This is the AI security story of the week, and it is a big one.
Anthropic revealed Claude Mythos Preview, a frontier model with cyber capabilities so strong the company says it will not release it publicly. Per Anthropic and multiple outlets, Mythos has already found thousands of high-severity zero-day vulnerabilities — flaws previously unknown to the developers — in every major operating system and every major web browser, plus a range of other critical software. (VentureBeat, Anthropic)
Let that sink in. A single model found previously unknown, exploitable holes in basically everything you run. Anthropic’s stated reason for keeping it locked up is plain: it is too dangerous to hand out. In their words, they "do not plan to make Claude Mythos Preview generally available due to its cybersecurity capabilities." (VentureBeat)
Project Glasswing: aim it at defense, not offense
Instead of releasing Mythos, Anthropic built Project Glasswing — an effort to channel the model toward cyber defense. The coalition is a who’s-who: Microsoft, Amazon, Google, Apple, Cisco, and NVIDIA, open-source bodies like the Linux Foundation, and financial heavyweights like JPMorganChase. (Anthropic, The Conversation) This week Anthropic expanded access to roughly 150 more organizations across more than 15 countries, reaching into power, water, healthcare, communications, and hardware. (Cloudflare)
The whole idea is to find and fix the holes before attackers find them — to get the patches shipped while the capability is still controlled.
The part that should keep you up at night
Here is the line from Anthropic I cannot stop thinking about: they expect other labs to build models with equivalent cyber capabilities — and some may release them without meaningful safeguards. (VentureBeat)
That is the real story. Anthropic choosing restraint is good. But restraint by one lab does not hold the line if a competitor ships the same capability with the doors open. The genie is described, even if this particular bottle stays corked.
What this means if you are not a security team
I spend my days in IT infrastructure and operations, so let me translate this out of the headlines.
- Patch velocity just became survival. If AI can find zero-days at scale, the window between "vulnerability discovered" and "vulnerability exploited" collapses. The businesses that auto-update and patch fast win. The ones that "get to it next quarter" become the soft targets.
- The asymmetry is the threat. A solo operator or small business cannot run a Project Glasswing. You are relying entirely on your vendors — Microsoft, Apple, your browser, your plugins — to fix what these models find. Pick vendors who patch aggressively and turn on automatic updates everywhere you can. That is your defense.
- Basic hygiene matters more, not less. Multi-factor authentication, least-privilege access, backups you have actually tested. None of that is glamorous, and all of it is what stands between you and an automated attacker.
My take
This is the clearest example yet of the double edge on frontier AI. The same capability that can secure critical infrastructure can wreck it, and the only thing separating the two is who holds the model and how responsibly. I give Anthropic real credit for not shipping this one and for organizing the defense first. But "we chose not to release it" is a policy, not a law of nature — and within days, Washington forced the question by pulling Anthropic’s top models offline. The honest takeaway is that the cyber defense game is about to get faster and harder for everyone, and the time to tighten your own basics is now — before the version with no safeguards shows up.
News commentary by Brad Rowland — IT Infrastructure and Operations leader, automation builder, and AI implementer. Sources are linked inline.
