Anthropic Built a Model Too Powerful to Release. What’s next?

Anthropic just told the world that they built something too dangerous to let us use.

That’s not marketing spin. April 7, 2026, Anthropic announced Project Glasswing https://www.anthropic.com/glasswing, a coalition of heavyweights including AWS, Apple, Google, Microsoft, NVIDIA, CrowdStrike, and others, all assembled around a single premise: their unreleased frontier model, Claude Mythos Preview, has reached a level of capability that demands an organized, industry-wide defensive response before it can be trusted in the wild. They’ve committed up to $100 million in usage credits and $4 million in donations to open-source security organizations. They are not messing around.

So what does Mythos actually do that warranted this level of alarm?

What Mythos Found

Claude Mythos Preview is a general-purpose frontier model, not a specialized cybersecurity tool, but its coding and reasoning capabilities have effectively made it one. Anthropic used Mythos to scan critical software infrastructure, and the results were sobering. The model autonomously discovered thousands of zero-day vulnerabilities. These flaws were all unknown the software’s own developers, many rated high-severity. Mythos found critical vulnerabilities in every major operating system and every major web browser.

Let that sink in for a moment. Every OS. Every browser.

A few of the specific findings are worth highlighting. Mythos found a 27-year-old vulnerability in OpenBSD, one of the most security-hardened operating systems in existence, commonly used to run firewalls and critical infrastructure. The flaw allowed a remote attacker to crash any machine running the OS simply by connecting to it. It also discovered a 16-year-old vulnerability in FFmpeg, the ubiquitous video encoding library, in a line of code that automated testing tools had executed five million times without catching the problem. And in one particularly alarming demonstration, the model autonomously discovered and chained together multiple vulnerabilities in the Linux kernel to escalate from ordinary user access to complete control of the machine.

These are the kinds of exploits that would earn a skilled human researcher a career-defining bounty. They evaded discovery by every security expert, scanner, and red team for decades. Mythos found each of them within a matter of hours.

On the CyberGym benchmark for reproducing cybersecurity vulnerabilities, Mythos Preview scored 83.1% compared to 66.6% for Claude Opus 4.6. On SWE-bench Verified, a measure of agentic coding ability, Mythos hit 93.9% versus Opus 4.6’s 80.8%. This is not incremental improvement. This is a generational leap.

Too Powerful to Ship

Here’s where things get unsettling. Anthropic has stated plainly that they do not plan to make Claude Mythos Preview generally available. Their reasoning: AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities. If those capabilities proliferate beyond responsible actors, the consequences for economies, public safety, and national security could be severe.

That’s a remarkable statement from a company whose business model depends on selling access to AI models. Anthropic genuinely believes the offensive potential of Mythos outweighs the commercial upside of a general release, at least until they can develop safeguards that block the model’s most dangerous outputs. They’ve extended limited access to over 40 organizations that build or maintain critical software infrastructure, but the general public will never get their hands on Mythos in its current form.

The question that should keep everyone up at night is whether all AI creators will exercise this kind of restraint. Anthropic made a calculated decision to hold back an commercially valuable product because they concluded the risks were too high. But the AI landscape is crowded and competitive, and not every player has the same safety culture. What happens when a less cautious organization develops a model with similar capabilities and decides that shipping fast is more important than shipping safely? Anthropic themselves acknowledged that frontier AI capabilities are likely to advance substantially over just the next few months. Not years; months.

The Build vs. Buy Shift

Now, let’s pivot to something closer to home for a lot of businesses. The same AI capabilities that make Mythos so formidable at finding vulnerabilities also make it, and its publicly available cousins, astonishingly good at writing software. SWE-bench scores north of 90%. Terminal-Bench scores in the 80s. These measure the ability to autonomously resolve real software engineering tasks.

This is changing the build vs. buy calculus in a meaningful way. For years, the default answer for most businesses needing software solutions was to buy an off-the-shelf product. The cost and complexity of custom development simply couldn’t be justified unless you had very specific needs and a healthy IT budget. But when an AI coding assistant can scaffold an entire application in an afternoon, the math starts to shift. Why pay a SaaS vendor $10,000 a year for a tool that does 70% of what you need when you can build the perfect bespoke tool for your needs at a fraction of that cost, with no ongoing licensing fees?

If you’re an incumbent software vendor, you should be concerned. The moat that protected your business, the sheer difficulty of building custom software, is eroding in real time. Your customers are starting to realize they can build things themselves. The value proposition of off-the-shelf software needs to evolve beyond “it exists and you can’t build it” to “it’s better, more secure, and more reliable than what you’d build on your own, and the price is reasonable for the value you get.”

The Part Where I Tell You to Be Careful

And that brings me to the part where I put on my consultant hat and beg you to pump the brakes just a little.

Yes, AI-powered coding tools are incredible. They are genuinely democratizing software development in ways that would have been unthinkable two years ago. A business analyst can prototype a working application. A marketing director can build an internal dashboard. A small agency owner can stand up a custom workflow tool without hiring a developer. That’s real, and it’s exciting.

But here’s what’s also real: these tools will happily walk you right off a cliff if you don’t know where the edge is.

I’ve already seen it happening https://www.kaspersky.com/blog/vibe-coding-2025-risks/54584/. Someone asks their AI coding assistant to help them set up a web server, and the assistant cheerfully walks them through opening ports on their production firewall. Congratulations, you’ve just exposed your internal network to the internet because a chatbot told you to! You’ve been Dunning-Krugered, and you’re going to have a Very Bad Day when someone (or their AI model) finds the hole you just poked in your defenses.

Or consider this scenario: you build a powerful data extraction tool because your AI assistant made it look easy. You deploy it against your production database, and it works great for about ten minutes, until it saturates your server’s I/O capacity and brings your entire operation to a crawl during business hours. Your collection floor can’t pull up accounts. Your payment portal is timing out. All because nobody asked whether the hardware could handle the load.

These are not hypothetical problems. These are the kinds of issues that IT professionals and consultants deal with every day. Security architecture, capacity planning, network segmentation, access controls, backup strategies… none of these are things that an AI coding assistant is going to proactively manage for you. It will write the code you ask for. It will not tell you that the code you’re asking for is a terrible idea in the context of your infrastructure.

The Bottom Line

That’s thrilling. It’s also dangerous, and the danger doesn’t come from the AI itself. It comes from the gap between what these tools empower people to build and what those people understand about the consequences.

Anthropic looked at what Mythos could do and decided the responsible thing was to keep it locked down until they could build adequate guardrails. That’s the right call. But you don’t need a Mythos-class model to get yourself into trouble. Opus and other publicly available tools are plenty powerful enough to create real problems if you don’t have the expertise to anticipate them.

So build things. Experiment. Take advantage of this incredible moment in technology. But before you deploy anything that touches your production environment, your customer data, or your network perimeter, talk to someone who does this for a living. The AI will write the code. It takes a human to understand the consequences.

Rob Grafrath is a Receivables Technology Expert, Collaborator andConsultant in the Debt Collections arena. Rob can be contacted via email @rob@grafrath.net