Anthropic's Mythos Model Found Zero-Days in Every Major OS — So Anthropic Locked It Down
Anthropic's unreleased Mythos model discovered vulnerabilities in every major operating system and web browser during testing, including bugs believed to be decades old — prompting Anthropic to restrict access to only 40 pre-approved organizations via its Project Glasswing program. It's the first time Anthropic has withheld a general-purpose model on explicit cybersecurity grounds.
Original sourceAnthropic's Mythos model has found zero-day vulnerabilities in every major operating system and web browser it was tested against, including bugs that security researchers believe have existed for decades — vastly outperforming the company's previous state-of-the-art on security tasks. The finding has triggered an unprecedented response: Anthropic is withholding the model from general release and granting access only to 40 pre-approved organizations under its Project Glasswing program.
The restricted partner list reads like a who's who of critical infrastructure: Amazon, Apple, Microsoft, CrowdStrike, the Linux Foundation, and several national cybersecurity agencies. Anthropic is offering $100 million in usage credits to commercial partners and $4 million specifically earmarked for open-source security organizations that can use Mythos for defensive purposes — finding and patching vulnerabilities before they can be exploited.
The move is philosophically significant. Anthropic has long argued that its models should be as broadly accessible as safety allows, making this restriction a visible line in the sand. Dario Amodei acknowledged in a company post that "a model capable of finding novel vulnerabilities at this scale is, by definition, also capable of generating exploit code," and that the company had concluded the downside risk of open access outweighed the benefit.
The cybersecurity research community has responded with a mix of alarm and cautious approval. Several prominent researchers have noted that the zero-day finding rate — described internally as "every major OS and browser" — implies Mythos represents a qualitative jump in autonomous security reasoning, not just a marginal improvement. The question of whether Glasswing partner controls are sufficient to prevent leaked access is being hotly debated.
Anthropic has not confirmed a timeline for broader Mythos availability, though it has indicated that defensive use cases — automated patch generation, fuzzing pipelines, CVE triage — may be opened incrementally as the Glasswing program demonstrates responsible use.
Panel Takes
The Builder
Developer Perspective
“A model that can find zero-days in every major OS is infrastructure-level power, and restricting it to 40 orgs while offering $100M in credits for defensive use is actually a thoughtful response. The real test is whether Glasswing partners find more than they expose.”
The Skeptic
Reality Check
“Forty organizations with $100M in compute access to a model that can crack every major OS — that's not a safety measure, that's a very exclusive attack surface. The assumption that Glasswing access won't leak is optimistic given how many orgs and how much is at stake.”
The Futurist
Big Picture
“This is the moment the 'AI capability race' debate shifts from abstract to concrete. A model that outpaces human security researchers at finding novel vulnerabilities — across every major platform — is a civilizational-scale tool. How we govern this will set the pattern for everything that follows.”