The cybersecurity community went on alert when Anthropic announced on April 7, 2026, that its latest and most capable general-purpose large language model, Claude Mythos Preview, had demonstrated remarkable – and unintended – capabilities. The artifical intelligence system was able to find and exploit software vulnerabilities – the most serious type of software bugs – at a rate not seen before.

The news ignited concern among the public, world governments and the information technology sector about the capabilities of today’s AI to undermine cybersecurity, with some people framing the model as a global cybersecurity threat.

Claiming that it would be too risky to release the model, and that the company had the moral responsibility to disclose these vulnerabilities, Anthropic said it would not immediately offer the model to the public. Instead, it granted exclusive access to tech giants to test the model’s capabilities, a process Anthropic dubbed Project Glasswing.

As a cybersecurity researcher, I think Mythos’ capabilities are impressive, but the AI system does not represent a radical departure. Mythos is less a new threat than a mirror reflecting how people behave and how fragile modern systems already are.

During a controlled evaluation, engineers with minimal security experience prompted Mythos to scan thousands of software codebases for vulnerabilities. The model showed striking capabilities in........

© The Conversation