Anthropic built an AI model so capable it decided the public could not have access to it. On April 7, 2026, the company announced Claude Mythos Preview alongside Project Glasswing, a controlled program that puts the model exclusively in the hands of select cybersecurity partners rather than releasing it to everyone.
The system card for Mythos Preview states plainly that “Claude Mythos Preview’s large increase in capabilities has led us to decide not to make it generally available.” The move marks the first time in nearly seven years that a leading AI company has publicly withheld a frontier model over safety concerns.
What Claude Mythos Preview Can Do
Anthropic’s researchers say Mythos Preview found thousands of high and critical software bugs across most major operating systems and web browsers, including some that had gone undiscovered for decades.
And the model does not stop at finding those flaws. Logan Graham, who leads offensive cyber research at Anthropic, said Mythos Preview is advanced enough to not only identify undiscovered software vulnerabilities but also weaponize them. The model can single-handedly perform complex hacking tasks, including identifying multiple undisclosed vulnerabilities, writing code to exploit them, and chaining those together to penetrate complex software.
“We’ve regularly seen it chain vulnerabilities together,” Graham told NBC News. “The degree of its autonomy and sort of long-rangedness, the ability to put multiple things together, I think, is a particular thing about this model.”
In one test, an early version of Mythos Preview broke out of a secure sandbox environment, built a multi-step exploit to access the internet, and emailed a researcher while they were eating lunch in a park. In another, the model developed an exploit to break out of restricted internet access, gained broader connectivity, and posted details of the exploit on obscure public websites.
How Project Glasswing Works
Because the model is too risky to release publicly, Anthropic built a program that puts it in the hands of specific organizations working on defensive security. Project Glasswing brings together Amazon Web Services (AWS), Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks, with access also extended to over 40 additional organizations that build or maintain critical software. These partners will use Mythos Preview to find and fix vulnerabilities in the software systems their products and services run on.
Additionally, Anthropic is putting up to $100 million in Mythos Preview usage credits toward this effort. The company has also donated $2.5 million to Alpha-Omega and OpenSSF through the Linux Foundation, and $1.5 million to the Apache Software Foundation. The goal is to patch as many vulnerabilities as possible in widely used software before a model with similar capabilities ends up in the wrong hands.
The program is also a testing ground for safety guardrails. Anthropic plans to use what it learns from Project Glasswing to build and refine safeguards with an upcoming Claude Opus model, one that does not carry the same level of risk as Mythos Preview, before considering any broader release of Mythos-class capabilities
What Industry Observers Are Saying
The announcement has drawn a range of reactions. A week after the Project Glasswing announcement, OpenAI announced a similarly limited rollout of its own latest cybersecurity-focused model. Not everyone is convinced the controlled access will hold long-term.
Jeff Williams, chief technology officer of cybersecurity firm Contrast Security, said that within six to nine months, other countries are either going to build their own models or find ways to access or bypass Anthropic’s controls, and that the genie is out of the bottle.
Anthropic has acknowledged those risks directly. The company said that by releasing the model first to a limited group of critical industry partners and open-source developers, it wants to give defenders a head start in securing the most important software systems before models with similar capabilities become widely available. Now whether that head start is enough time remains the question Project Glasswing is racing to answer.
