Anthropic has unveiled Claude Mythos Preview, an artificial intelligence model so capable at finding computer security vulnerabilities that the company itself has declared it too dangerous to release publicly. The model, shared this week only with select partner organizations including Amazon, Apple, Microsoft, Google, Cisco, CrowdStrike, and JPMorgan Chase under an initiative called Project Glasswing, can autonomously scan vast amounts of code to identify and chain together previously unknown security flaws—a capability that has alarmed cybersecurity experts and government officials alike.
The announcement has reverberated far beyond the technology sector. Within days of Anthropic's warning about Mythos, US Treasury Secretary Scott Bessent summoned Wall Street leaders to ensure they were implementing adequate defenses against potential AI-powered cyberattacks. The move underscored how the model's existence poses risks not just to financial institutions, but to critical infrastructure and organizations across every sector. David Sacks, who heads President Donald Trump's council of advisors on technology, stated bluntly that "the world has no choice but to take the cyber threat associated with Mythos seriously," signaling official recognition of the stakes involved.
What makes Mythos particularly concerning is the nature of its capabilities. Unlike previous security-focused AI tools, Mythos was trained to be generally intelligent across multiple domains rather than narrowly specialized—yet it excels at identifying security vulnerabilities more effectively than human cybersecurity specialists. Anthropic developers have described the model as "terrifying," capable of discovering thousands of new vulnerabilities that could potentially be exploited by malicious actors. The fear is not theoretical: security researchers worry about scenarios where hackers could command armies of AI agents using Mythos to break through computer defenses with relative ease.
The restricted preview represents Anthropic's attempt to balance transparency with responsibility. By sharing access only with trusted technology and financial partners, the company is enabling these organizations to understand the threat and prepare defenses while preventing the model from becoming widely available to bad actors. This measured approach reflects broader tensions in the AI industry about how to responsibly develop and deploy increasingly powerful systems.
In response to Mythos, competitors are charting their own paths. OpenAI has announced a new cybersecurity-focused model called GPT-5.4-Cyber and claims its safeguards "sufficiently reduce cyber risk" for now, suggesting a different philosophy about how to manage powerful AI capabilities. The divergent responses highlight ongoing disagreement within the AI industry about whether the best approach is to restrict access to powerful models or to build robust safeguards that allow wider deployment.
The emergence of Mythos has crystallized a fundamental challenge facing policymakers, security professionals, and technology leaders: how to harness AI's potential to defend against cyber threats while preventing the same tools from becoming weapons in the hands of adversaries. The model serves as a stark reminder that the benefits and dangers of advanced AI systems are often two sides of the same coin, and that decisions made by individual companies about development and deployment have implications far beyond their own operations.