AI Agents, News & Updates, Code Editors

Anthropic's Mythos Model Surfaces in Claude Code Ahead of Wider Release

Anthropic's most powerful restricted model, Claude Mythos 1, briefly appeared in Claude Code and Claude Security interfaces on May 25 — signaling the first commercial rollout of the model that found over 10,000 zero-day vulnerabilities under Project Glasswing.

4 min read
Anthropic's Mythos Model Surfaces in Claude Code Ahead of Wider Release

Image by CWA


title: "Anthropic's Mythos Model Surfaces in Claude Code Ahead of Wider Release" date: "2026-05-26" description: "Anthropic's most powerful restricted model, Claude Mythos 1, briefly appeared in Claude Code and Claude Security interfaces on May 25 — signaling the first commercial rollout of the model that found over 10,000 zero-day vulnerabilities under Project Glasswing."

Anthropic appears to be moving its flagship restricted model, Claude Mythos, toward a commercial release — with the model identifier claude-mythos-1-preview surfacing in public Claude Code and Claude Security interfaces on May 25, 2026. Some users briefly spotted a toggle to enable Mythos inside the public Claude Code UI before Anthropic pulled it offline. The same model string appeared concurrently in Claude Security.

The leakage was first flagged by TestingCatalog on May 23, then confirmed by BleepingComputer and CyberSecurityNews on May 26. No formal release announcement has been made. Anthropic has not commented publicly on the UI exposure.

For developers: this is the first sign that Mythos — a model Anthropic has withheld from public access since April 7 due to its advanced autonomous vulnerability-exploitation capabilities — is being staged for integration into the tools you already use.

Background: What Mythos Is and Why It's Been Locked Down

Claude Mythos Preview was formally announced on April 7, 2026, after a March 26 CMS misconfiguration at Anthropic exposed approximately 3,000 unpublished internal assets, including a draft post describing the model as "by far the most powerful AI model we've ever developed." Anthropic confirmed its existence and called it "a step change."

Rather than releasing it, Anthropic launched Project Glasswing: a restricted defensive cybersecurity initiative that gave exclusive access to around 50 partner organizations, including AWS, Apple, Google, Microsoft, NVIDIA, CrowdStrike, and JPMorgan Chase. The model was deployed to scan critical infrastructure. Within weeks it had identified more than 10,000 high- or critical-severity zero-day vulnerabilities across widely used open-source software. Anthropic committed up to $100M in model usage credits for the effort.

The reason for the restriction is direct: Anthropic found that Mythos can automatically develop functional cyberattacks at a professional level. "The advantage will belong to the side that can get the most out of these tools," Anthropic warned. "In the short term, this could be attackers, if frontier labs aren't careful about how they release these models."

What Changed on May 25

On May 25, references to claude-mythos-1-preview appeared in production UI strings across two Anthropic products. BleepingComputer confirmed that some users saw an actual toggle to enable Mythos inside the public version of Claude Code before it was removed. The same string appeared in Claude Security's interface.

The timing aligns with a notable shift in Anthropic's public statements. A May 22 Project Glasswing update posted to Anthropic's X account explicitly stated: "And in the near future, once we've developed the far stronger safeguards we need, we look forward to making Mythos-class models available through a general release." That language — "near future" and "general release" — represents a material change from the original April framing, which implied no public availability was planned.

A redesigned Claude Security dashboard is also reportedly under development, with seven-day and thirty-day historical vulnerability charts and deeper triage result views for enterprise customers.

Scale of What Mythos Has Found

The Project Glasswing vulnerability disclosure dashboard, updated as of May 22, reflects the scope of the model's output: 1,596 vulnerabilities disclosed across 281 open-source projects, with 97 patched to date. Across all scanning runs, Anthropic reports 23,019 total flaws identified, with an estimated 6,202 high or critical severity. Of the 1,752 high or critical vulnerabilities manually verified, 90.6% were confirmed valid — and 62.4% were confirmed high or critical severity.

One critical flaw uncovered by Mythos affected the wolfSSL cryptography library, used by billions of devices. Mythos constructed an exploit allowing attackers to forge certificates, potentially impersonating banks or email providers. The vulnerability, tracked as CVE-2026-5194, has since been patched.

BleepingComputer reports Anthropic described Mythos as showing "major improvements in code reasoning and autonomy" above Opus 4.7, its current publicly available flagship. On a benchmark of roughly 7,000 open-source repository entry points, Mythos achieved tier-5 full control-flow hijacks in 10 separate cases. Sonnet 4.6 and Opus 4.6 each managed a single tier-3 result.

What a Claude Code Integration Would Mean for Developers

Claude Code is currently powered by Opus 4.7, which Anthropic's own release notes describe as offering notable improvements in advanced software engineering — but is intentionally weaker on offensive cyber capabilities than Mythos. A Mythos integration would represent a substantial capability upgrade for:

  • Security engineers using Claude Code to audit codebases, triage CVEs, or run vulnerability discovery pipelines
  • Application developers who want semantic static analysis that traces data flows across an entire repo rather than pattern-matching against known signatures
  • Platform teams managing dependency chains across open-source software at scale

Claude Security, the other product where Mythos strings appeared, is currently in public beta for Enterprise customers. Team and Max subscriber access has been announced as forthcoming. A Mythos-powered version would represent a significant upgrade over the current Opus 4.7-backed scanner, which already reports a false-positive rate below 5%.

What's Still Unconfirmed

Anthropic has not announced pricing, a release date, or the subscription tier at which Mythos access will be available. It is unclear whether the May 25 toggle exposure was an intentional staged rollout or an accidental deployment ahead of a planned announcement.

Rumors of Claude Opus 4.8 in internal evaluation with select Anthropic partners have circulated separately, aligning with the roughly monthly release cadence set by Opus 4.7's April 16 launch. Whether Opus 4.8 is a separate model or a renamed Mythos 1 with commercial guardrails applied has not been confirmed.

For developers building on Claude Code today: watch the official model release notes and Claude API changelog. The first concrete signal will be claude-mythos-1-preview appearing in the model selector or API documentation with documented rate limits and pricing.

Share:

Other Latest News

OpenAI Releases GPT-5.6 and GPT-Live to All Users Today
News & Updates, AI Agents, Voice

OpenAI Releases GPT-5.6 and GPT-Live to All Users Today

OpenAI publicly launches its most powerful model family — Sol, Terra, and Luna — today alongside GPT-Live, a new full-duplex voice architecture that replaces Advanced Voice Mode across all ChatGPT tiers.

Jul 9, 2026
Cursor and SpaceXAI Release Grok 4.5, Their First Joint Model
News & Updates, Code Editors

Cursor and SpaceXAI Release Grok 4.5, Their First Joint Model

SpaceXAI and Cursor have jointly launched Grok 4.5, a 1.5-trillion-parameter coding model available now across all Cursor plans at $2/$6 per million tokens — weeks before their $60B acquisition deal closes.

Jul 9, 2026
Anthropic Adds Model Controls and Spend Alerts to Claude Enterprise
AI Agents, News & Updates

Anthropic Adds Model Controls and Spend Alerts to Claude Enterprise

Anthropic's new Claude Enterprise admin controls give platform admins per-user cost breakdowns, model-level entitlements, and real-time spend-threshold alerts — targeting the budget blowouts that have quietly burned enterprise AI teams in 2026.

Jul 6, 2026
Gemini Spark Comes to Mac With Local File Access and MCP Support
AI Agents, News & Updates

Gemini Spark Comes to Mac With Local File Access and MCP Support

Google has added Gemini Spark to the Gemini desktop app for macOS, giving it access to local files, MCP server connections, real-time topic tracking, and new integrations with Canva, Dropbox, and more.

Jul 3, 2026
Google Drops ADK 2.0 and Genkit Agents for AI App Builders
AI Agents, News & Updates

Google Drops ADK 2.0 and Genkit Agents for AI App Builders

Google published three developer-facing launches in 24 hours: ADK 2.0's graph-based workflow runtime, the Genkit Agents API for full-stack conversational AI, and a Google Cloud Workbench VS Code extension — a coordinated push to own the agent-development stack.

Jul 3, 2026
Fable 5 Returns Globally as US Lifts Export Controls on Anthropic
News & Updates, AI Agents, Security

Fable 5 Returns Globally as US Lifts Export Controls on Anthropic

Anthropic restored global access to Claude Fable 5 on July 1 after the US Commerce Department lifted the 19-day export controls. Claude Code and Claude.ai users get the model back with a new 99%+ jailbreak classifier and an industry-wide safety framework now in development.

Jul 2, 2026
← Scroll for more →