Anthropic's Mythos Looks Extremely Powerful, but Public Proof Is Still Limited

On April 7, 2026, Anthropic officially announced Claude Mythos Preview through its new Project Glasswing cybersecurity initiative. That matters because the company is not describing Mythos as a niche security tool. It is describing it as an unreleased general-purpose frontier model whose coding, reasoning, and autonomous exploitation abilities are strong enough that Anthropic does not plan to make it generally available.

That makes the right question narrower than the hype cycle. It is not whether Mythos sounds dramatic. It is whether the published evidence shows a model that is genuinely more powerful than today's public frontier systems.

What is actually verified

The strongest facts currently available all come from Anthropic's own official release materials, not from rumor or leak coverage.

Anthropic's Glasswing announcement says Mythos Preview has already found thousands of high-severity vulnerabilities, including some in every major operating system and every major web browser. The company also says the model is strong enough that it can outperform all but the most skilled humans at finding and exploiting software vulnerabilities.

Anthropic published concrete benchmark deltas against Claude Opus 4.6, which is the most useful public comparison point right now:

• CyberGym: 83.1% for Mythos Preview versus 66.6% for Opus 4.6
• SWE-bench Verified: 93.9% versus 80.8%
• SWE-bench Pro: 77.8% versus 53.4%
• Terminal-Bench 2.0: 82.0% versus 65.4%
• OSWorld-Verified: 79.6% versus 72.7%
• BrowseComp: 86.9% versus 83.7%, while Anthropic says Mythos used 4.9 times fewer tokens
• GPQA Diamond: 94.6% versus 91.3%
• Humanity's Last Exam with tools: 64.7% versus 53.1%

If those figures hold up, Mythos is not just marginally better. It is a substantial jump on code-heavy and agentic tasks, with a smaller but still real gain on difficult reasoning benchmarks.

Where the power claim gets more serious

The most striking evidence is in Anthropic's red-team writeup, which goes beyond leaderboard scores.

According to Anthropic's published testing, Mythos Preview:

• found a now-patched 27-year-old OpenBSD vulnerability,
• found a 16-year-old FFmpeg bug in code that automated testing had executed five million times without catching the issue,
• chained together Linux kernel bugs to escalate from ordinary user access to root,
• identified and exploited zero-day vulnerabilities in every major operating system and every major browser when explicitly directed to do so.

Anthropic also disclosed a comparison that makes the jump from Opus 4.6 easier to understand. In one Firefox JavaScript-engine exploit benchmark, the company says Opus 4.6 produced working exploits only two times out of several hundred attempts, while Mythos Preview produced 181 working exploits and achieved register control in 29 more cases.

That is the kind of gap that suggests a capability threshold has been crossed, at least in the domains Anthropic tested most heavily.

What is not independently established yet

This is the part that should temper every hot take.

As of April 8, 2026, Mythos is not publicly released. Anthropic says it does not plan to make Mythos Preview generally available. Access is being limited to Project Glasswing partners and a broader set of critical-infrastructure and open-source security participants.

That means outside researchers cannot yet run broad public replication tests against the model. It also means many of the most dramatic claims remain difficult to audit from the outside because Anthropic is withholding technical details for coordinated vulnerability disclosure. In its red-team post, the company says more than 99% of the vulnerabilities it found have not yet been patched, so full disclosure would be irresponsible.

There is also an important epistemic limit here: the benchmark tables, the exploit anecdotes, and the severity labels are all currently Anthropic-reported. Some of that evidence is strong, but it is still not the same thing as open public evaluation.

So how powerful is Mythos, really?

The fact-checked answer is that Mythos appears to be genuinely much stronger than Claude Opus 4.6, especially in agentic coding, vulnerability discovery, and exploit development. Anthropic's own numbers are too large and too consistent across multiple benchmarks to dismiss as marketing fluff.

But the stronger claim, that Mythos has clearly entered a class where it can rival elite human offensive security researchers across the board, is not fully settled in public. That conclusion is plausible based on what Anthropic published, yet it still rests mostly on Anthropic's internal evidence and selected partner access rather than open public benchmarking.

In practical terms, Mythos looks less like a routine model refresh and more like a restricted system that Anthropic believes crosses a real danger threshold. The unusual part is not only the benchmark spread. It is the deployment decision: Anthropic is saying, in effect, that the model is useful enough to spend up to $100 million in credits and millions more in direct support to harden infrastructure, while still declining to release it broadly.

Bottom line

The credible, source-backed version of the story is that Claude Mythos Preview is probably one of the most powerful AI models publicly described so far, particularly on security-relevant coding and autonomous exploitation tasks. What is verified is strong enough to take seriously. What is not yet verified is the full outer limit of the model, because the public still cannot test it directly.

That makes Mythos less a normal product launch than a warning shot: the model may already be powerful enough to change how defenders and attackers think about software vulnerability discovery, even before the broader market gets access to anything like it.

Sources

• Anthropic: Project Glasswing
• Anthropic Frontier Red Team: Assessing Claude Mythos Preview's cybersecurity capabilities
• TechCrunch: Anthropic debuts preview of powerful new AI model Mythos in new cybersecurity initiative