Mythos AI is a cybersecurity threat, but it doesn’t rewrite the rules of the game

The cybersecurity community went on alert when Anthropic announced on April 7, 2026, that its latest and most capable general-purpose large language model, Claude Mythos Preview^[1], had demonstrated remarkable – and unintended – capabilities. The artifical intelligence system was able to find and exploit software vulnerabilities – the most serious type of software bugs^[2] – at a rate not seen before.

The news ignited concern^[3] among the public, world governments and the information technology sector about the capabilities of today’s AI to undermine cybersecurity, with some people framing the model as a global cybersecurity threat^[4].

Claiming that it would be too risky to release the model, and that the company had the moral responsibility^[5] to disclose these vulnerabilities, Anthropic said it would not immediately offer the model to the public. Instead, it granted exclusive access to tech giants to test the model’s capabilities, a process Anthropic dubbed Project Glasswing^[6].

As a cybersecurity researcher^[7], I think Mythos’ capabilities are impressive, but the AI system does not represent a radical departure. Mythos is less a new threat than a mirror reflecting how people behave and how fragile modern systems already are.

What Mythos did

During a controlled evaluation, engineers with minimal security experience^[8] prompted Mythos to scan thousands of software codebases for vulnerabilities. The model showed striking capabilities in conducting multistep, autonomous attacks that take experts weeks or even months to put together. Mythos was not only able to discover 271 vulnerabilities in Mozilla’s Firefox, it also developed exploits to take advantage of 181 of those.

Overall, Anthropic’s red team, which takes on the role of an attacker to test defenses^[9], and the United Kingdom’s AI Security Institute^[10] reported that Mythos found thousands^[11] of zero-day^[12], or previously unreported, vulnerabilities in major operating systems, web browsers and other applications – software flaws that have not yet been patched and can be turned into exploits immediately. National Security Agency officials testing Mythos have been impressed by the tool’s speed and efficiency^[13] in finding software vulnerabilities, according to a news report.

Among the most widely reported were Mythos’ ability to identify a dormant 27-year-old security flaw in OpenBSD^[14], a security-focused operating system, and a 16-year-old bug in FFmpeg^[15], a video/audio processing tool. Some of these flaws allow unauthenticated users to gain control of the machines hosting these applications.

Even more striking, the relatively inexperienced engineers running Mythos’ evaluations were able to use Mythos to complete attacks overnight, from finding vulnerabilities to exploiting them – something that can take human experts weeks to do. The model’s ability to chain multiple steps is what surprised Anthropic and organizations that tried it. In an evaluation by the AI Security Institute, Mythos was able to take over^[16] a simulated corporate network^[17] in three out of 10 tries, the first AI model to succeed at the task.

These results are real. They also paint an incomplete picture in ways that matter.

Where is the breakthrough?

At first glance, Mythos’ breakthrough sounds novel and could signal a new class of cyber threats. However, a closer look suggests something different. The vulnerabilities Mythos found are not new in nature. They generally don’t belong to unknown security flaws^[18], and in many cases they are variations of well-known and well-understood classes of software vulnerabilities.

In cybersecurity, finding new instances of known types of flaws is not unusual. The most successful attacks rely on known^[19], well-defined vulnerabilities that stay overlooked or unpatched. What concerned the researchers was not Mythos changing the nature of finding and exploiting vulnerabilities, but rather the intense scale and speed^[20] with which it was able to find and exploit those vulnerabilities.

This is not a breakthrough per se but rather a result of decades of research in both cybersecurity and AI. In that sense, Mythos is the natural – and expected – result of powerful automation and AI integration because it follows the same fundamental procedures used in standard offensive cybersecurity practices. These include scanning for vulnerabilities, identifying patterns and testing exploitability. Mythos and similar emerging models make it possible to chain these steps together at a speed that is hard to fathom.

So why were these vulnerabilities missed in the first place?

It is crucial to understand that not all vulnerabilities are cost effective to fix, and not all vulnerabilities are a priority. Mythos did not discover a new kind of weakness – it exposed the limits of how cybersecurity practitioners search for them.

New tech, age-old dynamic

Mythos highlights an important fact about the reality of cybersecurity threats. System defenders are always at a disadvantage because they need to always succeed. Attackers, however, need to succeed only once to break the security of a system. This cat-and-mouse game will always be the same, and Mythos does not change that – it simply reinforces it.

Mythos follows a familiar dynamic: A tool created to protect can also be used to attack and harm.

“The same improvements that make the model substantially more effective at patching vulnerabilities also make it substantially more effective at exploiting them,” Anthropic officials wrote in a blog post about Mythos^[21].

What once may have required highly specialized skills can now be achieved with significantly less effort, which raises the most important question: Who will benefit first by using tools like Mythos – defenders or attackers?

References

1. ^{^} Claude Mythos Preview (red.anthropic.com)
2. ^{^} the most serious type of software bugs (owasp.org)
3. ^{^} ignited concern (www.theguardian.com)
4. ^{^} global cybersecurity threat (www.theguardian.com)
5. ^{^} moral responsibility (www.anthropic.com)
6. ^{^} Project Glasswing (www.anthropic.com)
7. ^{^} cybersecurity researcher (scholar.google.com)
8. ^{^} engineers with minimal security experience (red.anthropic.com)
9. ^{^} to test defenses (csrc.nist.gov)
10. ^{^} AI Security Institute (www.aisi.gov.uk)
11. ^{^} found thousands (red.anthropic.com)
12. ^{^} zero-day (www.sans.org)
13. ^{^} impressed by the tool’s speed and efficiency (www.bloomberg.com)
14. ^{^} OpenBSD (www.openbsd.org)
15. ^{^} FFmpeg (ffmpeg.org)
16. ^{^} able to take over (www.aisi.gov.uk)
17. ^{^} simulated corporate network (doi.org)
18. ^{^} generally don’t belong to unknown security flaws (fortune.com)
19. ^{^} rely on known (www.verizon.com)
20. ^{^} scale and speed (fortune.com)
21. ^{^} blog post about Mythos (red.anthropic.com)