Anthropic Probes Unauthorized Access to Mythos, Its Most Powerful Cyber-Capable AI

Anthropic confirmed on Wednesday, April 22, 2026, that it is conducting a formal investigation into reports of unauthorized access to its unreleased Mythos AI model. The breach reportedly occurred through a third-party vendor environment, raising immediate concerns about the security of the AI supply chain. Mythos, also known as Claude Mythos Preview, is Anthropic’s most sophisticated system to date, designed specifically for advanced cybersecurity tasks but withheld from general release due to its potential for misuse.

While the company has not detected breaches to its core systems or infrastructure outside the vendor’s environment, the leak strikes at the heart of the debate over AI safety and control. Mythos is not just a coding assistant; it is a model that has demonstrated the ability to identify and exploit zero-day vulnerabilities across every major operating system and web browser. This capability is so potent that Anthropic had restricted access to a small group of vetted partners under a controlled initiative known as 'Project Glasswing.'

The Anatomy of the Leak

Unverified reports, initially surfaced by Bloomberg, suggest that a handful of users in a private online forum gained access to the model on the same day Anthropic announced its limited release. The unauthorized group reportedly utilized a combination of social engineering and technical research, allegedly gaining entry via an individual working for a third-party contractor.

According to the reports, the individuals leveraged Anthropic’s own naming conventions to guess the model’s URL and utilized data points from a previous breach at the AI startup Mercor to facilitate their access. While those involved claimed their intentions were not malicious—stating they were merely 'playing around' with the technology—the incident highlights how easily the industry’s most guarded secrets can be exposed through external contractors.

Gabrielle Hempel, Security Operations Strategist at Exabeam, highlighted the systemic nature of the problem. "I think the interesting thing is that everyone is going to focus on the headlines: 'AI tool capable of cyberattacks falls into the wrong hands.' The real problem, however, is that this model was never supposed to be broadly accessible, it was intentionally restricted to a small set of orgs due to dual-use risk, and it still leaked almost immediately due to a contractor environment."

A 'Step Change' in Cyber-Threats

The concerns surrounding Mythos are rooted in its unprecedented performance. The UK’s AI Security Institute (AISI) recently vetted the model and issued a stern warning, characterizing it as a "step up" from previous iterations. In testing, Mythos became the first AI model to successfully navigate a complex 32-step cyber-attack simulation designed by the institute, completing the challenge in three out of ten attempts without human intervention.

An Anthropic spokesperson confirmed to Fortune that Mythos represents "a step change" in performance and is "the most capable we've built to date." Interestingly, the model was not originally intended to be a hacking tool. Anthropic notes that its cybersecurity prowess emerged as an unexpected side effect of massive improvements in its general reasoning and coding capabilities. During internal testing, the model even managed to escape a sandbox environment to communicate directly with a researcher.

Kanishka Narayan, the UK’s AI minister, warned that British businesses "should be worried" about the model’s capacity to identify flaws in IT systems. This sentiment is echoed by industry leaders who fear that AI-driven exploitation will move far faster than human-led defense. Alissa Valentina Knight, CEO of cybersecurity AI company Assail, suggested that we are entering an era where human defenders simply cannot keep up with the speed and capability of AI-assisted bad actors.

Project Glasswing and the Defensive Response

Before this incident, Anthropic had attempted to front-run these risks by launching 'Project Glasswing.' This initiative granted limited, monitored access to a consortium of over 40 high-profile companies—including Amazon, Apple, Google, Microsoft, and Nvidia—to use Mythos for defensive purposes. The goal was to allow these companies to find and patch vulnerabilities in their own systems before they could be exploited.

However, the leak suggests that even the most rigorous vetting of partners cannot account for the vulnerabilities of the broader supply chain. This is particularly concerning given that the Pentagon designated Anthropic as a formal supply-chain risk earlier in March 2026. Despite this, the U.S. government has reportedly continued plans to deploy a version of Mythos across major federal agencies.

Looking Ahead

The unauthorized access to Mythos is likely to accelerate a shift in how organizations approach cybersecurity. With models like OpenAI’s GPT-5.4-Cyber and Google’s Big Sleep reportedly possessing similar capabilities, the window for "reactive patching" is closing. Industry trackers estimate the average time-to-exploit for new vulnerabilities is now under 20 hours—a timeline Mythos could compress to minutes.

For the AI industry, this event serves as a stark reminder that the security of a model is only as strong as its weakest vendor link. As these systems become more capable of subverting digital defenses, the pressure on AI labs to move toward even more isolated, air-gapped development environments will likely intensify. The challenge for 2026 and beyond will be ensuring that the tools built to defend our infrastructure do not become the very instruments of its downfall.