Anthropic's most powerful AI ever built — and the one they're too afraid to release. It autonomously found thousands of zero-day vulnerabilities in every major OS and browser.
Claude Mythos Preview is the most capable model Anthropic has ever built. It was accidentally exposed through a data leak in late March 2026 before Anthropic officially announced it on April 7 — nine days before the public release of Claude Opus 4.7.
In internal testing, Anthropic used Mythos to scan major software infrastructure — and the results alarmed them. Mythos autonomously discovered thousands of zero-day vulnerabilities across every major operating system and every major web browser. Not with human guidance. Autonomously, after a single request to find bugs.
One specific example stands out: Mythos fully autonomously identified and then exploited a 17-year-old remote code execution vulnerability in FreeBSD — a flaw that allowed root access on any machine running NFS. No human was involved after the initial request.
Anthropic concluded that releasing this capability to the general public — before the defensive infrastructure to counteract it exists — would be irresponsible. Instead, they launched Project Glasswing: a controlled program to use Mythos offensively but defensively, letting the world's largest software companies find and fix their vulnerabilities before attackers can find and exploit them.
Anthropic publicly conceded that Claude Opus 4.7 — their best publicly available model — does not match the performance of Mythos. This is the first time a major AI lab has acknowledged it's holding back its most capable model from the public on safety grounds.
Anthropic's controlled initiative to use Mythos defensively — find vulnerabilities before attackers do.
These organizations are using Claude Mythos Preview to scan their own systems — operating systems, browsers, cloud platforms, financial infrastructure — and patch vulnerabilities before malicious actors can find them. Anthropic's long-term goal is to make Mythos-class models safely deployable at scale, but there is no announced timeline for a public release.
What you can actually access today versus what's being held back.
| Feature | Claude Mythos | Claude Opus 4.7 |
|---|---|---|
| Public availability | No — 12 partners only | Yes — API + claude.ai |
| Input pricing | $25 / 1M tokens | $5 / 1M tokens |
| Output pricing | $125 / 1M tokens | $25 / 1M tokens |
| Cybersecurity capabilities | Extreme — autonomous zero-day discovery | Deliberately reduced |
| Overall capability | Most capable ever built | Most capable publicly available |
| Coding (SWE-bench Pro) | Not benchmarked publicly | 64.3% (#1 public model) |
| Access path | Project Glasswing only | API, claude.ai, AWS, Google, Azure |
Important: Anthropic deliberately scaled back cybersecurity capabilities in Opus 4.7 compared to Mythos. This wasn't a technical limitation — it was a deliberate safety decision to make the publicly available model less able to autonomously attack systems.
Mythos accidentally leaked via a data exposure. Anthropic confirms its existence.
Anthropic officially announces Claude Mythos Preview and Project Glasswing. 12 partner organizations receive access.
Anthropic releases Claude Opus 4.7 to the public — explicitly acknowledging it's the second-best model, behind Mythos.
Anthropic's stated goal: eventually release Mythos-class models safely at scale. No timeline announced.
Claude Mythos Preview is Anthropic's most capable AI model ever built, announced April 7, 2026. It is not publicly available. Anthropic is restricting access to 12 launch partners through Project Glasswing because of its extreme cybersecurity capabilities — it can autonomously discover and exploit zero-day vulnerabilities in major software systems.
Anthropic determined that Mythos poses too great a risk for broad release. In internal testing, Mythos autonomously discovered thousands of zero-day vulnerabilities across every major operating system and browser — and exploited a 17-year-old RCE in FreeBSD entirely without human involvement. The company concluded that releasing it publicly before defensive capabilities catch up would be irresponsible.
Project Glasswing is Anthropic's initiative to use Claude Mythos Preview defensively. Anthropic committed $100M in model usage credits to 12 launch partners — AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks — to find and fix vulnerabilities in critical shared infrastructure before attackers can exploit them.
Claude Opus 4.7 is Anthropic's most capable publicly available model. Anthropic has publicly acknowledged that Opus 4.7 does not match the performance of Mythos — it's explicitly positioned as second-best. Mythos is priced at $25/$125 per million tokens (5× more than Opus 4.7's $5/$25) for its limited preview partners.
Anthropic's stated goal is to eventually enable users to safely deploy Mythos-class models at scale — for cybersecurity and beyond. There is no announced timeline. The company wants to develop the safety and defensive infrastructure necessary before a broad release.
Mythos' existence was accidentally revealed through a data leak in late March 2026 before Anthropic officially announced it on April 7, 2026.
One notable example: Mythos fully autonomously identified and then exploited a 17-year-old remote code execution vulnerability in FreeBSD — a flaw that allowed root access on any machine running NFS. No human was involved in either the discovery or exploitation after the initial request was made.
