Anthropic said last week that its Claude Mythos Preview found a now-patched weak spot in OpenBSD that had gone unnoticed for 27 years, and it said the same model uncovered thousands of other high- and critical-severity flaws across open-source and closed-source software. The company says it will not release the model to the public.
Instead, Anthropic is limiting access to 40 organizations through Project Glasswing, including Microsoft, Apple, Google, CrowdStrike and JPMorgan Chase, a narrow rollout that underscores how powerful the model is said to be. That power also puts the company at the center of a growing debate over who gets access to advanced security tools and who gets left out.
David Lindner, who has worked on vulnerability discovery, said the results were not surprising from a technical standpoint. “We’ve never had a problem finding vulnerabilities. We find them every day. We actually have a pile of them that we just don’t fix,” he said, adding that Anthropic’s blog post said more than 99% of the flaws the model found have not been patched. He also warned that even if Anthropic keeps the system closed, others will not wait long to build something similar. “Even if they, quote unquote, don’t release it, China will have a version in five or six months, and there’ll be an open-source version within a year or two,” Lindner said.
The timing matters because Anthropic disclosed the model only last week, and this weekend The reported the company has faced frequent outages recently and has limited users’ computing supply during peak times. That report gave fresh fuel to questions raised by Marc Andreessen, who asked whether Anthropic is holding back Mythos because of security concerns or because it lacks the compute to roll it out broadly. Fortune said it was the first to report on the development of Mythos after a security lapse exposed details in a publicly accessible database.
The bigger issue is that the same tools that can expose hidden flaws can also be turned loose by people with far less technical skill than in the past. Zach Lewis put it bluntly: “Threat actors don’t even need to know about—they don’t need to have a background in—coding or software design to understand how these systems work. They can deploy an agent that can do it for them,” he said. For now, Anthropic is betting that a tightly controlled release through Project Glasswing can improve security without widening the danger. The unanswered question is not whether the model can find weaknesses. It already has. The question is whether anyone can keep that kind of capability contained once competitors and attackers catch up.
