Claude Mythos: Anthropic's Most Powerful AI Model Yet

Anthropic's Claude Mythos preview showcases unprecedented AI capabilities, but access is limited to select partners for security reasons.

Introduction

Last night, Anthropic released the preview of Claude Mythos, which has caused a stir in the AI community.

Claude Mythos is officially claimed to be “the most powerful AI model to date,” representing a new level of capability that significantly surpasses its predecessor, Claude Opus 4.6.

From the data and results currently displayed, this is not just marketing talk; it represents a genuine qualitative leap. In almost all public benchmark tests, the Claude Mythos preview version ranks first, with remarkable improvements:

  • For software engineering, SWE-bench Verified jumped from 80.8% with Opus 4.6 to 93.9%, and SWE-bench Pro increased from 53.4% to 77.8%.
  • In high-difficulty mathematical reasoning, USAMO 2026 scores soared from 42.3% to 97.6%—nearly full marks.

Image 1

It can be said that it is currently the strongest model on Earth.

These are just a few “small” examples. More impressively, Anthropic has conducted actual tests over the past few weeks, where the Mythos preview autonomously discovered thousands of high-risk zero-day vulnerabilities in mainstream operating systems and browsers, including the Linux kernel, OpenBSD, Firefox, FFmpeg, and other core components.

Many vulnerabilities had gone unnoticed by human security teams for over a decade, such as a remote crash vulnerability in OpenBSD that had been hidden for 27 years. Anthropic confidently states that the Mythos preview far exceeds any other AI model in cybersecurity capabilities.

This is not just a “better Claude”; it writes code, performs reasoning, and handles security with unprecedented autonomy and depth. Developers were initially looking forward to “finally liberating productivity completely,” but the outcome is:

Anthropic has closed the door.

Yes, for now, the Claude Mythos preview is not open to the public. According to the official statement, the Mythos preview is currently only used for “defensive cybersecurity” and is accessible to only 12 partners (including AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks) and over 40 organizations that build or maintain critical software infrastructure.

Image 2

Why Keep the Strongest Model Under Wraps?

So why is a “strongest model” being kept hidden from public use?

The Need for a Transition

First, it is clear that the Claude Mythos preview, or similarly powerful supermodels, will eventually be made available to the public. Anthropic states very plainly:

“While we currently have no plans to open the Claude Mythos preview to the public, our ultimate goal is to enable users to safely deploy Mythos-level models at scale—not only for cybersecurity but also for the countless other benefits these powerful models will bring.”

As the official blog hints, this model is “too dangerous.”

At the end of last year, Google Threat Intelligence Group (GTIG) discovered two real samples, PromptFlux and PromptSteal, which could dynamically generate malicious scripts while directly connecting to commercial large models (like the Gemini API) during runtime, obfuscating their code in real-time, and creating new functionalities based on the target environment, completely bypassing traditional signature detection.

This is not an isolated case. According to a report by market research firm SQmagazine, the number of AI-driven cyberattacks reported globally has increased by 47%, with expectations of exceeding 28 million incidents.

Looking back, the vulnerability-finding capability of the Mythos preview is already evident. Compared to the near-zero success rate of Claude Opus 4.6 in autonomously discovering and exploiting vulnerabilities, the performance of the Mythos preview can be described as phenomenal.

For example, in the case of a vulnerability found in Mozilla Firefox’s 147 JavaScript engine (now patched), Claude Opus 4.6 attempted to exploit the vulnerability hundreds of times, succeeding only 2 times; whereas Claude Mythos successfully exploited the same vulnerability 181 times in the same test.

Image 3

Additionally, test reports indicate that in internal red team tests over the past few weeks, the offensive capabilities displayed by the Mythos preview have far surpassed those of top human security experts. It can not only “find vulnerabilities” but also autonomously discover, chain exploit, and identify thousands of high-risk zero-day vulnerabilities.

As we know, hackers can be white hats or black hats. White hat hackers typically notify project managers of security vulnerabilities and even proactively patch them in open-source projects. In contrast, black hat hackers may exploit these vulnerabilities to attack systems.

Mythos can both attack and defend, but its offensive potential is concerning. If it falls into the hands of malicious actors, it could instantly arm an AI-level attack chain. Anthropic itself states that this is not an ordinary cutting-edge model; its general capabilities are strong enough to elevate cyber warfare to a new dimension.

The ongoing cat-and-mouse game in the field of computer security has always been about “the devil is in the details.” The security battles surrounding AI large models have also been a focus for the industry, especially for major companies. For instance, ByteDance and Ant Group have hosted similar AI large model attack and defense competitions over the past two years, discovering and addressing security challenges in the AI era.

Image 4

However, Anthropic also points out that in the long run, powerful language models like Mythos will benefit the “blue team” in defense. But in the short term, if the Mythos preview were opened to the public, it would quickly be exploited by attackers to launch unprecedentedly efficient attacks on the global network. The key issue is that defensive actions are more passive, while offensive actions are more proactive, and considering incentives, attackers are more motivated to actively use models like the Mythos preview.

Thus, to ensure a “smooth transition,” Anthropic has launched the “Glasswing Project.”

The project name is inspired by a widely distributed butterfly in the Americas, known as the glasswing butterfly, which, despite its seemingly fragile transparent wings, can carry up to 40 times its own weight.

Image 5

Glasswing Project Logic

The logic behind the Glasswing Project is simple: allow defenders to obtain the weapons first, patch all vulnerabilities before attackers gain access to the same level of AI, and learn to defend against advanced AI threats.

From this perspective, it is indeed correct not to open the strongest model of Claude to the public. Moreover, even from the standpoint of ordinary Claude users, the temporary non-release of the Claude Mythos preview is more beneficial than harmful.

The Benefits of Not Opening the Strongest Model

Many people are disappointed to see the Mythos preview not being open to the public: why not let everyone use such a powerful model?

However, if you are an ordinary Claude user or a developer relying on Claude Code for coding and project work, you might discover a somewhat counterintuitive fact: temporarily not opening the Mythos preview is actually more beneficial for us.

Let’s discuss some recent pain points that many have felt.

Since around February of this year, Claude and Claude Code have experienced a “monumental performance degradation.” Posts related to this issue have flooded Reddit’s r/ClaudeCode and r/ClaudeAI, with some users directly posting, “4.6 Regression is real!” and others complaining, “Claude Code has been dumb over the last 1.5-2 days.”

Image 6

Some developers have tracked data showing that the number of file reads has dropped from 6-7 times to just about 2 times, and the model has become increasingly “lazy” in complex tasks, with noticeably shallower reasoning depth, often opting for edit-first rather than researching first.

AMD AI director Stella Laurenzo even publicly stated that Claude Code has become “dumber and lazier,” and cannot be trusted for complex engineering tasks.

Boris, a member of the Claude Code team, acknowledged on Hacker News that some agentic use cases have experienced regression, attributing the core changes to the introduction of “redact-thinking” and Adaptive Thinking in February, which allowed the model to decide how long to think, resulting in a roughly 67% decrease in depth for complex tasks.

Image 7

Similar sentiments have been echoed on X, with developers complaining that Claude Code has devolved into an “intern” that requires constant supervision.

Why has this happened?

The training dynamics of ultra-large parameter models dictate that whenever major companies sprint towards the next generation of the “strongest model,” they require massive computational power. Before the release of Gemini 3.0 / 3.1, the 2.5 Pro version faced multiple complaints from developers about becoming “dumber” after silent updates, with issues like forgetting long context and increased failure rates in logical tasks. Similar situations occurred before the release of GPT-5, where the 4o version experienced shorter outputs, laziness, and mechanical responses to complex instructions.

Computational resources are limited; training a new-level model like Mythos is extremely costly, and resources can only be “squeezed” from the current models through dynamic load balancing, adaptive effort reduction, or even light optimization. The result is the “dumber, lazier” experience that users have felt.

Moreover, the user base for Claude Code has grown beyond expectations, leading to infrastructure strain, while the training and testing of the Mythos preview (internally known as Capybara) must prioritize top-tier GPUs. Therefore, when the Mythos preview is released but not opened to the public, users need not worry about further dilution of computational power, which could lead to a decline in the quality of Claude or Claude Code.

For ordinary Claude users, the experience will actually be more stable.

Image 8

On the other hand, Anthropic is using Mythos in the Glasswing Project to help major companies and open-source projects patch vulnerabilities. Once these vulnerabilities are fixed, they will ultimately benefit all users indirectly.

When Anthropic is ready to control risks and prepare infrastructure more thoroughly, and safely deploy Mythos-level models at scale, what ordinary users will receive will be a truly stable, powerful experience that won’t degrade every few days, rather than rushing to release it now and subjecting everyone to the chaos of resource competition.

Conclusion

The emergence of the Claude Mythos preview has laid bare a harsh yet realistic issue for everyone: the more powerful AI becomes, the more real the risks.

When the offensive capabilities of the strongest model have already far surpassed the current defense systems, Anthropic’s choice to “not let people use it” is not conservatism but rather a way to buy time for the entire industry, allowing defenders to reinforce their foundations and enabling ordinary users to maintain a relatively stable Claude experience, rather than being caught up in the chaos of resource competition and security loss.

For most, this may be the best arrangement for now.

AI Notes

Was this helpful?

Likes and saves are stored in your browser on this device only (local storage) and are not uploaded to our servers.

Comments

Discussion is powered by Giscus (GitHub Discussions). Add repo, repoID, category, and categoryID under [params.comments.giscus] in hugo.toml using the values from the Giscus setup tool.