10 Things Every Business Owner Should Know About Claude Mythos Preview
10 Things Business Owners Need to Know About Mythos 10 Things Every Business Owner Should Know About Claude Mythos Preview Anthropic’s Claude Mythos Preview announcement is significant — but most coverage is written for security researchers. This post translates the 10 most important facts into plain language that any business owner or senior leader needs to understand. 10 factsFrom the actual Anthropic technical disclosure Plain EnglishFor business owners, not security researchers ActionableEach fact paired with what it means for your business The 10 Facts Every Business Owner Needs to Know 1 1. Claude Mythos Preview is a real Anthropic model announced April 7, 2026 This is not a rumour or a future release — Anthropic announced Claude Mythos Preview on April 7, 2026 with a detailed technical disclosure. The announcement includes specific benchmark numbers, specific exploit examples, and a specific companion initiative (Project Glasswing). If you use Claude in your business operations or are considering integrating Claude AI, this announcement is directly relevant to understanding where Anthropic’s model development is heading. 2 2. It is primarily a general-purpose model that happens to be extraordinary at security Anthropic describes Mythos Preview as 'a new general-purpose language model' that 'performs strongly across the board.' The security capabilities are striking and are the focus of the announcement — but they are a consequence of general capability improvements, not a purpose-built security feature. This means Mythos Preview is likely improved across coding, reasoning, analysis, and writing as well — the security capabilities emerged from these general improvements. 3 3. The security capability emerged unexpectedly from general improvements Anthropic explicitly states: 'We did not explicitly train Mythos Preview to have these capabilities. Rather, they emerged as a downstream consequence of general improvements in code, reasoning, and autonomy.' This means Anthropic did not set out to build an AI that could autonomously hack software — it happened as a side effect of making the model generally better. This has implications for every frontier AI lab: general model improvements produce security capability improvements as a side effect. 4 4. Non-experts can use it to find and exploit serious vulnerabilities One of the most significant findings in the disclosure: 'Engineers at Anthropic with no formal security training have asked Mythos Preview to find remote code execution vulnerabilities overnight, and woken up the following morning to a complete, working exploit.' This means the barrier to conducting sophisticated cyberattacks is falling — because AI tools increasingly provide the expertise that previously required years of specialist training. This is the clearest single-sentence summary of why this announcement matters for business security. 5 5. It found zero-day vulnerabilities in every major OS and web browser Zero-day vulnerabilities are previously unknown — not just unpatched, but undiscovered. Mythos Preview found them in every major operating system and every major web browser during testing. The oldest discovered so far: a now-patched 27-year-old bug in OpenBSD — an operating system known specifically for its security focus. This demonstrates that even mature, heavily reviewed software contains undiscovered vulnerabilities that AI can find. 6 6. Its improvement over previous Claude models is dramatic, not incremental The Firefox benchmark is the clearest number: Opus 4.6 (Anthropic’s previous frontier model) developed 2 working exploits from known Firefox vulnerabilities across several hundred attempts. Mythos Preview developed 181. This is not a 10% improvement — it is a 90-fold increase in successful autonomous exploit development on the same benchmark. Anthropic’s own assessment: 'Mythos Preview is in a different league.' 7 7. Anthropic is responding by deploying it defensively first through Project Glasswing Rather than a broad commercial release, Anthropic launched Project Glasswing — a coordinated programme to deploy Mythos Preview to vetted security partners and open source developers to find and patch critical vulnerabilities before the model becomes broadly available. The reasoning: give defenders a head start before similar capabilities are available to potential attackers. Project Glasswing is Anthropic’s responsible release response to what they found during testing. 8 8. Over 99% of the vulnerabilities found have not been publicly disclosed yet Anthropic states that 'over 99% of the vulnerabilities we've found have not yet been patched, so it would be irresponsible for us to disclose details about them.' This means the public announcement — which is already striking — reveals only a fraction of what the model found during testing. The scale of the vulnerability discovery work being conducted through Project Glasswing is substantially larger than what the public disclosure describes. 9 9. The long-term expectation is that AI benefits defenders more than attackers Anthropic explicitly states the expected long-term outcome: 'Once the security landscape has reached a new equilibrium, we believe that powerful language models will benefit defenders more than attackers.' The analogy: automated fuzzers initially raised concerns about enabling attackers, but are now standard defensive tools. AI security tools are expected to follow the same trajectory. The concern is the transitional period — which Anthropic acknowledges 'may be tumultuous regardless.' 10 10. This is a call for urgent, coordinated action — not just from security teams Anthropic concludes their disclosure with 'a call for the industry to begin taking urgent action in response.' This is not a message only for security professionals. Every business that operates software — which in 2026 is every business — has a role in the response: keeping software updated, patching known vulnerabilities promptly, supporting open source security initiatives, and building the internal security practices that the AI-accelerated threat environment requires. 📌 The source for all facts in this post is Anthropic’s official technical disclosure published April 7, 2026 alongside the Claude Mythos Preview announcement. SA Solutions recommends reading the full technical disclosure for business owners and technology leaders who want the complete picture. All specific numbers and quotes are drawn directly from that document. When will Claude Mythos Preview be available for business use? Anthropic’s April 7, 2026 announcement describes an initial limited release through Project Glasswing to vetted security partners and open source developers. Broad commercial availability has not been announced.
Claude Mythos Preview and Open Source Security: What the OSS Community Needs to Know
Mythos and Open Source Security Claude Mythos Preview and Open Source Security: What the OSS Community Needs to Know Anthropic’s Claude Mythos Preview was tested against open source repositories from the OSS-Fuzz corpus. The model found tier-5 vulnerabilities — complete control flow hijacks — in ten separate, fully patched open source targets. This has specific implications for the open source community that this post addresses directly. OSS-FuzzThe corpus Anthropic used for testing — widely used open source projects 10 tier-5Vulnerabilities in fully patched open source targets Project GlasswingIncludes open source developers in its initial partner group Why Open Source Is Specifically Mentioned in the Mythos Disclosure Anthropic’s technical disclosure specifically identifies open source software as a primary context for both the testing and the Project Glasswing deployment. The OSS-Fuzz corpus — a collection of approximately 1,000 widely-used open source projects that Google’s OSS-Fuzz programme continuously tests for vulnerabilities — was used as the benchmark for Mythos Preview’s internal capability testing. These are not obscure projects: they are the foundational open source libraries and tools that underpin a significant portion of the internet’s critical infrastructure. The finding: with a single test run on each of roughly 7,000 entry points across these repositories, Mythos Preview achieved 595 crashes at tiers 1 and 2, several at tiers 3 and 4, and 10 tier-5 full control flow hijacks across fully patched targets. The 'fully patched' qualifier is significant — these are zero-day vulnerabilities in software that has already received the available security updates. They represent previously unknown vulnerabilities that Mythos found autonomously. The Open Source Community’s Dual Role 🔍 Open source as the primary testing target The security research community has long used open source software as a testing ground because the source code is available for analysis — unlike closed-source software, which requires reverse engineering before vulnerability analysis. Mythos Preview’s capability extends to closed-source software as well (Anthropic’s disclosure mentions reverse-engineering exploits on closed-source software), but the most systematic testing and benchmarking is against open source code. Open source projects with large user bases are therefore both the most tested and potentially the highest-impact targets. 🤝 Open source as a Project Glasswing partner Anthropic explicitly includes open source developers in the initial Project Glasswing partner group — alongside critical industry partners. This reflects the dual role of open source software: it is both a primary target for AI-powered vulnerability discovery and a primary beneficiary of coordinated defensive deployment. Open source maintainers who receive vulnerability reports from Project Glasswing through coordinated disclosure and patch them promptly contribute to a more secure software ecosystem for all downstream users of their projects. 💪 Open source as the model for broader security Anthropic’s analogy to OSS-Fuzz is deliberate: that programme — Google’s automated fuzzing of critical open source projects — demonstrates the model for what AI-powered security review at scale can look like. OSS-Fuzz has found and enabled the patching of tens of thousands of vulnerabilities across hundreds of open source projects since 2016. Project Glasswing’s ambition is to do for AI-discovered vulnerabilities what OSS-Fuzz did for fuzzer-discovered vulnerabilities — systematically secure the open source software that underpins critical infrastructure. What Open Source Maintainers Should Do 1 Set up vulnerability disclosure processes now If you maintain an open source project — especially one with significant downstream usage — ensure you have a clear vulnerability disclosure policy and process. This means: a SECURITY.md file in your repository with clear reporting instructions, a private channel for receiving vulnerability reports (a dedicated security email address, GitHub’s private security advisory feature, or HackerOne/Bugcrowd programme), and a documented timeline for acknowledgement and response. AI-powered security tools like those deployed through Project Glasswing will report vulnerabilities through these channels — and if the channels do not exist, reports may be made through less appropriate paths. 2 Participate in OSS-Fuzz if you haven’t already Google’s OSS-Fuzz programme provides free, continuous automated fuzzing for qualifying open source projects. If your project is written in C, C++, Go, Python, Java, or Rust and is critical open source software: apply for OSS-Fuzz integration. The programme has found tens of thousands of vulnerabilities. Given Anthropic’s use of the OSS-Fuzz corpus as a benchmark, projects already in OSS-Fuzz likely have baseline fuzzing coverage — which means AI-powered testing is more likely to find the vulnerabilities that fuzzing missed, which tend to be the more subtle and severe ones. 3 Take vulnerability reports seriously regardless of source As AI-powered vulnerability discovery becomes more common, open source maintainers will receive vulnerability reports from AI systems — either directly or through researchers using AI tools. The quality of AI-discovered vulnerability reports will vary, but the severity of what can be found is real. Treat vulnerability reports with the same seriousness regardless of whether they come from a human researcher, a researcher using AI tools, or an AI system. The vulnerability is real even if the reporting mechanism is novel. How does Project Glasswing prioritise which open source projects to work on? Anthropic’s disclosure does not specify the exact prioritisation criteria for Project Glasswing’s open source engagement. Based on the analogy to OSS-Fuzz, the likely priorities are: projects with large downstream user bases (where vulnerabilities have the broadest impact), projects in security-critical roles (SSL/TLS libraries, authentication systems, network protocol implementations), and projects that are commonly used in critical infrastructure. Open source developers interested in Project Glasswing engagement should monitor Anthropic’s official communications for application processes. What happens to the vulnerabilities found during Project Glasswing? Anthropic uses coordinated vulnerability disclosure — the standard security industry practice where vulnerabilities are reported to the affected maintainer and given time to patch before public disclosure. Anthropic’s own disclosure notes that over 99% of the vulnerabilities found in testing have not been publicly disclosed because they have not yet been patched. As patches are applied, coordinated disclosure allows the vulnerability details to be published — enabling the broader security community to understand what was found and verify that patches are effective. Want to Build Secure Open-Source-Backed Applications?
Responsible AI Release: How Anthropic’s Mythos Announcement Sets a New Standard
Responsible AI Release: The Mythos Standard Responsible AI Release: How Anthropic’s Mythos Announcement Sets a New Standard The way Anthropic released Claude Mythos Preview — limited initial access, technical transparency, coordinated defensive deployment, industry-wide communication — is as significant as the model itself. This post examines what responsible release looks like at the frontier and what the broader AI industry should take from it. LimitedInitial access to vetted defensive partners only TransparentTechnical disclosure of concerning capabilities CoordinatedDefensive deployment before broad release The Four Components of Responsible Release 🔍 Comprehensive capability evaluation before release Anthropic tested Mythos Preview against real security benchmarks — actual open source codebases, actual browser vulnerabilities — before announcing the model. This evaluation discovered the security capability that made a standard broad release inappropriate. The principle: thorough capability evaluation before release, not after. This requires investment in evaluation infrastructure (benchmarks, test environments, evaluation expertise) and a willingness to delay release when concerning capabilities are discovered — which has real commercial cost. 📢 Technical transparency about concerning findings Anthropic published detailed technical information about what Mythos Preview can do — including the specific exploits it constructed, the benchmarks it achieved, and the comparison to prior models. This transparency serves the security community: it allows researchers and defenders to understand the capability level of what is coming, calibrate their own defensive investments accordingly, and contribute to the coordinated defensive response. The alternative — releasing the model without this transparency — would have left the security community unprepared for a capability they would eventually encounter. 🤝 Coordinated defensive deployment before broad access Project Glasswing — deploying Mythos Preview’s capabilities to vetted defensive partners before broad release — is the most operationally demanding component of the responsible release framework. It requires: identifying and vetting appropriate partners, building the deployment and monitoring infrastructure, managing coordinated vulnerability disclosure for the findings, and maintaining the limited-access model while the defensive work proceeds. This has real costs. It is also, Anthropic clearly believes, the right approach. What This Means for AI Industry Norms 1 The evaluation standard Anthropic’s approach implies that frontier AI models should be evaluated comprehensively for security capabilities — not just for the capabilities the model is designed to have, but for the full range of capabilities that may have emerged from general improvement. This is a higher evaluation bar than many current industry practices. Establishing this as a standard — through Anthropic’s example and through regulatory or industry guidance — would mean that every frontier model release includes a security capability evaluation comparable to what Anthropic conducted for Mythos. 2 The transparency norm Publishing technical details of concerning capabilities, including specific benchmark results and the nature of what the model can do, is a transparency norm that the Mythos announcement exemplifies. This is not universal in the AI industry — some releases provide very limited technical detail about capabilities, positive or concerning. The argument for transparency: the security community, policymakers, and the public can only respond appropriately to AI capability advances if they understand what those advances are. Anthropic’s disclosure enables a more informed, effective industry response. 3 The responsible deployment sequence The Mythos release sequence — evaluate, discover concerning capabilities, engage defensive partners, deploy defensively, disclose technically, then proceed toward broader access — is a template for responsible deployment of frontier models with dual-use capabilities. It is more complex, more costly, and slower than standard product release. It is also more aligned with the public interest in a safe transitional period. The industry norm question is whether this sequence becomes standard or remains exceptional. 📌 Anthropic’s description of the transitional period as potentially 'tumultuous regardless' even with responsible release practices is an honest acknowledgement that no release approach eliminates the risk during transition — it only manages it. The goal of the responsible release framework is not to prevent all harm but to ensure that the defensive deployment proceeds faster than the offensive capability diffuses, and that the industry is as prepared as possible when models with similar capabilities become broadly available. Does this approach slow down beneficial AI development? There is a genuine tension between moving quickly to deploy beneficial AI and taking the time for thorough evaluation and responsible release. Anthropic’s approach accepts some commercial cost — delayed broad access, significant investment in Project Glasswing — in exchange for a safer transitional period. Whether other frontier labs adopt similar approaches or prioritise speed will be one of the defining questions for AI safety during this period. Regulation may eventually require similar evaluation and disclosure practices, reducing the competitive disadvantage of responsible release approaches. What can smaller AI labs and businesses building on AI learn from this? The responsible release principles Anthropic demonstrates scale down to smaller contexts: evaluate AI tools for unintended capabilities before broad deployment, be transparent about limitations and risks with users and stakeholders, and build governance frameworks that can identify and respond to concerning uses. For businesses building on Claude or other AI APIs — including via Bubble.io and Make.com — this means implementing appropriate safeguards, monitoring for unexpected uses, and being transparent with users about AI capabilities and limitations in your product. Want to Build AI Applications with Responsible Practices? SA Solutions builds AI-powered business tools with appropriate governance — human oversight, transparent AI disclosure, and security best practices built into every implementation. Build AI Responsibly with SA SolutionsOur AI Integration Services
What Claude Mythos Preview Means for Software Developers and Engineering Teams
Mythos for Software Developers What Claude Mythos Preview Means for Software Developers and Engineering Teams Claude Mythos Preview’s capabilities have direct implications for every software engineering team — not just those working in security. This post addresses what developers and engineering leaders need to understand about Mythos and what they should do differently as a result. EveryMajor OS and browser tested — open source code is the target Zero-dayCapability means new vulnerabilities are being found, not just known ones ActionSpecific steps engineering teams should take now What Developers Need to Know Anthropic’s technical disclosure of Claude Mythos Preview’s security capabilities is directly relevant to software developers even if they are not security specialists. The model was tested against open source repositories — the same type of code that most software teams write and maintain. It found vulnerabilities not just in well-known systems (Firefox, major operating systems) but in the broad corpus of open source projects from the OSS-Fuzz collection — code that is comparable in quality and security investment to most production software. The key finding for developers: Mythos Preview achieved tier-5 (complete control flow hijack) crashes on ten separate, fully patched targets in the OSS-Fuzz corpus with a single test run per target. This means that even software that has been recently patched and is following reasonable security practices is not immune. The model finds vulnerabilities that were not previously known — zero-days — across a wide range of software types. The Engineering Practices That Reduce Exposure 1 Integrate automated security scanning into CI/CD The most effective engineering team response to the AI security capability Mythos represents: implement the same class of automated vulnerability scanning defensively in your own development pipeline. Static application security testing (SAST) tools (Semgrep, CodeQL, SonarQube) analyse code for known vulnerability patterns before it is deployed. Dynamic application security testing (DAST) tools test running applications for exploitable vulnerabilities. Fuzzing tools (libFuzzer, AFL++, honggfuzz) automatically generate inputs designed to find crashes. These tools are the defensive counterpart to what Mythos does offensively — find your vulnerabilities before someone else does. 2 Prioritise memory-safe languages for new development Many of the most serious vulnerability classes that Mythos exploits — buffer overflows, use-after-free, race conditions — are largely eliminated by memory-safe programming languages. Rust, Go, Swift, and modern C++ with appropriate safety features dramatically reduce the attack surface compared to C and C++ written without safety guarantees. For new projects: choose memory-safe languages where feasible. For existing C/C++ codebases: identify the highest-risk components (those exposed to untrusted input, those handling security-sensitive operations) and prioritise their migration or rewrite. 3 Take dependency management seriously as a security practice The vulnerabilities Mythos finds include those in software dependencies — libraries and components that your application uses but your team did not write. Software composition analysis (SCA) tools that inventory all dependencies and flag known vulnerabilities are now a necessary component of any serious security programme. GitHub’s Dependabot, Snyk, and FOSSA all provide this capability. The principle: you are responsible for the security of every component your application ships, including the ones written by others. AI tools that can find zero-days in arbitrary code will eventually find them in your dependencies if you have not already updated to patched versions. 4 Participate in bug bounty and vulnerability disclosure programmes If your team develops software used by others — products, libraries, frameworks — a bug bounty programme and a clear vulnerability disclosure policy give security researchers (and increasingly AI systems acting on behalf of researchers) a legitimate channel for reporting what they find. Without these channels, discovered vulnerabilities may be exploited rather than reported. The security researchers and AI-assisted discovery programmes that will find vulnerabilities in your software are looking for two things: the vulnerability itself, and a clear path to responsible disclosure. Make the disclosure path obvious and well-maintained. The Positive Opportunity for Engineering Teams The same capabilities that make Claude Mythos Preview’s security implications concerning also represent a genuine opportunity for engineering teams that can access similar AI tools defensively. An AI model that can autonomously find zero-day vulnerabilities in your codebase is — when directed at your own code by your own security team — the most powerful security testing tool ever available. The security team that can ask an AI to find remote code execution vulnerabilities overnight and wake up to a complete, working exploit — against their own systems, used to discover and patch before external discovery — has a capability that was previously available only to the most well-resourced security teams. Anthropic’s Project Glasswing is the first structured deployment of this capability for this defensive purpose. As similar tools become more broadly available, engineering teams that have built the processes and expertise to use AI-powered security testing will have a significant defensive advantage. The preparation to use these tools effectively — instrumenting codebases for automated testing, building response processes for AI-discovered vulnerabilities, integrating AI security tools into development workflows — is worth beginning now. Should my team try to access Claude Mythos Preview for security testing? As of the April 7, 2026 announcement, Mythos Preview is in limited release through Project Glasswing — not broadly accessible. For teams wanting to apply AI to security testing now: other AI-assisted security tools are available and useful, including Semgrep (which uses AI for pattern matching), GitHub Copilot’s security features, and Claude or GPT-4 applied to code review tasks. The full autonomous exploit development capability demonstrated by Mythos Preview is not yet available through standard API access, but the direction of travel is clear. How significant is the 27-year-old OpenBSD bug that Mythos found? OpenBSD is known primarily for its security focus — it is arguably the operating system most systematically designed with security as a primary goal, with decades of security-focused code review. Finding a 27-year-old vulnerability in OpenBSD that had survived decades of expert security review demonstrates the depth of Mythos’s vulnerability discovery capability. It also demonstrates that even extremely well-reviewed codebases contain undiscovered vulnerabilities — a
AI and Cybersecurity: The Arms Race That Claude Mythos Just Escalated
AI and the Cybersecurity Arms Race AI and Cybersecurity: The Arms Race That Claude Mythos Just Escalated Cybersecurity has always been an arms race between attackers and defenders. Claude Mythos Preview marks a significant escalation of that race — introducing a new class of AI-powered capability that can find and exploit vulnerabilities autonomously. This post examines what that means for the balance between offense and defense. Arms raceAI accelerates both offensive and defensive capability Short-termRisk during the transitional period Long-termDefenders expected to benefit more than attackers The Historical Pattern: Security Tools and the Attacker-Defender Balance Anthropic’s technical disclosure explicitly frames the Mythos Preview capability in the context of the historical pattern for new security tools. When automated fuzzers were first deployed at scale, the security community had the same concern now being raised about AI: would these tools enable attackers to find vulnerabilities faster than defenders could patch them? They did accelerate vulnerability discovery. But the long-term outcome was net positive for defenders: fuzzers like AFL became standard components of defensive software development, used by projects like Google’s OSS-Fuzz to systematically find and patch vulnerabilities in critical open source software before attackers could exploit them. Anthropic’s expectation is that AI security tools follow the same trajectory — initial period of risk during the transition, followed by a new equilibrium where AI primarily benefits defenders. The reasoning: defenders are a larger, better-organised, and better-resourced constituency than attackers for the purpose of deploying AI security tools systematically. Attackers are motivated individually; defenders — operating systems, browser teams, open source maintainers, security researchers — are motivated collectively and have the infrastructure to deploy AI tools systematically at scale. Why the Transitional Period Is the Critical Risk Window ⏱ The timing asymmetry The risk during the transitional period comes from a timing asymmetry: Mythos Preview (and future models with similar capabilities) exists now. The defensive infrastructure to counter AI-powered attacks does not yet exist at scale. Project Glasswing is Anthropic’s attempt to use this period to patch vulnerabilities before they are discovered by attackers using similar tools — but the programme reaches a limited set of critical systems. The broader software ecosystem — the thousands of open source projects, enterprise applications, and infrastructure components that are not covered by Project Glasswing — remains exposed during this transitional period. 🌐 The democratisation of sophisticated attack capability Anthropic’s finding that non-experts with no formal security training can use Mythos Preview to find and exploit remote code execution vulnerabilities changes the threat model. Previously, the most sophisticated attacks required specialised expertise — which limited the number of potential attackers to those with significant technical skills. AI tools that democratise this capability expand the potential attacker population. This does not mean catastrophic risk is imminent, but it does mean that the baseline security investment required to protect against a broader range of potential attackers is higher than it was before. 🛡 The N-day window compression N-day vulnerabilities — known vulnerabilities with patches available but not yet deployed — have historically given defenders a grace period of days to weeks before exploit code is developed and weaponised. Mythos Preview’s ability to autonomously develop working exploits from known vulnerabilities compresses this window dramatically. A vulnerability disclosed today may have working exploit code within hours if AI tools are applied to it. This changes the urgency calculus for patch deployment and raises the cost of patch management delays. What the Long-Term Equilibrium Looks Like 1 AI-powered defensive scanning as the new standard In the long-term equilibrium Anthropic anticipates, AI-powered vulnerability scanning will be a standard component of software development and deployment. The same capability that Mythos Preview demonstrates — finding zero-day vulnerabilities autonomously in real codebases — will be available to defenders at scale. Open source projects will benefit from AI-powered security review. Enterprise development teams will use AI security tools in their CI/CD pipelines. The result: a higher baseline security quality across the software ecosystem. 2 The advantage shifts to defenders with more to protect Anthropic’s expectation that defenders ultimately benefit more than attackers is grounded in the structural difference between the two sides. Defenders have more to gain from systematic AI-powered security review — they have large, known codebases, established relationships with software maintainers, and the organisational infrastructure to act on vulnerability findings. Attackers benefit from finding a single exploitable vulnerability; defenders benefit from finding and patching all of them. AI tools that search comprehensively are more structurally aligned with the defender’s objective. 3 The role of coordinated disclosure and industry collaboration The Project Glasswing approach — deploying AI defensively to critical systems, then responsibly disclosing vulnerabilities through coordinated processes — is the template for how the industry manages the transitional period. For this to work at scale: software maintainers need to be able to receive, triage, and act on large volumes of AI-discovered vulnerability reports. The security industry’s coordinated disclosure infrastructure — currently designed for human-paced vulnerability discovery — may need to adapt to handle AI-paced discovery rates. Is AI making cyberattacks inevitable for all businesses? No — but the risk profile is changing. AI tools make sophisticated attacks more accessible, which raises the baseline security investment required for businesses that operate internet-connected systems. The most effective response is not to assume breaches are inevitable but to make them harder through systematic patching, reduced attack surface, and stronger detection capabilities. The businesses most at risk are those with significant unpatched known vulnerabilities — the N-day compression that Mythos demonstrates makes legacy, unpatched systems significantly more exposed than they were before. What is the likely timeline for the new security equilibrium? Anthropic does not specify a timeline, and the honest answer is that nobody knows. The fuzzer analogy is instructive but imperfect — AI capability is advancing faster than fuzzer capability did, and the potential applications are broader. The transitional period could be measured in months if the industry responds quickly and coordinated defensive deployment is effective. It could be measured in years if the response is fragmented
Emergent AI Capabilities: What Claude Mythos Teaches Us About How AI Advances
Emergent AI Capabilities Emergent AI Capabilities: What Claude Mythos Teaches Us About How AI Advances The most important line in Anthropic’s Claude Mythos Preview disclosure is this: 'We did not explicitly train Mythos Preview to have these capabilities. Rather, they emerged as a downstream consequence of general improvements in code, reasoning, and autonomy.' This single sentence has profound implications for how we understand AI development. EmergentNot trained — appeared as a consequence of general improvement PredictableDirection but not magnitude or timing Industry-wideImplication for every frontier model developer What Emergent Capability Means In AI development, an emergent capability is one that appears in a model without being explicitly trained for — arising instead from the combination of general capability improvements reaching a threshold where a new, qualitatively different behaviour becomes possible. Anthropic’s disclosure is explicit: the security capabilities of Mythos Preview were not intentionally developed. The same training improvements that made the model better at code understanding, deeper reasoning, and autonomous task completion also — as a consequence — made it dramatically better at finding and exploiting software vulnerabilities. This is not a new phenomenon in AI research — emergent capabilities have been observed and documented as models scale. What makes the Mythos disclosure significant is the clarity with which Anthropic describes what happened: a specific, high-stakes capability — autonomous exploit development — went from near-zero to dramatically effective between model generations, as a side effect of general improvement rather than as a target of training. And the implications of that specific capability make the emergence unusually consequential. Why This Changes the AI Safety Conversation 🧭 Safety cannot only target known capabilities If significant capabilities emerge unexpectedly from general improvements, then AI safety frameworks that focus on preventing the training of specific dangerous capabilities are incomplete. The implication: safety evaluation must be comprehensive and capability-agnostic — systematically testing for a wide range of potential capabilities rather than only for those that were anticipated in the training process. Anthropic’s security-focused evaluation programme (the benchmark that discovered Mythos’s capabilities) is an example of this broader approach. 📈 Capability curves are non-linear Opus 4.6 had a near-zero success rate at autonomous exploit development. Mythos Preview has a dramatically higher success rate on the same benchmark. The improvement was not gradual — it was a step change. This non-linearity is characteristic of emergent capabilities: they do not improve incrementally but appear suddenly when underlying capabilities reach a threshold. For businesses and policymakers trying to anticipate AI capability timelines: the lesson is that the transition from 'cannot do this' to 'can do this reliably' may happen very quickly and without clear warning signals. ⚖️ Responsible development requires proactive evaluation Anthropic’s approach — testing Mythos Preview against real security benchmarks before release, then coordinating a defensive deployment programme — is an example of what proactive capability evaluation looks like. The alternative — releasing a model and discovering its security implications after broad deployment — would have been significantly more problematic. The Project Glasswing initiative exists because Anthropic discovered the capability during internal evaluation and responded proactively rather than reactively. The Broader Implications for AI Development 1 Every frontier model advance warrants comprehensive security evaluation The Mythos disclosure establishes that general model improvements produce security capability improvements as a side effect. This implies that every future frontier model release should include comprehensive security capability evaluation — not as a special case, but as a standard component of the release process. Anthropic’s transparency about what they found and what they did about it is an implicit call for the broader AI industry to adopt similar evaluation practices. 2 The defensive application of AI security capability is urgent Because security capability emerges from general improvement rather than explicit training, the question is not whether future models will have these capabilities — they will, as general capability continues to advance. The question is whether those capabilities are deployed defensively before they become broadly accessible for offensive use. Project Glasswing is Anthropic’s answer to this question for Mythos Preview. The window for similar defensive deployment of future models’ capabilities is determined by how quickly general AI capability advances. 3 The analogy to software fuzzers is instructive and sobering Anthropic explicitly draws the analogy to automated software fuzzers — tools that found many vulnerabilities, raised initial concerns about enabling attackers, but ultimately became critical components of the defensive security ecosystem. The analogy is instructive: the same technology is useful for both finding and creating vulnerabilities, and the security industry found ways to make the defensive application dominant. The sobering part of the analogy is the timeline: the transition from fuzzer concern to fuzzer adoption as a defensive tool took years. The AI security transition may be faster — or slower. Will Anthropic always be able to anticipate emergent capabilities before release? Anthropic’s own disclosure implies this is genuinely difficult. The security capability in Mythos Preview emerged from general improvements — meaning it was not specifically anticipated as a capability that needed to be tested for. Anthropic’s evaluation programme discovered it. The question of whether evaluation programmes can reliably discover all significant emergent capabilities before release is a live research question in AI safety. Anthropic’s approach — broad, systematic capability evaluation rather than only testing for anticipated capabilities — is the current best practice. How should businesses factor emergent capabilities into their AI strategy? The practical implication for businesses using or considering AI tools: the capabilities of today’s AI tools are not necessarily the ceiling of what those tools will be capable of as they are updated. Plan AI integrations with the expectation that capability will improve in ways that may not be fully predictable — and build governance frameworks that can adapt as capabilities change. For security specifically: treat AI-related security assessment as an ongoing practice rather than a one-time evaluation. Want to Build AI Strategy That Accounts for Rapid Capability Change? SA Solutions builds AI systems and strategies that are designed to adapt as capability evolves — not locked to a
Claude Mythos Preview vs Opus 4.6: What Changed and How Big the Leap Is
Mythos vs Opus 4.6: The Performance Gap Claude Mythos Preview vs Opus 4.6: What Changed and How Big the Leap Is Anthropic’s technical disclosure provides unusually specific performance comparisons between Claude Mythos Preview and its predecessor models. The numbers are striking. This post unpacks what the benchmarks actually show and what they tell us about how quickly AI capability is advancing. 181 vs 2Working Firefox exploits: Mythos vs Opus 4.6 on the same test 10 vs 1Tier-5 control flow hijacks in internal benchmarks QualitativeNot incremental — Anthropic’s own description of the leap The Firefox Benchmark: The Most Striking Number Anthropic used a specific, reproducible benchmark to compare the two models: the JavaScript engine vulnerabilities in Mozilla’s Firefox 147 that were patched in Firefox 148. Both models were given the same task: take the identified vulnerabilities and develop working JavaScript shell exploits. Opus 4.6, Anthropic’s previous frontier model, succeeded two times out of several hundred attempts — a near-zero success rate that Anthropic’s own prior writing had noted. Mythos Preview succeeded 181 times in the same benchmark, plus achieved register control (a significant level of system access) on 29 additional attempts. This is not a 10% or 50% improvement — it represents a 90-fold increase in successful exploit development on the same test. Anthropic’s assessment: this puts Mythos Preview 'in a different league' from its predecessor. The Internal Crash Severity Benchmark Metric Sonnet 4.6 Opus 4.6 Mythos Preview Tier 1-2 crashes (basic to moderate) 150-175 150-175 595 Tier 3 crashes (significant) 1 1 Several Tier 4 crashes (severe) 0 0 Several Tier 5 crashes (full control flow hijack) 0 (1 between both) 0 (1 between both) 10 Total repositories tested ~1,000 from OSS-Fuzz ~1,000 from OSS-Fuzz ~1,000 from OSS-Fuzz Entry points per repository ~7,000 total ~7,000 total ~7,000 total What the Numbers Mean 1 Why tier 5 matters most The five-tier crash severity scale that Anthropic uses grades from basic crash (tier 1) to complete control flow hijack (tier 5). A tier-5 crash means the AI has achieved full control over the execution flow of the target programme — the precondition for writing a functional exploit that can be weaponised. Sonnet 4.6 and Opus 4.6 combined achieved a single tier-3 crash between them across the entire benchmark. Mythos Preview achieved 10 tier-5 crashes on fully patched, real-world targets. The jump from 0 tier-5 crashes to 10 across the same benchmark represents the emergence of a qualitatively new capability — not an incremental improvement. 2 Why the Firefox benchmark matters The Firefox JavaScript engine is not a toy or a contrived test environment. It is one of the most hardened, most reviewed codebases in the world — maintained by a large professional security team at Mozilla with continuous investment in security review. Developing working exploits in Firefox’s JS engine requires sophisticated understanding of memory management, just-in-time compilation internals, sandbox escape techniques, and the specific vulnerability classes that affect this class of software. Mythos Preview developing 181 working exploits on this target in testing is a meaningful demonstration of capability. 3 The capability emergence pattern Anthropic explicitly states that these security capabilities were not trained into Mythos Preview — they emerged as a consequence of general improvements in code understanding, reasoning, and autonomous action. This is the most significant observation in the technical disclosure: security capability is not a separate, purpose-trained skill. It is a downstream consequence of general AI capability improvement. Every future frontier model improvement — in code, reasoning, or autonomy — will likely produce further security capability improvements as a side effect, regardless of whether the developer intends this. 📌 Anthropic’s previous writing noted that 'Opus 4.6 is currently far better at identifying and fixing vulnerabilities than at exploiting them' and that it had a 'near-0% success rate at autonomous exploit development.' The jump to Mythos Preview’s performance represents one of the largest documented capability leaps between consecutive frontier model generations in the specific domain of autonomous exploit development. Does this mean Mythos Preview is 'better' than Opus 4.6 in general? Anthropic’s announcement describes Mythos Preview as 'a new general-purpose language model' that 'performs strongly across the board' while being 'strikingly capable at computer security tasks.' The benchmark comparisons in the technical disclosure focus specifically on security capability — which is where the most dramatic improvement is documented. The general-purpose improvements that produced the security capability leap also imply improvements in coding, reasoning, and autonomous task completion across other domains, though Anthropic’s disclosure focuses specifically on the security findings. How does this compare to capability leaps in previous model generations? The documented security capability improvement — from a near-zero success rate to 181 successful exploits on the same benchmark — is unusually large for a single model generation step. Most capability improvements between successive frontier model generations are incremental — measurable on benchmarks but not representing the emergence of entirely new capability categories. The emergence of reliable autonomous exploit development capability, where there was essentially none before, represents the kind of capability step that warrants the 'watershed moment' characterisation Anthropic applies to it. Want to Stay Ahead of AI Capability Advances for Your Business? SA Solutions tracks frontier AI developments and helps businesses understand their practical implications — from security posture to integration opportunity. Book a Free ConsultationOur AI Integration Services
What Claude Mythos Preview Means for Business Cybersecurity in 2026
Mythos and Business Cybersecurity What Claude Mythos Preview Means for Business Cybersecurity in 2026 The Claude Mythos Preview announcement is not just a story about an impressive AI model. It is a signal that the cybersecurity landscape is shifting in ways every business — not just security professionals — needs to understand. This post translates the technical implications into the business decisions that matter right now. Short-termRisk during the transition period Long-termAI benefits defenders more than attackers NowThe actions businesses should take The Business-Relevant Implications ⚠️ The democratisation of sophisticated attacks One of the most significant business implications of Mythos Preview: Anthropic’s engineers with no formal security training were able to ask the model to find remote code execution vulnerabilities overnight and wake up to working exploits. This democratisation of sophisticated attack capability means the barrier to conducting advanced cyberattacks is falling. Businesses that previously only needed to protect against attacks from sophisticated, well-resourced threat actors now need to consider a broader threat landscape — as AI tools with similar capabilities become more widely available. 🛡 The defensive opportunity The same capability that makes Mythos Preview potentially concerning in offensive hands makes it genuinely powerful in defensive hands. Anthropic’s Project Glasswing is applying Mythos to find and patch vulnerabilities before they are exploited. For businesses: the same class of AI tools will increasingly be available to your security teams — allowing systematic vulnerability scanning of your own codebases and infrastructure at a depth and speed previously possible only with very large, specialised security teams. 📈 The N-day vulnerability window is shrinking N-day vulnerabilities — known vulnerabilities for which patches exist but have not yet been deployed — have historically provided a grace period for businesses to patch before widespread exploitation. Mythos Preview’s capability to rapidly turn known vulnerabilities into working exploits shrinks this window. A vulnerability disclosed today may be weaponisable by AI within hours — not the weeks or months that historically characterised the exploit development timeline. This accelerates the urgency of patching known vulnerabilities. What Businesses Should Do Right Now 1 Audit and accelerate patching of known vulnerabilities The Mythos disclosure makes the urgency of patching known vulnerabilities clearer than any previous announcement. N-day vulnerabilities — those with patches available but not yet deployed — are at elevated risk because AI tools can now turn them into working exploits much faster than manual exploit development. Prioritise: all critical and high-severity vulnerabilities in your production systems, especially those in web browsers, operating systems, and network-facing services. Set a target of zero unpatched critical vulnerabilities within 14 days of patch release. 2 Review your software supply chain Mythos Preview demonstrated capability across major operating systems, browsers, and open source codebases. Many businesses run significant open source software in their stack without systematic review of the security of those dependencies. Implement software composition analysis (SCA) tools that inventory all open source dependencies and flag known vulnerabilities. Tools like Snyk, FOSSA, or GitHub’s Dependabot provide this functionality. The open source repositories Anthropic tested against for their internal benchmarks represent the same class of dependencies that appear in most business technology stacks. 3 Increase investment in automated security scanning Anthropic’s internal benchmark uses OSS-Fuzz-style automated testing to evaluate model security capability. The same class of tools is available to businesses for scanning their own codebases. If you develop software: integrate automated security scanning into your CI/CD pipeline. Static analysis (SAST) catches code-level vulnerabilities before deployment. Dynamic analysis (DAST) finds vulnerabilities in running systems. The principle Anthropic demonstrates — that automated tools find vulnerabilities systematically — applies equally to your own security programme. 4 Follow Project Glasswing’s guidance Anthropic has committed to publishing guidance for cyber defenders as part of Project Glasswing. Follow Anthropic’s official channels for updated guidance as the programme develops. The technical disclosure published alongside the Mythos Preview announcement is the first in what will likely be a series of communications — the vulnerability findings from Project Glasswing, as they are responsibly disclosed after patching, will represent some of the most valuable public security intelligence available. ⚠️ Anthropic’s own assessment is direct: the transitional period between now and a new security equilibrium may be tumultuous. This is not alarmism — it is the honest assessment of an organisation that has tested what its model is capable of. Businesses that treat this as a distant, abstract concern risk being caught unprepared. The appropriate response is not panic but deliberate, prioritised defensive action. How does this affect businesses that don’t write software? Businesses that do not develop software are still exposed through the software they use — operating systems, web browsers, cloud services, SaaS tools, and networking equipment. The vulnerabilities Mythos Preview found across major operating systems and browsers affect every business that uses a computer connected to the internet. The practical implication: keep all software updated, prioritise critical security patches, and ensure your cloud providers and SaaS vendors have strong patch management practices — which you can often verify through their published security certifications and transparency reports. Will AI security tools be available to small businesses, or only to large enterprises? Historically, advanced security tools have been available to large enterprises first and smaller businesses later — often much later. The open-source trajectory is different: tools like OSS-Fuzz and AFL that Anthropic cites as analogies became freely available and widely adopted. The expectation is that AI security tools will follow a similar pattern — initially available to well-resourced organisations, eventually becoming standard components of accessible security tooling. Project Glasswing’s inclusion of open source developers — not just enterprise partners — is a signal that Anthropic intends the benefits to extend beyond large enterprise budgets. Want Help Assessing Your Business’s AI and Security Readiness? SA Solutions helps businesses understand the AI landscape and its implications — from integrating AI into operations to understanding how frontier model advances affect your technology risk profile. Book a Free ConsultationOur AI Integration Services
Project Glasswing: Anthropic’s Plan to Use AI to Defend the World’s Critical Software
Project Glasswing Explained Project Glasswing: Anthropic’s Plan to Use AI to Defend the World’s Critical Software Alongside the Claude Mythos Preview announcement, Anthropic launched Project Glasswing — a coordinated initiative to deploy Mythos’ security capabilities defensively before models with similar capabilities become broadly available. This post explains what Project Glasswing is, how it works, and what it means for software security. CoordinatedDefensive deployment before broader model release CriticalInfrastructure partners given priority access ProactivePatching before malicious discovery What Project Glasswing Is Project Glasswing is Anthropic’s structured response to the security implications of Claude Mythos Preview’s capabilities. The core insight driving it: Mythos Preview can find and exploit zero-day vulnerabilities in major operating systems and browsers. This capability will eventually be available in broadly released AI models — either from Anthropic or from others. The window between now and that broader availability is the opportunity to use Mythos defensively — finding and patching the vulnerabilities before attackers with access to similar tools can find and exploit them. Anthropic’s approach is explicitly modelled on the trajectory of earlier security tools like fuzzers (automated software testing tools). When large-scale fuzzers were first deployed, there were legitimate concerns that they would help attackers find vulnerabilities faster. They did. But modern fuzzers like AFL are now critical components of the defensive security ecosystem — used by projects like OSS-Fuzz to systematically secure open source software. Project Glasswing aims to accelerate this same transition to the defensive equilibrium for AI-powered vulnerability discovery. How Project Glasswing Works 🤝 Limited partner access Rather than releasing Mythos Preview broadly, Anthropic is initially deploying it to a limited group of vetted partners: critical infrastructure operators, open source security teams, and select industry partners with the expertise and accountability structures to use the tool responsibly for defensive purposes. This approach allows the defensive patching work to begin immediately while maintaining control over who has access to the most capable version of the tool. 🔍 Coordinated vulnerability disclosure The vulnerabilities Mythos finds through Project Glasswing are handled through coordinated disclosure — the standard security industry practice where vulnerabilities are reported to the affected software maintainers and given time to patch before public disclosure. Anthropic’s technical disclosure explicitly notes that over 99% of the vulnerabilities found in their testing have not yet been patched, which is why they cannot publish details about most of them. The coordinated process protects users during the patching window. 📢 Industry preparation Beyond the direct vulnerability patching work, Project Glasswing includes a public communication component — the technical disclosure that Anthropic published alongside the Mythos Preview announcement. By sharing what they have found and what the model is capable of, Anthropic aims to prepare the broader security industry for the practices that will be needed when models with similar capabilities become widely available. The message: the transition period requires urgent coordinated defensive action, not a wait-and-see approach. The Security Vulnerabilities Found During Testing 1 Zero-day vulnerabilities across major platforms In testing, Mythos Preview identified zero-day vulnerabilities — previously undiscovered vulnerabilities — in every major operating system and every major web browser. Anthropic cannot disclose specifics about the vast majority of these because they have not yet been patched. The ones they can discuss (patched vulnerabilities, including the now-patched 27-year-old OpenBSD bug) demonstrate the depth and breadth of what the model found. 2 The complexity of the exploits The exploits Mythos constructed were not simple: one web browser exploit chained four separate vulnerabilities, writing a complex JIT heap spray that escaped both the renderer and OS sandboxes. Local privilege escalation exploits were obtained by exploiting subtle race conditions and kernel address space layout randomisation (KASLR) bypasses. A remote code execution exploit on FreeBSD’s NFS server granted full root access to unauthenticated users by splitting a 20-gadget return-oriented programming chain across multiple packets. 3 The accessibility of the capability One of the most significant findings in Anthropic’s disclosure: non-experts can also leverage Mythos Preview to find and exploit sophisticated vulnerabilities. Anthropic engineers with no formal security training asked Mythos Preview to find remote code execution vulnerabilities overnight and woke up the following morning to a complete, working exploit. This democratisation of advanced security capability — both for defenders and potential attackers — is the core reason Project Glasswing exists. 📌 The 99% disclosure constraint is significant: Anthropic states that over 99% of the vulnerabilities found during testing have not yet been patched, making it irresponsible to disclose details. This means that even Anthropic’s public technical disclosure — which describes capabilities that are genuinely striking — represents only the tip of what Mythos Preview found. The full scope of the vulnerability discovery work is being managed through coordinated disclosure with affected software maintainers. How can my organisation get involved with Project Glasswing? As of the April 7, 2026 announcement, Project Glasswing is deploying to a limited group of critical industry partners and open source developers. For organisations that operate critical infrastructure or maintain significant open source software, monitoring Anthropic’s official channels (anthropic.com) for application processes or partnership opportunities is the recommended starting point. Anthropic has not yet announced broad public access to the programme. What should software development teams do now in response to Mythos’s capabilities? Anthropic’s technical disclosure includes guidance for cyber defenders. The immediate priorities: ensure your software dependencies are up to date and known vulnerabilities are patched (Mythos demonstrates that N-day vulnerabilities — known but unpatched — can be rapidly weaponised), invest in automated vulnerability scanning of your codebase, participate in bug bounty programmes if you operate significant software, and follow Anthropic’s Project Glasswing communications for updated guidance as the programme develops. Want to Understand AI’s Impact on Your Technology Security? SA Solutions helps businesses navigate the AI landscape — including understanding the security implications of frontier AI advances and how to prepare your technology stack. Book a Free ConsultationOur AI Integration Services
Claude Mythos Preview: What Anthropic Just Announced and Why It Matters
Claude Mythos Preview Claude Mythos Preview: What Anthropic Just Announced and Why It Matters On April 7, 2026, Anthropic announced Claude Mythos Preview — a general-purpose language model with cybersecurity capabilities that Anthropic itself describes as a watershed moment. This post breaks down what was announced, what it can do, and what it means for businesses and the security industry. April 7 2026Official Anthropic announcement date Project GlasswingThe coordinated defensive security initiative launched alongside Mythos WatershedAnthropic’s own word for this capability leap What Anthropic Actually Announced Anthropic released Claude Mythos Preview on April 7, 2026 alongside a detailed technical security disclosure. The announcement had two parts: the model itself (a new general-purpose language model with significantly enhanced code, reasoning, and autonomy capabilities), and Project Glasswing (a coordinated programme to deploy Mythos Preview specifically to help secure critical software infrastructure before its broader release). The model’s most striking characteristic is its cybersecurity capability — specifically its ability to autonomously identify and exploit vulnerabilities in real software systems. Anthropic was transparent about this in their announcement: they had not explicitly trained Mythos Preview for these capabilities. They emerged as a downstream consequence of general improvements in code understanding, reasoning depth, and autonomous action — the same improvements that make the model better at finding and fixing vulnerabilities also make it better at exploiting them. The Key Facts From Anthropic’s Technical Disclosure Fact Detail Model name Claude Mythos Preview Announced April 7, 2026 Type General-purpose language model Standout capability Autonomous cybersecurity vulnerability discovery and exploitation Companion initiative Project Glasswing – deploying Mythos to secure critical software defensively Initial access Limited release to critical industry partners and open source developers Firefox exploit benchmark Mythos developed 181 working exploits vs 2 for Opus 4.6 on the same test Zero-day capability Identified vulnerabilities in every major OS and every major web browser in testing Oldest bug found 27-year-old bug in OpenBSD (now patched) Tier 5 crashes (internal benchmark) 10 full control flow hijacks vs 1 for both Sonnet 4.6 and Opus 4.6 combined Why Anthropic Released This Model Now 🛡 The defensive rationale Anthropic’s stated reasoning: powerful AI security tools will eventually be widely available. The question is whether defenders or attackers get them first. By releasing Mythos Preview initially to a limited group of vetted partners — critical infrastructure operators, open source security teams — Anthropic aims to give defenders a head start. The vulnerabilities Mythos finds can be patched before they are discovered by malicious actors using similar or weaker tools. Project Glasswing is the structured framework for this defensive deployment. 🔍 The transparency rationale Anthropic published technical details of Mythos Preview’s capabilities explicitly to help the security industry understand what is coming. Their technical disclosure notes that over 99% of the vulnerabilities found during testing have not yet been patched — which is why they cannot disclose specifics about most of them. The 1% they can discuss (patched vulnerabilities) already demonstrates, in their words, a substantial leap that warrants urgent coordinated defensive action across the industry. 📊 The capability emergence rationale These security capabilities were not explicitly trained into Mythos — they emerged from general model improvements. This has significant implications: every future general-purpose AI model improvement will likely produce further security capability improvements as a side effect. The industry cannot treat security capability as something that only appears in purpose-built security AI. It will be present in every frontier general model going forward. How Mythos Preview Compares to Previous Claude Models 1 The Firefox benchmark: 181 vs 2 Anthropic used Mozilla’s Firefox 147 JavaScript engine (with vulnerabilities patched in Firefox 148) as a benchmark. Opus 4.6 successfully developed working JavaScript shell exploits 2 times out of several hundred attempts. Mythos Preview developed working exploits 181 times on the same test, plus achieved register control on 29 additional attempts. This is not a marginal improvement — it represents a qualitative leap in autonomous exploit development capability. 2 The internal crash severity benchmark Anthropic tests models against roughly 1,000 open source repositories from the OSS-Fuzz corpus, grading crashes on a five-tier severity scale from basic crash (tier 1) to complete control flow hijack (tier 5). Sonnet 4.6 and Opus 4.6 each achieved approximately 150 to 175 tier-1 crashes, around 100 tier-2 crashes, and a single tier-3 crash each. Mythos Preview achieved 595 crashes at tiers 1 and 2, a handful at tiers 3 and 4, and 10 tier-5 full control flow hijacks across fully patched targets. 3 The zero-day capability In testing, Mythos Preview was capable of identifying and exploiting zero-day (previously undiscovered) vulnerabilities in every major operating system and every major web browser. The vulnerabilities found were often subtle — many decades old. One exploit chained four separate vulnerabilities together, writing a complex JIT heap spray that escaped both renderer and OS sandboxes. Another autonomously wrote a remote code execution exploit on FreeBSD’s NFS server granting full root access to unauthenticated users. Is Claude Mythos Preview available to use now? As of the April 7, 2026 announcement, Mythos Preview is being released in a limited initial phase to critical industry partners and open source developers through Project Glasswing. Broad public availability has not been announced. Businesses interested in access should monitor Anthropic’s official announcements at anthropic.com for updates on when wider access will be made available. Should businesses be concerned about Mythos Preview’s security capabilities? Anthropic’s assessment is clear: in the short term, there is a risk that similar capabilities in broadly released models could benefit attackers if the industry does not prepare defensively. In the long term, they expect AI security tools to benefit defenders more than attackers — the same conclusion reached with earlier security tools like fuzzers. The transitional period — between now and a new equilibrium — is the period of greatest risk. Businesses should use this period to audit their software dependencies, patch known vulnerabilities, and monitor Anthropic’s Project Glasswing guidance. Want to Understand How Claude AI Affects Your Business Security? SA Solutions helps businesses understand the