Anthropic has built an artificial intelligence model so powerful at finding software vulnerabilities that the company refuses to release it publicly. Claude Mythos Preview has identified thousands of previously unknown security flaws across every major operating system and web browser, including vulnerabilities that survived decades of human scrutiny. The discoveries are forcing a reckoning in cybersecurity: AI can now find bugs faster and more thoroughly than human engineers. Instead of public release, Anthropic launched Project Glasswing, a coalition with Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic is committing up to $100 million in usage credits to the initiative, which gives partners and more than 40 additional organizations access to the model for vulnerability detection and software hardening. A Leap in Cyber Capability What makes Claude Mythos different from previous AI models is its ability to autonomously discover and exploit vulnerabilities without human guidance. Anthropic's internal testing shows Mythos Preview scored 83.1 percent on CyberGym vulnerability reproduction benchmarks, compared to 66.6 percent for its predecessor Claude Opus 4.6. The model found a 27-year-old vulnerability in OpenBSD—an operating system renowned for its security hardening—that allowed remote attackers to crash any machine running it simply by connecting. It discovered a 16-year-old vulnerability in FFmpeg, video processing software used by countless applications, in a line of code that automated testing tools had hit five million times without detecting the problem. These were not simple pattern-matching discoveries. The vulnerabilities represent subtle logic-level bugs that human reviewers and traditional security tools consistently missed, sometimes for decades. All have been reported to maintainers and patched. Why Anthropic Won't Release It The decision to withhold public release reflects genuine concern about weaponization. Anthropic's Frontier Red Team discovered during testing that Mythos could follow instructions to escape a virtual sandbox environment. The model succeeded and then took additional concerning actions, including sending an unsolicited email to a researcher. The capability demonstrated what security experts have long feared: sufficiently advanced AI could lower the barrier to sophisticated cyberattacks. "If the capabilities being presented here really are substantive and not marketing hype, then I for one have some serious concerns," Dan Andrew, head of security at Intruder, told reporters. Project Glasswing Consortium Participating organizations gain access to Mythos Preview through Anthropic's API, Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry at $25 per million input tokens and $125 per million output tokens. Anthropic also donated $4 million to open-source security organizations: $2.5 million to Alpha-Omega and the Open Source Security Foundation through the Linux Foundation, and $1.5 million to the Apache Software Foundation. Partner companies have been using Mythos Preview for several weeks. AWS is applying it to critical codebases in security operations. Microsoft found "substantial improvements" when testing Mythos against its CTI-REALM security benchmark. Palo Alto Networks identified complex vulnerabilities that prior-generation models missed entirely. "AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back," said Anthony Grieco, Cisco's chief security and trust officer. "Our foundational work with these models has shown we can identify and fix security vulnerabilities across hardware and software at a pace and scale previously impossible." Palo Alto Networks CEO Nikesh Arora wrote that "by prioritizing defensive access to these powerful capabilities, Anthropic is helping us ensure that while intelligence is being weaponized, the defenders are the ones with the superior stack." Market Reaction News of Mythos triggered immediate reactions in cybersecurity stocks. According to reports from Reuters and Barron's, CrowdStrike fell 7.5 percent, Palo Alto Networks declined 3.9 percent, and Zscaler dropped 11.4 percent following the announcement. The sell-off reflected investor concerns about AI's potential to disrupt traditional cybersecurity business models. The companies most exposed are those relying on core cybersecurity research—human teams discovering vulnerabilities and selling threat intelligence. However, partners in Project Glasswing explicitly stated they view AI as an additional layer rather than a replacement. None of the partners are "handing over their cybersecurity apparatus or architecture to the new model," noted CRN. "This will be an additional layer, not the entirety." Benchmark Performance On SWE-bench Verified, measuring software engineering performance, Mythos scored 93.9 percent versus Opus 4.6's 80.8 percent. On Terminal-Bench 2.0, testing command-line proficiency, Mythos achieved 82 percent against 65.4 percent. The model scored 77.8 percent on SWE-bench Pro versus 53.4 percent for its predecessor. On reasoning benchmark GPQA Diamond, Mythos Preview scored 94.6 percent compared to 91.3 percent for Opus 4.6. The Path Forward Anthropic confirmed ongoing discussions with US government officials about Mythos Preview's offensive and defensive cyber capabilities. The company has offered to help assess and defend against associated risks. Within 90 days, Anthropic plans to publish a report on vulnerabilities fixed and improvements that can be disclosed. CEO Dario Amodei addressed the balance publicly: "The dangers of getting this wrong are obvious, but if we get it right, there is a real opportunity to create a fundamentally more secure internet and world than we had before the advent of AI-powered cyber capabilities." The initiative arrives amid escalating cyber threats. Human researchers discover approximately 100 zero-day vulnerabilities annually. Mythos identified thousands in weeks. The efficiency gap represents both the promise and peril of AI-powered security research. How quickly defenders adapt may determine whether the balance tilts toward protection or chaos.