Anthropic Limits Access to Claude Mythos Model

Anthropic launched Project Glasswing, announcing controlled access to an unreleased frontier model, Claude Mythos, which the company wrote has "already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser," per Anthropic's Project Glasswing page. Anthropic described the effort as a partnership that includes Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks, and said it has extended access to more than 40 additional organizations that maintain critical software infrastructure, per the Project Glasswing announcement. Anthropic also stated it will provide up to $100 million in usage credits for Mythos Preview and $4 million in direct donations to open-source security organizations, per the same page.

Anthropic confirmed a limited release model and control measures; separately, BBC reported on April 22 that Anthropic is investigating a claim of unauthorized access to Claude Mythos Preview through one of the company's third-party vendor environments. Bloomberg reported that the account used belonged to a contractor and that a small group in a private forum accessed the model via that permission. CNBC reported security researchers and AI experts saying the vulnerabilities highlighted by Mythos can often be found by well-orchestrated use of existing public models, and Tom's Hardware published a critical analysis arguing that many of the "thousands" of claimed vulnerabilities rely on a much smaller set of manually reviewed findings.

Industry-pattern observations: Models trained or prompted to search for software weaknesses can accelerate discovery of reproducible classes of vulnerabilities, especially in legacy code and public repositories. Reporting in CNBC that researchers reproduced Mythos-like findings by composing public models indicates the technical gap between a single proprietary frontier model and adversaries assembling capabilities from accessible components. Published critique from Tom's Hardware that Anthropic's headline claim rests on fewer manually validated cases highlights an important testing-to-exploit gap: automated discovery requires human review to confirm exploitability and to assess real-world risk.

Project Glasswing is a defensive coordination effort framed around distributing an advanced scanning capability to large infrastructure maintainers and security vendors. The mix of cloud, hardware, security, financial, and open-source partners named on Anthropic's page underscores cross-sector concern about fast-moving capability growth in frontier models. Reporting of an alleged unauthorized access through a contractor account, as covered by BBC and Bloomberg, underscores operational risk in controlled rollouts: supply-chain and third-party permissions are recurring vectors for capability leakage.

For practitioners: Security teams should view Mythos as an event that raises two practical points. First, automated discovery at scale increases the importance of rapid triage and patch workflows; CNBC coverage notes defenders still often take days or weeks to patch, widening a window of exposure. Second, the reproducibility of many findings with public-model orchestration implies that defensive tooling and threat-hunting playbooks should assume adversaries can assemble similar pipelines without access to a single proprietary frontier model.

Industry observers will monitor:

• •Anthropic's follow-up transparency, including the methodology and sample-validation rates in its Mythos technical and risk reports
• •whether independent researchers can reproduce Anthropic's higher-severity, exploitable findings and publish exploit proofs
• •changes in vendor access controls and third-party auditing practices after the reported contractor-linked access. Also watch regulatory and national-security responses; CNBC reported that some governments and agencies are already considering new reviews for such tools