Why is Anthropic Not Releasing Claude Mythos to the Public?

If the potential for AI misuse was already creating industry shockwaves, Anthropic's Claude Mythos Preview has kicked that pandora's box open, revealing thousands of high-severity vulnerabilities in every major operating system.

It did not take long for the industry to understand the security implications that followed. If AI systems like this proliferates, bad actors can mount numerous sophisticated attacks.

To address this issue, Anthropic has pulled back the curtain on Project Glasswing – an ambitious and urgent effort to secure critical software.  

Major players including AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks are part of this coalition. 

"Glasswing is built around Claude Mythos Preview, our new limited-release frontier model, which has so far found thousands of zero-day vulnerabilities – including some that survived decades of human review – spanning every major operating system and browser," notes Daniela Amodei, President at Anthropic, on LinkedIn.

"AI cyber capabilities at this level will proliferate over the coming months and not every actor who gets access to them will be focused on defence. That's the gap Glasswing is built to close.

"Cyber defence at this scale is a team effort. Frontier labs, software companies, security researchers, open-source maintainers and governments all working together is how defenders will stay ahead."

Claude Mythos Preview capabilities

At the core of Glasswing are the advanced analytical capabilities of Claude Mythos Preview.

A testament to its effectiveness is that it uncovered a vulnerability dating back nearly three decades in OpenBSD. 

OpenBSD is an operating system used to run firewalls and other critical infrastructure due to its reputation of being the most security-hardened operating system (OS) in the world.

The bug allows an attacker to remotely crash any machine running OpenBSD simply by connecting to it. 

Another major vulnerability has been discovered in FFmpeg, which is used to encode and decode videos. 

Mythos also exposed flaws in the Linux kernel that is used to run most of the world’s servers that could enable an attacker to take complete control over the machine.

Understanding that in the wrong hands this model can create chaos, Anthropic is not releasing Claude Mythos Preview to the public. 

“The more capable AI becomes, the more security it needs,” notes George Kurtz, President, CEO and Founder of CrowdStrike. “That’s why Anthropic chose CrowdStrike as a founding member of their security coalition for Claude Mythos Preview.

“AI is creating the largest security demand driver since the enterprises moved to the cloud. Claude Code is changing how people use computers. OpenClaw is set to reshape how enterprises automate. Mythos may be the most capable frontier model yet. It won’t be the last.

“All of these AI innovations meet enterprises at the endpoint. That's where they access data, make decisions and also create risk.”

Scaling AI innovation responsibly

A commitment of US$100m was made by Anthropic, providing model usage credits to Project Glasswing and additional participants in the effort to apply advanced AI capabilities to critical software analysis.

The AI company is also donating US$4m to open-source security organisations to support the cause.

“Although the risks from AI-augmented cyber attacks are serious, there is reason for optimism: the same capabilities that make AI models dangerous in the wrong hands make them invaluable for finding and fixing flaws in important software,” Anthropic notes.

“Project Glasswing is an important step toward giving defenders a durable advantage in the coming AI-driven era of cybersecurity.”

AI to fix security flaws

By giving organisations early access to advanced tools like Claude Mythos Preview, Anthropic is creating opportunities to explore what next-generation AI systems can achieve in complex analytical tasks.

“AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyberthreats and there is no going back,” says Anthony Grieco, SVP & Chief Security & Trust Officer at Cisco.

“Our foundational work with these models has shown we can identify and fix security vulnerabilities across hardware and software at a pace and scale previously impossible. That is a profound shift and a clear signal that the old ways of hardening systems are no longer sufficient.

“Providers of technology must aggressively adopt new approaches now and customers need to be ready to deploy. That is why Cisco joined Project Glasswing – this work is too important and too urgent to do alone.”

Through collaboration, controlled deployment and sustained investment, Project Glasswing demonstrates that securing advanced AI systems to tackle complex challenges is a feat that requires widespread industrial co-operation.