from the National Security Agency who evaluated the model were reportedly impressed by its speed and efficiency in locating flaws, according to accounts of government testing. The restricted evaluations have intensified debate over who should vet high-risk models and under what transparency rules.

Security researchers who reviewed the testing emphasized that Mythos automates multistep attack chains that previously required weeks or months of specialist labor. Practically, that means vulnerability discovery and exploit development can be accelerated, narrowing the window defenders have to patch software before active exploitation occurs. Analyses stressing Mythos’s significance note that it did not invent fundamentally new attack techniques so much as scale existing methods rapidly. Its behavior underscores systemic fragilities in modern software ecosystems: many latent flaws can be found and weaponized far faster when assisted by powerful automation, changing the balance between offense and defense.

The findings have refocused mitigation priorities toward faster patching, broader automated testing, and improved software hygiene across supply chains. They have also intensified calls for coordinated red teaming, clearer access rules for high-capability models, and expedited disclosure processes among AI developers, software vendors and security agencies.