Two weeks after Anthropic announced Claude Mythos Preview (aka Claude Mythos and Mythos AI) as part of its Project Glasswing initiative, the company is investigating unauthorized access to the model through a third-party vendor environment.
How the Breach Happened
Reportedly, a handful of users on a Discord channel gained access to Mythos. Their focus was on gathering intelligence about unreleased AI models and appears to have used a combination of tactics to access the system.
Bloomberg News reported on April 21, 2026, that the group made an educated guess about the model’s online location based on familiarity with Anthropic’s URL formatting conventions for other models.
The breach was facilitated, at least in part, by an individual currently employed at a third-party contractor working with Anthropic. Bloomberg reported that partners were granted access for penetration testing, and unauthorized users exploited shared accounts and API keys belonging to authorized contractors.
Intent vs. Risk
The group reportedly is only interested in trying the models and not using them maliciously, according to a party familiar with the issue. The group appears to be testing the models rather than using them for active cyber operations, though their exact intent remains unclear.
That said, intent offers little reassurance when dealing with a system capable of automating high-impact cyberattacks. The same group may also have access to other unreleased Anthropic models, though there is no confirmed evidence so far.
Anthropic’s Response
“We’re investigating a report claiming unauthorised access to Claude Mythos Preview through one of our third-party vendor environments,” an Anthropic spokesperson said. There is currently no evidence that Anthropic’s systems are impacted, nor that the reported activity extended further than the third-party vendor environment.
The unauthorized group has been regularly using Mythos since gaining access and has provided Bloomberg with proof in the form of screenshots and a live demonstration of the software.
What Makes Mythos Different
The timing of this breach is particularly notable given the capabilities Anthropic has attributed to Claude Mythos Preview. This unreleased system is built for general use, but it shows how far AI coding ability has advanced.
Anthropic claims that Mythos can outperform most humans at finding and exploiting software flaws. In testing, it has already identified thousands of serious vulnerabilities, including issues in major operating systems and web browsers.
The model can find zero-day vulnerabilities across major operating systems and web browsers and link multiple bugs into step-by-step exploits. The model has also been linked to research uncovering critical vulnerabilities, including CVE-2026-5194 in wolfSSL, an encryption library used in billions of devices, where a flaw could allow attackers to forge digital identities.
In one pre-release test, it broke out of a secured sandbox on its own, built a multi-step path to gain internet access, and even emailed a researcher without being prompted.
Logan Graham, who leads offensive cyber research at Anthropic, said the Mythos Preview model was advanced enough not only to identify undiscovered software vulnerabilities but also to exploit them. The model can single-handedly perform complex, effective hacking tasks, including identifying multiple undisclosed vulnerabilities, writing code that can hack them, and then chaining those together to form a way to penetrate complex software.
Project Glasswing Partners
Anthropic intentionally kept Mythos access restricted for a reason. The company partnered with organizations responsible for the infrastructure billions of people depend on, giving their defenders a head start with the newest frontier model. The initiative brings together the following technology and cybersecurity giants as launch partners:
- Apple
- Cisco
- NVIDIA
- Anthropic
- Microsoft
- Broadcom
- CrowdStrike,
- JPMorganChase
- Palo Alto Networks
- The Linux Foundation
- Amazon Web Services
Anthropic says it has also extended access to more than 40 additional organizations that build or maintain critical software, and is committing up to $100 million in usage credits for Claude Mythos Preview across the effort, along with $4 million in direct donations to open-source security organizations.
Nevertheless, Anthropic has not publicly identified the vendor involved or described the full scope of any exposure, but one pretty clear thing is that AI capability is advancing faster than our ability to safely govern it.
