Debate over Claude Mythos Preview sharpens as cybersecurity claims draw fire

April 12, 2026
aisecurityprivacybusiness
A close-up of a smartphone with a green screen placed on a laptop keyboard.
Photo by Zulfugar Karimov on Pexels

What Anthropic says — and what’s been reported

It has been reported that Anthropic will not widely release its most capable model, Claude Mythos, because of serious cyber capabilities. Instead, the company is allegedly limiting access under a program dubbed Project Glasswing to launch partners and "over 40" organizations that maintain critical software infrastructure. It has been reported that Mythos Preview was used to surface thousands of zero‑day vulnerabilities — many claimed to be critical — and that Anthropic plans to use the model to help patch them before anything worse happens.

The pushback and the proof game

Not everyone is buying every claim. It has been reported that independent researchers and industry analysts have tried to reproduce or refute parts of Anthropic’s account, publishing analyses that question the scale or repeatability of the model’s exploits. The back-and-forth is noisy. Who’s right? It matters. If Mythos really accelerates automated vulnerability discovery, defenders gain a potent tool — but the same power, if stolen or misused, becomes a nightmare.

The emotional center of this story is plain: a scramble. It has been reported that U.S. officials and financial leaders have been roused into urgent meetings over cyber risk, and commentators warn we’re entering a new era of automated AI R&D with both enormous upside and existential downside. Is limiting access the least‑bad option? Perhaps. But centralizing such capability raises its own political, ethical and security headaches — think arms‑race dynamics, but for software bugs.

The debate is now about trade‑offs. Do you trust a handful of firms and governments to hold the keys while the rest of the world plays catch‑up? Or do you force wider transparency and risk leaks? Expect more technical audits, more claims and counterclaims, and a renewed sprint to harden the software we all rely on. The stakes are high, and the clock is ticking.

Sources: thezvi.substack.com