Pomegra
---
---
A Model Built for Battle — But Not for the Public
On April 7, 2026, Anthropic unveiled Claude Mythos Preview, a general-purpose frontier AI model with cybersecurity capabilities so advanced the company has chosen to withhold it from general release. The model autonomously identifies and exploits zero-day vulnerabilities — previously undiscovered software flaws — across every major operating system and every major web browser, with no human intervention beyond an initial prompt.
Simultaneously, Anthropic announced Project Glasswing, a structured access program that channels Mythos Preview's capabilities exclusively toward defensive security purposes. Anthropic is committing up to $100 million in usage credits across the effort, alongside $4 million in direct donations — $2.5 million to Alpha-Omega and OpenSSF through the Linux Foundation and $1.5 million to the Apache Software Foundation.
---
A Coalition of Tech Giants on the Front Lines
Project Glasswing's founding coalition includes Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic has extended access to more than 40 additional organizations that build or maintain critical software infrastructure.
CrowdStrike CTO Elia Zaitsev framed the stakes in stark terms: "The window between a vulnerability being discovered and being exploited by an adversary has collapsed — what once took months now happens in minutes with AI." Microsoft's Global CISO Igor Tsyganskiy confirmed that when tested against CTI-REALM, Microsoft's open-source security benchmark, "Claude Mythos Preview showed substantial improvements compared to previous models." AWS CISO Amy Herzog added her teams have been testing Mythos Preview against critical codebases, where the model is "already helping us strengthen our code."
---
Benchmarks That Redefine the State of the Art
The performance gap between Mythos Preview and its predecessor, Claude Opus 4.6, is dramatic. On the CyberGym evaluation benchmark, Mythos Preview scored 83.1% versus 66.6% for Opus 4.6. On SWE-bench Verified, the model achieves 93.9% compared to 80.8%, and on the harder SWE-bench Pro it posts 77.8% versus 53.4%.
The qualitative leap is equally pronounced. Where Opus 4.6 developed working Firefox JavaScript engine exploits in only 2 out of several hundred attempts, Mythos Preview succeeded 181 times on the same benchmark. On Anthropic's internal OSS-Fuzz corpus tests — graded on a five-tier severity ladder — Mythos Preview achieved full control-flow hijack on ten separate, fully patched targets, while Opus 4.6 reached that tier only once.
Critically, Anthropic did not train Mythos Preview for these capabilities. They emerged spontaneously as a downstream consequence of general improvements in code reasoning and autonomy.
---
The Zero-Days: 27-Year-Old Bugs, Autonomous Exploits
The technical disclosure accompanying Project Glasswing documents Mythos Preview's most striking findings. The model identified a 27-year-old vulnerability in OpenBSD — one of the world's most security-hardened operating systems — that would allow a remote attacker to crash any machine responding over TCP. The bug resided in the kernel's implementation of SACK (Selective Acknowledgement), exploiting a signed integer overflow that had evaded detection since 1998.
In FFmpeg, the near-universal video processing library, Mythos Preview surfaced a 16-year-old vulnerability in the H.264 codec — a flaw that had survived millions of automated fuzzing runs and years of manual expert review. In FreeBSD, the model fully autonomously discovered and exploited a 17-year-old remote code execution vulnerability in the NFS server (CVE-2026-4747), granting complete root access to any unauthenticated remote user by chaining a 20-gadget ROP (Return Oriented Programming) chain across multiple packets.
On the Linux kernel, Mythos Preview demonstrated the ability to chain together two, three, and sometimes four independent vulnerabilities to achieve full local privilege escalation — bypassing KASLR, reading protected kernel memory, and ultimately installing arbitrary root credentials, all without human guidance.
---
Responsible Disclosure at Unprecedented Scale
The scale of Mythos Preview's findings creates a disclosure challenge with no historical precedent. Anthropic has internally identified thousands of high- and critical-severity vulnerabilities, fewer than 1% of which have been patched to date. To manage responsible disclosure, the company has contracted professional human security triagers to validate every report before it reaches maintainers, and has committed to coordinating pacing with each affected project to avoid overwhelming unpaid open-source contributors.
Anthropic is publishing cryptographic SHA-3 commitments to undisclosed exploits throughout the technical paper, providing verifiable proof of possession without exposing unpatched attack surfaces. Full disclosures will follow 45 to 135 days after patches ship.
Linux Foundation CEO Jim Zemlin highlighted the equity dimension of the initiative: "In the past, security expertise has been a luxury reserved for organizations with large security teams. Open-source maintainers — whose software underpins much of the world's critical infrastructure — have historically been left to figure out security on their own."
---
Revenue Surge, Compute Deal, and IPO Horizon
The Glasswing announcement arrived alongside a series of major corporate disclosures. Anthropic revealed its annualized revenue run rate has surpassed $30 billion, up from approximately $9 billion at the end of 2025. The number of enterprise customers each spending over $1 million annually now exceeds 1,000, doubling in under two months.
On the same day, Anthropic announced a multi-gigawatt compute deal with Google and Broadcom, with Broadcom securing access to approximately 3.5 gigawatts of AI processing capacity drawing on Google infrastructure. The company also announced the hire of Eric Boyd, a senior Microsoft executive, to lead infrastructure expansion.
After the research preview period, Claude Mythos Preview will be priced at $25 per million input tokens and $125 per million output tokens, accessible through the Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry.
Anthropic is simultaneously evaluating an IPO as early as October 2026, a timeline that Project Glasswing's blue-chip coalition and government-adjacent positioning are designed to support.
---
A Transitional Moment — and a Wager on Transparency
Anthropic's own assessment leaves little room for ambiguity: "Defenders have months, not years." Frontier Red Team Cyber Lead Newton Cheng stated explicitly that "frontier AI capabilities are likely to advance substantially over just the next few months," and warned that similar capabilities will soon proliferate beyond actors committed to responsible deployment.
The company has proposed that an independent, third-party governance body may ultimately be the most appropriate long-term steward of large-scale AI cybersecurity projects. A public update on findings is expected within 90 days.
Project Glasswing represents Anthropic's core strategic wager: that putting the most powerful defensive AI tools in the hands of the world's critical infrastructure operators, under careful controls, will outpace the inevitable moment when comparable offensive capabilities reach less scrupulous actors. Whether the gamble succeeds will define not only Anthropic's trajectory but the broader security equilibrium of the internet itself.
---
Mentioned tickers: AMZN, AAPL, AVGO, CSCO, CRWD, GOOGL, JPM, MSFT, NVDA, PANW
