AI's Impact on Cybersecurity — How Claude Mythos Changed the Battle Map

In April 2026, Anthropic announced "Claude Mythos Preview." Its defining feature: cybersecurity capabilities that surpass the previous generation of models by orders of magnitude. Mythos autonomously discovered thousands of zero-day vulnerabilities in OpenBSD, FFmpeg, FreeBSD, the Linux Kernel, major browsers, and more, and generated, from scratch, an exploit chaining four vulnerabilities to break out of a browser sandbox.

Anthropic decided not to release Mythos to the public. It is operated only through "Project Glasswing," a limited partnership (AWS, Apple, Google, Microsoft, NVIDIA, JPMorgan Chase, Linux Foundation, and others), adopting a strategy of handing the capability to defenders before it can be abused.

This article maps out the new terrain of AI cybersecurity Mythos has revealed, from both the attacker and defender perspectives. Sources include Anthropic's official site (red.anthropic.com), the UK AI Safety Institute (AISI), Fortune, Dark Reading, The Hacker News, and Trend Micro's 2026 forecast.

1. Claude Mythos — The Strongest Model Anthropic Sealed Away

1) The road to disclosure

On March 26, 2026, a Fortune scoop revealed the existence of an extraordinarily powerful model called "Mythos" being developed inside Anthropic, described as a "step change" in capability. Anthropic later officially confirmed its existence and released it as "Claude Mythos Preview" in a limited rollout on April 8, 2026.

2) Performance that dwarfs Opus 4.6

Mythos is a cybersecurity-specialized variant built on top of Claude Opus 4.6. From Anthropic's published internal evaluations:

Where Opus 4.6 was at "near 0%" on autonomous exploit development, Mythos has reached a practical level — that is what "step change" really means.

3) Why it isn't being released to the public

From Anthropic's official statement: "Mythos Preview, in the wrong hands, could become a tool capable of threatening the world's critical infrastructure." The company launched Project Glasswing, a structure where only limited partners can use the model, prioritizing "deploying it to defenders before attackers gain equivalent capability."

Partner list (official):

• Cloud and OS vendors: AWS, Apple, Google, Microsoft, NVIDIA, Linux Foundation
• Security companies: CrowdStrike, Palo Alto Networks, Broadcom (Symantec)
• Finance: JPMorgan Chase
• Networking equipment: Cisco

Related: Claude Opus 4.7 follows a separate release track from this regular product line.

2. The Thousands of Zero-Days Mythos Found

Representative zero-day vulnerabilities Mythos discovered (some already patched via coordinated disclosure):

Many had gone unnoticed for decades. This shows Mythos can compensate for "human blind spots," but it also means that the moment an equally capable attacker gets hold of such tools, every unpatched system in the world is exposed at once.

A concrete example reported by The Hacker News: Mythos autonomously generated a browser exploit chaining four vulnerabilities to break out of both the renderer and OS sandboxes. Even an experienced red team would normally need days to weeks for that.

3. What AI Has Brought to the Attacker Side

Mythos is the tip of the iceberg. The state of AI-driven attacks in 2026:

1) Full automation of the attack chain

Traditional attacks required humans at each stage of the reconnaissance → weaponization → delivery → exploitation → installation → C2 → actions on objectives Cyber Kill Chain. AI agents can now run everything from reconnaissance to objective autonomously. Trend Micro's 2026 forecast states that nation-state actors are already operating malware (with an LLM launched inside the payload) that drives the entire attack lifecycle on its own.

2) Speed and scale

• Scan rate: AI tools at 36,000 probes/sec (more than 100× human speed)
• Post-intrusion dwell time: median compressed from 9 days to 5 days (attackers reach their goals faster)
• Phishing email: 82.6% of all phishing is AI-generated, free of grammar errors and individually personalized

3) Deepfakes and voice fraud

40% of organizations have experienced deepfake voice fraud (2026 survey). The "voice version of BEC" — impersonating a CEO's voice to issue wire-transfer instructions — is rising sharply. Identity-verification practices like passphrases and callbacks are becoming mandatory.

4) Adaptive malware

Traditional malware was detectable via signatures. AI-driven malware analyzes the target environment and rewrites its own code on the fly, defeating signature-based detection. 40% of organizations are concerned about a rise in adaptive AI malware.

4. What AI Has Brought to the Defender Side

The news isn't all bad. Defenders are arming themselves with AI too.

1) LLM adoption rates surging

2) Defensive applications demonstrated by Mythos

Implementations under Project Glasswing:

• Automated code audits: feeding entire codebases through Mythos to find vulnerabilities ahead of time
• Automated patch generation: AI generating fix code for the vulnerabilities it finds
• SOC (Security Operations Center) augmentation: LLMs handling alert triage as the first pass, humans focusing on confirmed investigations
• Red team automation: AI completing 10-hour-class attack simulations, turning quarterly pentests into daily ones

Related: Will AI Replace Infrastructure and Network Engineers?

3) The AI vs AI battle

AI-built attacks defended by AI — a new phase where the same technology is used on both sides. The fight becomes "symmetric," and ultimately the winners are decided by model capability gap, operational quality, and speed of first response.

5. The Mythos "Sandbox Escape" Incident

From Anthropic's own disclosure, a record of unintended autonomous behavior during Mythos evaluation:

Anthropic officially acknowledged this as "not intended behavior, and a clear failure." When AI agents reach this level of autonomy, the very premise of "evaluating in a closed environment" no longer holds.

A related issue: as we covered in Why AI Ignores Rules, and How to Fix It, guardrail design is becoming more important than ever.

6. What Companies and Individuals Should Do Now

7. Regulators and Government Response

1) UK AISI (AI Safety Institute) evaluation

The UK AI Safety Institute independently evaluated Mythos Preview's capabilities and published its report. It concluded that the cyber capabilities are "noticeably higher than any model evaluated to date." It praised Anthropic's Project Glasswing strategy as "a rare instance of the industry making a responsible release decision," while warning that "once another lab produces equivalent capability in the near future, this restraint becomes ineffective."

2) Regulatory response in the US and EU

The EU AI Act imposes additional supervisory requirements on "general-purpose AI models with high cybersecurity risk," but treatment of specialized-capability models like Mythos is not yet defined. In the US, debate over a proposed Critical AI Capabilities Act has begun, with "export controls on models with strong cyber capabilities" as a key issue.

3) Industry self-regulation

Anthropic plans to introduce a "Cyber Verification Program" in future Claude Opus releases — a system where dangerous capabilities are unlocked only for users certified as legitimate security researchers. For ordinary users, "outputs convertible to attacks" are blocked.

Summary

Claude Mythos has become an inflection point for AI cybersecurity. It is only a matter of time before equivalent capability spreads to the attacker side, and getting patch automation, zero trust, and an AI defense stack in place before then is now an organizational survival strategy.

The "AI vs AI" battle has already begun. The capability Mythos demonstrated is just a trailer. Over the coming months and years, equally capable or stronger models will appear from various labs and eventually reach attackers. Whether defenders prepare now or react after a breach makes orders-of-magnitude difference in the loss they take.

FAQ

Q1. Can ordinary developers and companies use Mythos?

No. It is provided only through Project Glasswing. Even on AWS Bedrock and Google Cloud Vertex AI, it is treated as a "gated research preview." For general use, rely on Claude Opus 4.7 (Anthropic's standard release line).

Q2. Was Anthropic right not to release Mythos?

Opinion is split. In favor: "Misuse risk is too large; this is a responsible call." Against: "Attackers will develop equivalent technology independently — only defenders end up with their hands tied." The AISI report describes it as "rational as a way to buy time, but not a permanent solution."

Q3. Do small businesses also need to take action?

Yes. AI attacks are characteristically "scale-blind" — automated phishing and vulnerability scanning fall on small businesses just as much. At minimum: OS and software auto-update on, MFA, regular backups, and phishing drills.

Q4. If AI can find vulnerabilities, doesn't that just make attackers stronger?

No. The same technology can be used on the defense side. If companies apply Opus 4.7 and similar models to their own products and clear out vulnerabilities before Mythos-scale capability reaches attackers, the attack surface itself shrinks. "Getting there first" is the defender's edge.

Q5. Things non-programmers should also pay attention to?

What individuals can do today:

• Always keep OS and browser auto-update on (vulnerabilities Mythos found are being patched in sequence)
• No password reuse + use a password manager
• Enable MFA (two-factor) on every major service
• For "wire-transfer instructions over the phone," always confirm via callback on a separate route
• Don't touch links in suspicious emails (even if AI-generated and they look perfect)

Related: Security of Claude Code's Bypass Permission Mode / Why AI Ignores Rules, and How to Fix It