Anthropic just did something no AI company has done before: instead of launching its most powerful model to the public, it handed it to a closed coalition of twelve of the world's largest technology and security companies — and told them to use it to find bugs. Claude Mythos Preview, the model in question, has already discovered thousands of zero-day vulnerabilities across every major operating system and web browser, some hiding in plain sight for over two decades.
This is not a routine product announcement. It signals a genuine inflection point in cybersecurity — the moment AI models became competitive with the best human security researchers at finding and exploiting software flaws. For any business running on mainstream software (which is every business), the implications are immediate and concrete.
What happened
On 7 April 2026, Anthropic announced Project Glasswing, a defensive cybersecurity initiative built around Claude Mythos Preview — a general-purpose frontier model that the company describes as its most capable ever. The twelve launch partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. An additional 40 organisations that build or maintain critical software infrastructure have also been granted access.
Mythos Preview was not specifically trained for cybersecurity. Its vulnerability-finding capabilities emerged as a downstream consequence of general improvements in code reasoning and autonomous agent behaviour — the same abilities that give it a 93.9% score on SWE-bench Verified, up from 80.8% for Claude Opus 4.6. On the CyberGym cybersecurity benchmark, Mythos Preview scored 83.1% compared to Opus 4.6's 66.6%.
Anthropic is committing up to $100 million in usage credits for Project Glasswing participants, plus $4 million in direct donations to open-source security organisations including the Linux Foundation's Alpha-Omega, OpenSSF, and the Apache Software Foundation. The model will not be made generally available. After the research preview, participants can access it at $25/$125 per million input/output tokens through the Claude API, Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry.
Bugs that survived decades of human review
The headline numbers are striking, but the specific discoveries tell the real story. Anthropic's Frontier Red Team blog details three cases that illustrate the model's capabilities:
A 27-year-old OpenBSD vulnerability. OpenBSD is widely considered one of the most security-hardened operating systems in the world. Mythos Preview found a flaw in its TCP SACK implementation — added in 1998 — that would allow a remote attacker to crash any machine running the OS simply by connecting to it. The bug involved a subtle interaction between signed integer overflow and a null pointer dereference that no human auditor or automated tool had caught in nearly three decades. It has now been patched.
A 16-year-old FFmpeg vulnerability. FFmpeg processes video for virtually every major streaming and media service on the internet. Mythos Preview found a flaw in its H.264 codec dating back to a 2010 refactoring of code originally written in 2003. Automated fuzzing tools had hit the vulnerable line of code five million times without triggering the bug. The model identified the specific condition — a 16-bit integer collision that only occurs with exactly 65,536 slices in a single frame — that no fuzzer was designed to produce.
A 17-year-old FreeBSD remote code execution. Mythos Preview autonomously discovered and exploited CVE-2026-4747, a vulnerability in FreeBSD's NFS server that grants full root access to unauthenticated remote users. Critically, "fully autonomously" means no human was involved after the initial prompt. The model found the bug, wrote a complete exploit including a 20-gadget ROP chain split across multiple packets, and delivered a working proof of concept.
Across roughly a thousand runs through its vulnerability-scanning scaffold, the total cost for the OpenBSD analysis was under $20,000. The specific run that found the 27-year-old bug cost less than $50.
The double-edged sword
The uncomfortable truth at the centre of this announcement is that everything that makes Mythos Preview valuable for defenders makes it equally valuable for attackers. Anthropic is explicit about this.
"The window between a vulnerability being discovered and being exploited by an adversary has collapsed — what once took months now happens in minutes with AI," said Elia Zaitsev, Chief Technology Officer at CrowdStrike. "That is not a reason to slow down; it's a reason to move together, faster."
Anthropic's own Red Team found that non-experts at the company — engineers with no formal security training — could ask Mythos Preview to find remote code execution vulnerabilities overnight and wake up to a complete, working exploit. In benchmark comparisons, where Opus 4.6 succeeded at autonomous exploit development essentially 0% of the time, Mythos Preview succeeded 181 times out of several hundred attempts on the same Firefox JavaScript engine targets.
The model's existence was actually revealed accidentally in March when a configuration error exposed nearly 3,000 internal Anthropic documents, including draft blog posts describing a model then codenamed "Capybara" that was "by far the most powerful AI model we've ever developed." The irony — a company launching a cybersecurity initiative after its own security breach — was not lost on observers, as TechCrunch's Lucas Ropek noted alongside a catalogue of Anthropic's recent operational mishaps.
What this means for your business
If you're running a business of any size, here's the practical calculus.
Your software just got safer — eventually. The vulnerabilities Mythos Preview is finding exist in the operating systems, browsers, and libraries your business runs on right now. As Project Glasswing partners patch these flaws, the entire ecosystem benefits. But "eventually" is doing heavy lifting in that sentence. Over 99% of the vulnerabilities discovered have not yet been patched, and responsible disclosure timelines mean fixes will roll out over months, not days.
Patch management is no longer optional hygiene — it's existential. When AI models can find and exploit vulnerabilities autonomously for under $50 a pop, the window between disclosure and exploitation shrinks to near zero. As Lee Klarich, Chief Product and Technology Officer at Palo Alto Networks, put it: "Everyone needs to prepare for AI-assisted attackers. There will be more attacks, faster attacks, and more sophisticated attacks. Now is the time to modernise cybersecurity stacks everywhere."
The security skills gap is about to matter more — and less. AI models like Mythos will eventually democratise vulnerability detection, which is good news for the vast majority of organisations that can't afford dedicated security teams. Jim Zemlin, CEO of the Linux Foundation, noted that "security expertise has been a luxury reserved for organisations with large security teams" and that Project Glasswing "offers a credible path to changing that equation." But in the transition period, attackers who get access to similar capabilities first will have the advantage.
Review your cyber insurance. If your policy was written before AI-augmented attacks became a realistic threat model, it may not adequately cover the speed and scale of incidents that are now possible. The World Economic Forum's Global Cybersecurity Outlook 2026 found that 94% of industry respondents identified AI as the most significant driver of change in cybersecurity.
What to watch
Anthropic has committed to publishing a public report within 90 days detailing what Project Glasswing has learned, including vulnerabilities fixed and practical recommendations for how security practices should evolve. That report — due around early July — will be the first real test of whether this initiative produces industry-wide benefit or remains a competitive advantage for a closed club.
The bigger question is timeline. Anthropic acknowledges that "it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely." The company plans to launch new safeguards with an upcoming Claude Opus model that would allow Mythos-class capabilities to be deployed more broadly. How quickly that happens — and whether other AI labs develop comparable models first — will determine whether defenders or attackers gain the upper hand in what Anthropic is framing as a transitional period for global cybersecurity.
For Australian businesses specifically, this reinforces what the Deloitte 2026 State of AI in the Enterprise report already flagged: local organisations are rushing to deploy AI but lagging on governance. With AI-powered cyber threats now demonstrably real and escalating, the governance conversation can no longer be deferred.
Sources
- Project Glasswing: Securing critical software for the AI era — Anthropic
- Assessing Claude Mythos Preview's cybersecurity capabilities — Anthropic Frontier Red Team
- Anthropic debuts preview of powerful new AI model Mythos in new cybersecurity initiative — TechCrunch
- Exclusive: Anthropic 'Mythos' AI model representing 'step change' in power revealed in data leak — Fortune
- Global Cybersecurity Outlook 2026 — World Economic Forum
- Australian organisations lag global peers in realising AI's transformational potential — Deloitte Australia
