Anthropic’s AI Model ‘Claude Mythos’ Raises Security Concerns, Limited to Select Firms

Anthropic’s Project Glasswing website displayed on a laptop screen on April 10, 2026. | Gabby Jones/Bloomberg via Getty Images

How powerful is artificial intelligence? Powerful enough that Anthropic, a leading AI company, announced this month that its newest AI model, Claude Mythos Preview, would be available only to a limited number of businesses for security reasons.

Initially designed for general use, Anthropic discovered during testing that the model excels at identifying vulnerabilities in security systems across various software types. This capability poses significant security risks if misused.

Project Glasswing: A Controlled Rollout for Critical Infrastructure

To mitigate these risks, Anthropic is sharing the Claude Mythos Preview model with a select group of major tech companies and banks through Project Glasswing. The initiative aims to help these organizations address existing security gaps and proactively defend against potential hacking attempts identified by the model.

So far, participants in Project Glasswing include:

• Nvidia
• JP Morgan Chase
• Google
• Several dozen additional firms responsible for critical software infrastructure

What Makes Claude Mythos Unique?

During a conversation with Sean Rameswaram, co-host of Today, Explained, Hayden Field, senior AI reporter at The Verge, explained the model’s capabilities and implications.

"Mythos is [Anthropic’s] newest AI model designed to be a general-purpose AI model like any other. But what they realized when they were working on it was that it had these special skills that they didn’t really anticipate. It was really good at cybersecurity. It found high-stakes vulnerabilities in virtually every operating system."

"That’s pretty bad if you are using that as a hacker. And to have a blueprint for a list of every big gap and insecurity and vulnerability on all these really, really high-profile systems, you’re going to be having a list of everything you could do to take those systems down or exploit data."

"They realized that they better not release this to the general public because it could fall into the wrong hands. And they instead handpicked a select few organizations that are responsible for critical infrastructure to release it to so they could plug those gaps in their systems instead."

How Does Claude Mythos Work?

Despite being built as a general-purpose model, Claude Mythos operates similarly to other AI models when identifying vulnerabilities. Users can prompt the model to scan specific systems—such as a browser like Google Chrome—for niche vulnerabilities.

The model flags high-profile security gaps, which organizations can then address. While hackers could theoretically use the model in the same way, Anthropic’s restricted access aims to prevent misuse.