The US-based AI firm, Anthropic, has created ‘Claude Mythos’, an AI model that specialises in identifying security flaws in software. The firm claims the tool will ‘reshape cybersecurity’ by finding thousands of high-severity vulnerabilities across every major operating system and browser. To date, only an invited group of organisations has tested a preview version of Mythos – named ‘Project Glasswing’ – but already the AI model is creating headlines and eliciting a range of responses in business, from fear to antipathy. In this article Joani Green, S-RM Cyber CIO, explains why Claude Mythos and similar technology is attracting attention, how AI is already being leveraged by threat actors, and what organisations can do today to take control of their cyber security.
Why is Claude Mythos making headlines – what is the concern and controversy?
One area creating headlines is speculation around Project Glasswing being a publicity stunt to build up hype around the new Mythos model. And there have been multiple news stories about the new model declaring a ‘terrifying future ahead’.
Setting aside any allegations of a PR stunt, there is genuine concern around AI tools with the capability of detecting vast quantities of security flaws at speed. Threat actors will almost inevitably get their hands on the same tooling and start using the vulnerabilities to attack organisations.
Outside of threat actor behaviour, the sheer volume of vulnerabilities identified could overwhelm underprepared businesses unable to parse through, prioritise and respond.
Mythos examples
27-year-old bug discovered by Mythos in OpenBSD - an operating system specifically designed for security.
181 working exploits generated for Firefox in a single test run.
40 CVEs – new vulnerabilities already credited to Anthropic researchers, including 28 high severity Firefox bugs.
All major operating systems and web browsers tested produced working exploits.
Source Anthropic Red Team · CSA ‘Vulnpocalypse’ (Rich Mogull, April 2026) · VulnCheck
Is Claude Mythos available now? Are there similar AI tools already on the market?
Anthropic is not releasing Claude Mythos Preview to the public, however the firm is working towards releasing a ‘Mythos-class’ model for wider deployment than the test groups in Project Glasswing. In the meantime Claude Opus 4.7, which features “safeguards that automatically detect and block requests that indicate prohibited or high-risk cybersecurity uses”, is available.
There are similar tools available, for example OpenAI recently announced the launch of GPT-5.4-Cyber, a variant of its latest flagship model fine-tuned specifically for defensive cybersecurity work. However, this is only available to a limited group of vetted security vendors, organisations and researchers.
How is AI technology being used by threat actors today?
Aside from Mythos and similar vulnerability-detecting tools in development, AI is already playing a role in enabling threat actors across three key areas:
Speed. Attackers can use AI tooling to map their victim organisation’s internet facing systems in minutes and identify weak spots that may have taken expertise to identify and understand manually.
Operations. AI can be used to generate a working exploit in hours, deliver the compromise, and draft victim-specific ransom notes.
Evasion. AI services can be used during an attack to evade detection by generating fresh commands, rewriting their own code and adapting the environment they have comprised.
AI technology is therefore already super-charging the cyber threat landscape. The time to create and deploy an attack has dropped significantly, putting pressure on defenders.
What should organisations be doing today to prepare themselves for Claude Mythos and similar tools?
We can learn lessons already from the test results of Mythos, and the good news is that a ‘defence in depth’ approach to cyber security is still effective. When pointed at the core of Linux, Mythos found many exploitable flaws - but after thousands of attempts, it could not successfully turn a single one into a working remote attack. Controls do work, and investment in network segmentation, strong authentication, and rehearsed recovery is not a nice-to-have - it is the thing that will distinguish businesses that survive the next few years from those that don't.
- Treat external Attack Surface Management (ASM) as your authoritative inventory of what attackers can actually see and reach – not just what procurement bought or IT documented. Anything publicly accessible must be discovered, assessed from the attacker's perspective (prioritising what they can exploit without already being inside your network), and patched immediately, not on quarterly policy schedules. AI-assisted attackers will now chain together multiple "low-severity" flaws into serious compromises faster than your teams can complete a review cycle, so traditional severity scoring alone is no longer sufficient. Organisational readiness means having a rehearsed, low-bureaucracy patching process that can respond at speed: extended testing windows and committee-driven change approvals are liabilities in a Mythos-class threat environment, not safeguards.
- Understand your software supply chain end‑to‑end – whether you build software yourself or buy it, you are exposed to the weaknesses of every component and supplier it relies on. AI‑enabled attackers are increasingly exploiting shared dependencies, turning a single flaw in a widely used library or service into multiple incidents at once. Readiness means knowing what you depend on, getting basic security assurance from suppliers, and designing systems on the assumption that something will fail: limit how far an attacker can move if a dependency is compromised, and rehearse how you would contain and recover from a supply‑chain incident at speed.
- Expect attackers to target user credentials with phishing and session theft, now enhanced by AI-driven impersonation. Implement phishing-resistant MFA (using hardware keys or biometrics, not SMS or push notifications) for critical systems first. Ensure a stolen identity can't access everything: isolate key systems and data behind extra controls, monitor access, and avoid single accounts with broad admin rights. Organisations that combine strong authentication, segmentation, and monitoring are best equipped to limit AI-powered attacks before they escalate.
Reach out to the S-RM cyber team if you would like to discuss any of the topics raised here.
