Cybersecurity 101: The Mythos Mystique

Many, many readers have been asking about the recent announcements from Anthropic (the makers of Claude and other AI products) about its new Mythos model and Project Glasswing, which is leveraging that model.  There are extremely differing opinions on Mythos - is it the most dangerous evolution of tooling in cybersecurity,  or a positive impact as a defensive awareness and compensating controls approach.  But let's go over the foundational basics first.

Key Points

• Anthropic is developing a new AI model called Mythos for its premier product line, Claude.

• Mythos turned out to be an incredibly good threat researcher, finding vulnerabilities in many products across the technology world.

• Mythos has even discovered how to use those vulnerabilities to attack, creating concern in the cybersecurity world.

• However, only a select group of vendors have been provided with access to Mythos so they can create patches for their products.

• No actual threat actors have access to Mythos in any way.

• Mythos will not be intentionally publicly available until Anthropic has placed guardrails that, in concept, prevent Mythos from being used for cyber attacks.

• Bloomberg (and other news agencies) reported on April 21, 2026 that a small number of other persons have had access to Mythos via a 3rd-party vendor. Anthropic has not confirmed the validity of the research done by these news outlets, instead stating:   "We're investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments." TheRegister later reported that unauthorized parties may indeed have accessed the platform in a limited capacity through a 3rd-party vendor.

We will update this article as new information is available on the potential unauthorized access to Mythos.

What is Mythos?

Mythos is not a new product; it’s the next-generation model for Claude, Anthropic’s flagship Large Language Model (LLM) product line. Earlier versions of Claude are available publicly, which you can sign up to use on Anthropic’s website.

Claude, Claude Code, and Claude API all allow users to ask questions on just about any topic, and develop code in multiple programming languages. These products run on top of a model, similar to how a car runs on an engine. Models are the underlying data systems and code that allow an artificial intelligence to “think” (though that’s a gross oversimplification). To date, Anthropic has created four large language models (LLMs) for Claude, and released three:

●  Haiku: The fastest and cheapest of Claude models, Haiku is used primarily for chatbots and other use cases where speed is critical, and little reasoning is required. If a chatbot is pulling from knowledge bases and websites, then Haiku will get the job done.

●  Sonnet: More expensive, and not as fast as Haiku, Sonnet analyzes and correlates information. Use cases include generating code in multiple development languages, adding context to messages in Slack or other platforms, and automating workflows without a ton of branching decision trees. 

●  Opus: This is the most expensive of the currently available models, built to deal with deep reasoning, making decisions, and handling things that require multiple steps with branching decision pathways. Opus is typically used to build agentic AI systems, for example.

●  Mythos: This next-generation model extends the abilities of Opus significantly. It can reason faster, decide with more complex branching paths, and handle more concurrent operations. Mythos is not yet available to the general public, and won’t be for some time to come.

Bottom line: Mythos is simply the next iteration of Anthropic’s AI model development. Eventually, it will be available in Claude and any other format that Anthropic makes publicly available. The company will certainly introduce new services and products based on Mythos in the future, while other 3rd parties will leverage the model for new services.

Why is everyone alarmed over Mythos?

When Mythos was developed to the point it could accept input (usually known as “prompts”), Anthropic found something remarkable: Mythos was extremely good at performing cybersecurity operations, even though it was not specifically built to do so. In fact, Anthropic and many cybersecurity experts got a sneak peek, and had significant concerns.

The issue isn’t that Mythos can understand and make decisions on cybersecurity issues, it’s that Mythos can actually find new weaknesses in software, and then successfully exploit them for attack purposes. And it can do this all on its own once given the right sequence of prompts.

Defining vulnerabilities and exploits

A vulnerability is a weakness in something, such as a software program, a laptop or mobile device’s operating system, or even in a piece of hardware like the laptop itself. Vulnerabilities are the potential to make the application, system, or device do something that the original developers didn’t intend for it to do.

An exploit is the series of steps necessary to use that vulnerability to perform something the system, application, or device isn’t meant to do. This usually involves programmatically accessing the vulnerable thing in a very specific way. It can lead to outcomes such as crashing systems or otherwise making resources unavailable, giving someone unauthorized access to data and/or settings, stealing data, or any other operations that are not meant to be possible.

Threat researchers (both within vendor organizations and independent groups) will frequently identify new vulnerabilities after hours, days, or even weeks of experimenting on any given application or system. With this information, system developers and vendors can patch their systems to eliminate the vulnerability. Threat researchers may even take significant time to develop an exploit for the vulnerability, giving the developers and vendors an example they can use to better develop the patch.

Threat actors and groups can also discover vulnerabilities and code exploits. Of course, they don’t give the developers or vendors any notice before they start using that knowledge to attack organizations, but it still takes these actors and groups significant time to figure out the vulnerability and build out the exploit to form a working attack, often weeks or months.

A zero-day vulnerability is a vulnerability that becomes disclosed by a vendor/developer before the vendor or developer can build a patch to block an exploit. “Zero day” means that the vulnerability is disclosed to the general public without a patch, starting the clock on how long it’ll be before someone starts exploiting it and launching an attack.

Mythos is hyperfast at finding vulnerabilities and creating exploits

When properly prompted, Mythos can:

1. Analyze an operating system, application, or other system for potential vulnerabilities

2. Find unknown vulnerabilities

3. Develop and run exploits against those vulnerabilities

Mythos can do all this far more quickly than traditional threat researchers or threat actors can. In short, it could identify zero-day vulnerabilities and create exploits to use in attacking them, sometimes in minutes. As you might guess, this set the cybersecurity world on fire.

Because of the potentially explosive nature of Mythos, Anthropic immediately began to mitigate the potential for damage. The company:

• Delayed the potential release date of Mythos and announced that Opus (the current top-of-the-line model) would continue. Only Anthropic can choose which people and organizations access Mythos today and in the near future.  While some reporting has stated that others gained access to Mythos (see above), this has not yet been confirmed and is being denied by Anthropic.

• Created Project Glasswing. For this project, Anthropic gave limited access to Mythos to about 50 cybersecurity researchers and providers of major operating systems, applications, and hardware. The intent behind this project is to help ensure that anything Mythos could find (and it can find a lot) would already be visible to those who could then immediately and effectively patch their systems.

• Most critically, Anthropic has pledged to not release Mythos to the general public until they can build “guardrails” into the model. These guardrails would prevent Mythos from accepting prompts that would enable users with a Claude subscription to find new vulnerabilities and build new exploits. While there’s no announced timeframe for this, Anthropic has (as mentioned above) committed to limiting access to Mythos until this is completed.

What does this mean for your organization

Anthropic’s actions have had two major impacts for nearly every organization on the planet. Specifically:

1. By limiting access to Mythos only to participants in Project Glasswing, Anthropic has allowed the technology to be put to good use. Vendors, developers, and researchers can now make their products and systems safer than ever - though we can expect to see many vendors releasing patches in the coming weeks.  One hope is that many vulnerabilities will be found and vendors will be given the chance to redesign or provide patches before they become publicly known or exploited.  

2. While we will address this topic in a separate article, there is an important aspect to remember relative to Mythos …  There are 15-30 major frontier models like Claude, 200-500 notable open source models, and thousands of Research & Experimental models in play.  Mythos isn’t likely the only one out there that has this capability … and if it is it is only days, maybe weeks, and certainly not months and years before other engines and models can do this.

Many of the participants in Project Glasswing are defensive cybersecurity vendors, several of which your organization may already use. Microsoft, CrowdStrike, and others are confirmed participants, which means these vendors can build patches into their security tools that block exploits Mythos may discover. While the full list of participants has not been released publicly, many could be security vendors you use along with hardware manufacturers, Operating System developers, and application platform vendors. If so, you will benefit from the intelligence and information these vendors gain from Project Glasswing and Mythos.

Pondurance is also keeping a close eye on Mythos and the results of Project Glasswing. Since we already partner with the leaders in the cybersecurity space (Microsoft, CrowdStrike, SentinelOne, and others), we’ll benefit from the research, patching, and methodologies that the project creates. One of the main reasons we choose the partners we do is because we know that they’ll remain at the forefront of emergent technologies like Mythos. When new threat signals and intelligence are discovered, the managed detection and response tools we use will also be able to evolve.

AI is accelerating threats. Your defenses need to keep pace. See how Pondurance delivers continuous monitoring, threat detection, and expert response to protect your organization. Explore the platform or request a demo.