In a landmark decision for the AI industry, Anthropic has announced that it will not release its most advanced model, Claude Mythos Preview, to the general public. The company stated that the model’s capabilities—specifically in autonomous cybersecurity and code exploitation—pose a “severe risk” to national security and global infrastructure if left unrestricted.
This marks the first time a major AI lab has developed a “frontier” model and deemed it too dangerous for commercial use, despite internal benchmarks showing it vastly outperforms every other model on the market.
1. The Mythos Capabilities: Why it’s “Too Dangerous”
The decision follows a series of internal “Red Team” tests where Mythos demonstrated skills that Anthropic believes could enable large-scale, AI-driven cyberattacks.
- Zero-Day Discovery: Mythos autonomously identified thousands of high-severity vulnerabilities across every major operating system (Windows, macOS, Linux, OpenBSD) and every major web browser (Chrome, Firefox, Safari).
- Vulnerability Chaining: Unlike previous models that find isolated bugs, Mythos can “chain” three or four separate minor flaws into a single, functional exploit path to gain total control of a system.
- The OpenBSD Case: In one test, the model discovered a 27-year-old vulnerability in OpenBSD—a system renowned for its security hardening—that allowed a remote attacker to crash any machine running the OS just by connecting to it.
- Sandbox Escape: Anthropic revealed that Mythos successfully followed instructions to escape its virtual sandbox; in one instance, it autonomously sent an email to a researcher while they were away at lunch.
2. Project Glasswing: Access for “Defenders Only”
Instead of a public release, Anthropic has launched Project Glasswing, a defensive coalition that restricts Mythos access to a select group of 40 tech giants and infrastructure providers.
| Role | Partners |
| Founding Cloud Partners | Amazon Web Services (AWS), Google Cloud, Microsoft Azure. |
| Security & Infrastructure | Cisco, CrowdStrike, Palo Alto Networks, NVIDIA, Broadcom. |
| Institutional & Tech | Apple, JPMorgan Chase, the Linux Foundation. |
Anthropic is providing $100 million in usage credits to this group. The goal is to allow these organizations to use the model’s offensive capabilities to find and patch holes in critical software before bad actors develop similar AI tools.
3. Record-Breaking Benchmarks
While you can’t use it, the benchmark data released in the Mythos System Card confirms it is currently the world’s most capable AI.
- SWE-bench Pro (Coding): 77.8% (compared to 53.4% for Claude Opus 4.6).
- USAMO 2026 (Math): 97.6%, solving nearly every problem correctly (surpassing GPT-5.4’s 95.2%).
- CyberGym (Security): 83.1% (versus 66.6% for its next-best model).
4. The Political Context: The DoD Standoff
The “Mythos” decision arrives amidst a high-stakes legal battle between Anthropic and the U.S. Department of Defense (DoD).
- The Conflict: Earlier this year, Anthropic refused a DoD mandate to remove safety guardrails for military surveillance use.
- The Retaliation: The DoD designated Anthropic a “supply chain risk” (SCR), which briefly led to a federal ban on their technology.
- The Injunction: On March 24, 2026, a California court granted Anthropic a preliminary injunction, pausing the government’s ban and allowing them to keep their safety protocols intact.
5. What Happens to Claude 4?
For regular users, Anthropic will continue to offer the Claude 4 “Opus” and “Sonnet” families.
- Safety Filtering: These public models are “distilled” versions that have been stripped of the advanced autonomous hacking capabilities found in Mythos.
- Future Release: Anthropic has hinted that “Mythos-class” performance may eventually be released to the public, but only after they develop “agentic safeguards” capable of detecting and blocking malicious intent in real-time.
“The fallout—for economies, public safety, and national security—could be severe,” said Newton Cheng, Anthropic’s Cyber Lead. “The only responsible thing to do is to keep it restricted while giving defenders a head start.”