Anthropic Shares Claude Mythos With 40 Infrastructure Groups as Hacker Exploitation Fears Grow
Updated
Updated · The New York Times · May 12
Anthropic Shares Claude Mythos With 40 Infrastructure Groups as Hacker Exploitation Fears Grow
8 articles · Updated · The New York Times · May 12
About 40 organizations that maintain critical computer infrastructure received Anthropic’s Claude Mythos so they could find and patch vulnerabilities before hackers exploit them.
Anthropic limited the model’s release to a small circle that also included Microsoft, Google and other select groups, saying Mythos was too powerful for broad public access.
The restriction has split cybersecurity experts: some back the narrow rollout as a safety measure, while others say wider researcher access is needed to test what the system can and cannot do.
Washington has taken notice — the White House is weighing an executive order to create an AI working group and potentially a formal review process for new AI models.
If smaller AIs can replicate Mythos's hacking skills, is restricting the 'super-AI' a futile gesture against an inevitable cyber threat?
Anthropic's AI found security flaws decades old. What other ticking time bombs in our digital world will AI uncover next?
Claude Mythos Uncovers 1,000s of Zero-Day Vulnerabilities: Project Glasswing, AI Cybersecurity Reckoning, and the Global Race for Control
Overview
In April 2026, Anthropic introduced Claude Mythos, an advanced AI model described as a major cybersecurity breakthrough. Claude Mythos stands out for its unprecedented ability to autonomously discover and exploit vulnerabilities across all major operating systems and web browsers. This model marks a significant leap in cyber skills, as it can identify software flaws that have escaped human experts and automated tests for decades. Its sophisticated reasoning allows it to read code, spot hidden vulnerabilities, and develop complex exploits. At launch, Anthropic revealed that Claude Mythos had already uncovered thousands of high-severity vulnerabilities in widely used software.