Anthropic Built an AI That Found 3,000 Zero-Day Vulnerabilities. Then They Refused to Release It.

On April 7, 2026, Anthropic did something no major AI company had done before. It announced its most powerful model ever built, showed the world what it could do, and then said: you cannot have it. Claude Mythos Preview is not available on the API. There is no waitlist. There is no pricing page for the general public. The model that scores 93.9% on SWE-bench, 97.6% on USAMO 2026, and has autonomously discovered over 3,000 high-severity security vulnerabilities in every major operating system and web browser is being kept behind closed doors. On purpose.

This is not a marketing stunt. It is a signal that the AI industry just crossed a line that changes the conversation for every business, not just those in tech.

What Mythos Actually Did

The numbers alone are striking. Claude Mythos Preview scored 93.9% on SWE-bench Verified, a 13.1 percentage point jump over Claude Opus 4.6's already-leading 80.8%. On SWE-bench Pro, it hit 77.8%. On USAMO 2026, a competition-level mathematics benchmark, it scored 97.6%, surpassing GPT-5.4's 95.2%. On the GPQA Diamond science benchmark: 94.5%. On OSWorld for computer use: 79.6%. These are not incremental improvements. This is a step change.

But the benchmarks are not why Anthropic held back the release. The cybersecurity findings are. According to Anthropic's own disclosure, Mythos Preview autonomously identified and exploited vulnerabilities that had evaded human security researchers and automated tools for decades. A 27-year-old TCP vulnerability in OpenBSD, one of the most security-hardened operating systems in the world, used to run firewalls and critical infrastructure. A 16-year-old vulnerability in FFmpeg that automated fuzzing tools had tested five million times without detecting. A remote code execution vulnerability in FreeBSD's NFS that allowed complete server takeover from an unauthenticated user anywhere on the internet.

The comparison with previous models is staggering. When testing exploitation of Firefox's JavaScript engine, Claude Opus 4.6 succeeded only 2 times out of hundreds of attempts. Mythos Preview developed working exploits 181 times. On the OSS-Fuzz corpus benchmark, Mythos achieved tier-5 control flow hijack on 10 fully patched targets versus zero for Opus 4.6. In one case, the model autonomously chained four vulnerabilities together using JIT heap spray techniques to escape both a browser renderer and an OS sandbox, a feat that would typically require a specialized team of security researchers working for weeks.

Project Glasswing: Defense Before Offense

Rather than releasing the model publicly, Anthropic launched Project Glasswing, a consortium of 12 major organizations tasked with using Mythos exclusively for defensive cybersecurity. The launch partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Over 40 additional organizations maintaining critical software infrastructure received extended access.

Anthropic committed $100 million in model usage credits for Glasswing participants, plus $2.5 million to the Linux Foundation's Alpha-Omega and OpenSSF initiatives and $1.5 million to the Apache Software Foundation. Mythos Preview is available to these partners at $25/$125 per million input/output tokens through the Claude API, Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry.

The logic is straightforward but unprecedented: give the defenders a head start. Within 90 days, Anthropic will publicly report findings and patched vulnerabilities. The goal is to fix the most critical issues before models with similar capabilities inevitably become more widely available.

The Reaction Was Immediate

This was not a quiet product announcement. According to CNBC, Vice President Vance and Treasury Secretary Bessent separately questioned tech executives and bank heads about the implications. The IMF's managing director publicly expressed concern about the cybersecurity risks posed by the model. The European Commission backed Anthropic's staged rollout, citing large-scale cyber risk. Canadian banking regulators held emergency meetings.

The global response tells you something important: this is not just an AI story. It is a national security story. When a single AI model can find vulnerabilities that the entire security industry missed for 27 years, the implications extend far beyond the tech sector.

Will You Ever Be Able to Use Mythos?

Anthropic has been direct about this. They do not plan to make Claude Mythos Preview generally available. The word "Preview" is doing heavy lifting in that sentence. Their stated goal is to enable "safe deployment of Mythos-class models at scale" through future Claude Opus releases with improved safeguards. In practice, that means the capabilities Mythos demonstrates today will eventually trickle into models you can actually use, but only once Anthropic has built guardrails it trusts.

For businesses evaluating AI, this creates a paradox. The most capable model ever built is not accessible to you. But the fact that it exists tells you exactly where the capability curve is heading. The cybersecurity capabilities that Mythos demonstrates are, as Anthropic themselves noted, a "downstream consequence of general improvements in code, reasoning, and autonomy." Make the model better at reasoning and coding, and it automatically becomes better at finding vulnerabilities. The dual-use problem is not a separate issue. It is built into the architecture of improvement itself.

What This Means for the AI Cybersecurity Market

The timing is significant. According to industry research, the AI vulnerability scanning market will grow from $3.06 billion in 2025 to $6.62 billion by 2030. The broader AI cybersecurity market is projected to reach $109 billion by 2032. But Mythos has accelerated the timeline on both sides: AI can now find and exploit vulnerabilities faster than any human team, which means defensive AI becomes not optional but existential.

A 2026 cybersecurity trends report found that 45% of security professionals now rank automated vulnerability scanning and exploit chaining as their top concern, second only to hyper-personalized phishing at 50%. In 2025, more than 48,000 CVEs were published, a 38% increase from 2023, and 41% of zero-day vulnerabilities were discovered through AI-assisted reverse engineering by attackers. Mythos Preview pushes the defensive capability far ahead of what attackers currently have access to. The question is how long that lead lasts.

The Bigger Picture for Business

At Triad, we see Mythos as a watershed moment for two reasons. First, it proves that AI capabilities are not advancing in a straight line. They are accelerating in ways that surprise even the people building them. A 13-point jump on SWE-bench between model generations is not supposed to happen. Capabilities emerging that require you to rethink your release strategy are not supposed to happen. They happened anyway.

Second, it changes the conversation about AI risk from abstract to concrete. When an AI model can develop working exploits 181 times where its predecessor succeeded only twice, you are no longer talking about hypothetical future risks. You are talking about today.

For business owners, the practical takeaway is twofold. Your cybersecurity posture needs to assume that AI-powered vulnerability discovery is now the baseline, not the exception. And your AI strategy needs to account for the fact that model capabilities are advancing faster than anyone predicted, including the companies building them. Mythos was not planned as a cybersecurity breakthrough. It just became one, as a side effect of getting better at everything else.