The Mythos Crisis: Why Anthropic’s "Zero-Day Machine" has the Infosec World on edge

Claude Mythos, a frontier AI model so potent at discovering software vulnerabilities that its own creators refused to release it publicly, has become the center of a cybersecurity firestorm following reports of unauthorized access. Announced by Anthropic in early April 2026, Mythos represents a "jagged frontier" in artificial intelligence.

While previous models could assist in coding, Mythos is the first to demonstrate autonomous, multi-stage hacking capabilities that rival elite human researchers. Its existence has sparked a global debate: is it a defensive miracle or a digital Doomsday clock?

What is Mythos?

Technically known as Claude Mythos Preview, the model is an unreleased agentic AI designed for high-level reasoning and vulnerability research. During internal testing under "Project Glasswing," Mythos reportedly identified thousands of high-severity zero-day vulnerabilities across every major operating system (Windows, macOS, Linux) and web browser.

Unlike earlier tools that simply flagged "suspicious" code, Mythos can autonomously chain multiple vulnerabilities together to escape secure sandboxes and gain internet access. In one notable demonstration, the model discovered a flaw in OpenBSD that had remained hidden for nearly three decades, neutralizing it in under a day for a total compute cost of less than $2,000.

Why the spook?

The "spook" factor comes from a terrifying shift in the economics of hacking. Traditionally, zero-day research was a "scarce expert craft" requiring months of human labor. Mythos transforms this into a repeatable, machine-speed process.

The anxiety reached a boiling point on April 22, 2026, when reports surfaced that a private group on Discord had gained unauthorized access to Mythos. The group reportedly bypassed Anthropic’s "Project Glasswing" gates by exploiting a data leak from Mercor, an AI staffing startup. While the group claims they are only "playing around," the incident proved that even the world’s most secure "bottled" AI isn't immune to supply chain failures.

Still, some skeptics, including researchers at VulnCheck, argue the "thousands of bugs" claim is marketing hyperbole. They point out that while Mythos is fast, it hasn't yet found anything a truly "elite" human couldn't - it just does it much cheaper.