Anthropic's 'Mythos' model is extraordinarily dangerous.The company itself warned that it could autonomously identify and exploit zero-day vulnerabilities inevery major operating system, every major web browser, and every critical software library on Earth. And because of this offensive cybersecurity power,Anthropic refused to release Mythos publicly -and instead tightly restricted access through 'Project Glasswing' to roughly 50 carefully vetted organizations - 12 named launch partners plus more than 40 additional critical software and government entities, including theU.S. National Security Agency(NSA).
Yet within hours of the limited rollout announcement on April 7, 2026,a small group of unauthorized users in a private Discord server had already broken in.
The breach,reportedbyBloombergon Tuesday, reveals how fragile the safeguards around frontier AI models can be. According to the report, the group gained access using a surprisingly low-tech combination:legitimate credentials from a third-party contractor involved in Anthropic's evaluations, plus clever internet sleuthingto guess the hidden API endpoint by reverse-engineering Anthropic's internal naming conventions (patterns inferred from an earlier Mercor data leak).
They have reportedly been using Mythos regularly for nearly two weeks. Sources emphasize the usage has been non-malicious so far - things like building simple websites - rather than launching cyberattacks.
"We’re investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments," a spokesperson said in a statement, adding that there's no evidence that the access went beyond a third-party vendor's environment or that it is impacting any of Anthropic's systems.
In early April, Anthropic launchedProject Glasswing, a defensive cybersecurity initiative built around Mythos Preview. The 12 launch partners includedAmazon Web Services, Apple, Microsoft, Google, Cisco, CrowdStrike, Palo Alto Networks, NVIDIA, Broadcom, JPMorgan Chase, and the Linux Foundation, along with over 40 additional critical software organizations. The explicit goal was to give these defenders a head start:let Mythos hunt for vulnerabilities in their own systemsand major open-source projects before malicious actors could weaponize the same capabilities.
Anthropic's own red-team testing reportedly showedMythos could find and chain complex zero-days that had remained hidden for decades in software like Linux, OpenBSD, and FFmpeg.
Even as the Pentagon formally labeled Anthropic a “supply-chain risk” in March 2026 - citing the company’s refusal to remove ethical guardrails that would allow its models to be used for mass domestic surveillance and autonomous weapons -other key parts of the U.S. government havemoved with urgencyto embrace the very same technology. The National Security Agency is alreadyactivelyusing Claude Mythos Preview, while the White House’s Office of Management and Budget circulated an internal memo on Monday directing federal agencies to begin leveraging the model for vulnerability discovery in government networks. The Treasury Department has beenparticularly aggressive,rushing to secure access and convening major bank CEOs for urgent red-teaming sessions after being warned that Mythos could "hack every major system."
The unauthorized access wasdeceptively simple.One member of the Discord group (a private forum focused on hunting unreleased AI models) had legitimate access as a worker at a third-party contractor. Using knowledge of Anthropic's naming patterns,the group correctly guessed the private API endpoint for Mythos Preview on the very same day the limited release was announced.
Once inside, they continued using the model without triggering obvious alarms.
Source: ZeroHedge News
