Mythos: Code Red for the Internet
When I read that Anthropic's AI had found 22 vulnerabilities in Firefox in two weeks, including 14 classified as high-severity, I stood up from my chair. This is the Mozilla’s codebase, with about 27-28 years of open source lineage. Around 10,500 contributors have committed code across the project's lifetime, with roughly 955,000 total commits.
That single finding represented nearly a fifth of all high-severity Firefox vulnerabilities remediated in all of 2025. And here is the part that stopped me cold: the first bug was found within 20 minutes of starting. This wasn't Anthropic's most powerful model. This was Claude Opus 4.6, a model that is already publicly available. We are not ready for what comes next.
Meet Mythos
Last couple of weeks of Anthropic leaks brought Claude Mythos into public consciousness. It is the most capable AI model they have ever built, and they have decided not to release it to the public.
In the this cut throat race to build super intelligence, a company whose entire business is built on releasing AI models has built one so capable that they are deliberately keeping it out of public hands.
Some are calling it the "God Model," and it is easy to see why the label gets attached. Mythos represents a capability threshold that the industry has been nervously anticipating. It is the point where AI stops being a tool that assists security researchers and starts being something that can outperform nearly all of them.
The benchmarks back this up. On CyberGym, which tests real vulnerability reproduction in live open-source software, Mythos Preview scores 83.1%. The previous best, Claude Opus 4.6, scores 66.6%. On SWE-bench Verified, a broad coding benchmark, Mythos hits 93.9% versus Opus 4.6's 80.8%. Does this model belong to a different league of its own, “God Model” perhaps.
The Firefox comparison makes it visceral. When researchers ran Mythos modelsagainst the same Firefox exploit challenge, Mythos produced 181 successful exploits.
What It Has Already Found
To understand what this model is capable of, you have to look at what it has already done in just a few weeks of limited, controlled use.
Mythos discovered a 27-year-old bug in OpenBSD, an operating system known specifically for its security record. The flaw had survived nearly three decades of human review, audits, and automated scanning. The model found it, and it was critical.
It found a 16-year-old vulnerability in FFmpeg, the multimedia framework that sits underneath a significant portion of the world's video infrastructure. The bug had survived more than five million automated tool interactions over its lifetime without detection.
It uncovered a 17-year-old remote code execution vulnerability in FreeBSD (CVE-2026-4747) that allowed unauthenticated root access. The kind of vulnerability that, in the wrong hands, would be worth an enormous amount to a nation-state attacker.
It also autonomously chained multiple Linux kernel vulnerabilities together, and constructed complex exploits that escaped both browser renderer sandboxes and operating system sandboxes without human guidance.
Across all of this, Anthropic researchers found "thousands" of additional high and critical severity vulnerabilities spanning every major operating system and every major web browser.
The word "thousands" should not pass by quietly. This is infrastructure we depend on everyday, to manage bank account, pay bills, do office work, etc. These our cornerstones of our digital life.
Project Glasswing: The Defense
Anthropic knows exactly what they have built. Their own internal assessment described Mythos as "currently far ahead of any other AI model in cyber capabilities" and warned it "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders."
Project Glasswing is their response to that reality.
Rather than shelving the model, Anthropic has structured a controlled, time-limited program that makes Mythos Preview available exclusively to a coalition of organizations responsible for the world's most critical software infrastructure. The goal is to use Mythos offensively, in a controlled way, to find and fix vulnerabilities before bad actors can use a similar model to find and exploit them.
The founding coalition of twelve organizations covers every critical layer of the internet's architecture, and that is not an accident.
Cloud and Hyperscale Infrastructure (AWS, Google, Microsoft) form the backbone of global compute. Virtually every application, service, and platform runs on or through these three providers. A vulnerability at this layer does not affect one company. It affects everything built on top of it.
Pure-Play Cybersecurity (CrowdStrike, Palo Alto Networks) brings threat intelligence and security research depth. They understand the attacker's perspective and have the tooling and telemetry to operationalize what Mythos finds.
AI and Compute (Anthropic, NVIDIA) represent the model itself and the silicon it runs on. NVIDIA's CUDA stack underpins virtually all AI workloads and is itself a high-value target. Having the infrastructure layer inside this initiative is important.
Networking and Semiconductor Infrastructure (Cisco, Broadcom) own the physical and logical plumbing of the internet. Cisco controls a dominant share of enterprise networking hardware. Broadcom, after acquiring VMware, is foundational to enterprise compute globally.
Consumer and Device Ecosystems (Apple, Google) together control iOS and Android, the two operating systems running on billions of end-user devices. Chrome is the world's most-used browser. A vulnerability at this layer is not a business problem. It is a personal one, for billions of people.
Financial Services (JPMorganChase) represents a sector that is both among the highest-value attack targets on earth and an operator of massive, proprietary critical infrastructure. Their inclusion signals that this initiative is not just about software. It is about the systems economies run on.
Open Source Governance (Linux Foundation) acts as the bridge between the twelve founding members and a wider group of over 40 additional open-source projects and infrastructure maintainers who also have access to Mythos under this program.
Anthropic is committing $100 million in model usage credits to this effort, $2.5 million to Alpha-Omega and OpenSSF, and $1.5 million to the Apache Software Foundation. Findings will be shared publicly within 90 days.
The Problem Glasswing Cannot Solve
Here is what I keep thinking about. Glasswing is starting at right place. The organizations in this coalition represent the most fundamental building blocks of the internet. If you had to choose where to start, this is where you start.
But the internet is not just its building blocks.
Sitting on top of these foundations is an enormous long tail: hundreds of thousands of SaaS products, fintech applications, healthcare platforms, e-commerce systems, APIs, and startup codebases that have no Glasswing access, no Mythos partnership, and no 90-day head start. When a Mythos-class model eventually becomes commercially available, or gets replicated by a well-resourced actor, that entire long tail will be exposed simultaneously.
Glasswing is not a complete solution. It is a head start for the most critical layer. What happens beneath that layer is a much harder problem, and the clock is already running.
What This Means for Us
Most people will read about Project Glasswing and feel a comfortable distance from it. Vulnerabilities in operating systems and browser engines feel abstract. They are not.
Your banking app runs on infrastructure with vulnerabilities. Your healthcare provider's portal runs on frameworks with vulnerabilities. The authentication system that protects your email almost certainly depends on open-source libraries that have never been scanned by anything close to Mythos.
The security researchers and penetration testers who currently protect these systems are talented, but they are working at human speed. Mythos operates at a different scale entirely. Penetration testers estimated that certain exploits the model developed overnight would take their best people several weeks of manual work. That gap in speed and economics is the real disruption. The threat surface is expanding in ways that human-only security teams are not equipped to match.
Anthropic's decision to build Glasswing before releasing Mythos is the right call. Although, this is not a permanent fix. It is a head start. The gap between what AI can do and what most people believe AI can do has never been wider. And that gap is closing from one direction only.
So here is the closing thought I want to leave you with.
A 27-year-old vulnerability in one of the most security-conscious operating systems ever built. Found by AI. Cost of the run: under $50.
That is not a future scenario. That is last month. The ground under all of us is shifting, and the only honest response is to lean in, understand what these models can actually do, and start building new mental models for what comes next.
Sources
1. Project Glasswing: Securing critical software for the AI era — https://www.anthropic.com/glasswing
2. Claude Mythos Preview — https://red.anthropic.com/2026/mythos-preview/
3. Partnering with Mozilla to improve Firefox's security — https://www.anthropic.com/news/mozilla-firefox-security
4. Anthropic's Claude found 22 vulnerabilities in Firefox over two weeks — https://techcrunch.com/2026/03/06/anthropics-claude-found-22-vulnerabilities-in-firefox-over-two-weeks/
5. Anthropic's Claude uncovers 22 Firefox security vulnerabilities — https://www.axios.com/2026/03/06/anthropic-mozilla-claude-opus-bug-hunting
6. Anthropic is giving some firms early access to Claude Mythos — https://fortune.com/2026/04/07/anthropic-claude-mythos-model-project-glasswing-cybersecurity/
7. Anthropic says its most powerful AI cyber model is too dangerous to release publicly — https://venturebeat.com/technology/anthropic-says-its-most-powerful-ai-cyber-model-is-too-dangerous-to-release
8. Anthropic limits Mythos AI rollout over fears hackers could use model for cyberattacks — https://www.cnbc.com/2026/04/07/anthropic-claude-mythos-ai-hackers-cyberattacks.html
9. Introducing Project Glasswing — https://www.linuxfoundation.org/blog/project-glasswing-gives-maintainers-advanced-ai-to-secure-open-source