Anthropic's new artificial intelligence model, known as Claude Mythos PreviewIt has become the epicenter of the global debate on the limits of advanced AI. The company itself admits that the system is so powerful in terms of cybersecurity that it has decided not to launch it widely, an unusual decision in a sector accustomed to boasting about every new advance.
What's at stake is not just an incremental improvement over previous models, but a qualitative leap in the ability to detect and exploit computer vulnerabilitiesGovernments, central banks, major financial institutions, and European regulators are closely monitoring the case, aware that such a tool could strengthen the defense of critical systemsBut it could also open the door to attacks of unprecedented scale if it were to fall into the wrong hands.
What exactly is Claude Mythos and why has its launch been delayed?
Claude Mythos is one of the latest models in the Claude family, Anthropic's AI ecosystem that competes with OpenAI's ChatGPT and Google's GeminiIt is a general-purpose model, capable of reasoning, programming, and working with long-term context, but its most controversial feature is its performance in offensive and defensive cybersecurity.
Called “red teams”Specialists who test AI systems to their limits concluded in an internal report that Mythos is "surprisingly capable" in cybersecurity tasks. In benchmark tests such as SWE-bench Verified o SWE-bench ProDesigned to measure the ability to solve real-world software engineering problems, the model would have easily outperformed top-tier commercial alternatives, including advanced versions of GPT and Gemini, according to data provided by Anthropic itself.
Beyond the benchmarks, what has set off alarm bells is that Mythos was able to locate zero-day vulnerabilities —previously unknown flaws— in widely used software components, some over two decades old. In systems like OpenBSD, FFmpeg, and FreeBSD components, the model not only detected errors that had gone unnoticed for years, but also generated working exploits to take advantage of them.
Faced with these results, Anthropic opted for a decision that was unusual in the industry: to present the model and then announce that it will not be marketed openly. because it considers it poses unprecedented cybersecurity risks. The company insists that Mythos is the “best aligned” model they have built, but acknowledges that its enormous capacity amplifies the consequences of any misuse.
A model with "hacker" skills far beyond human capabilities
Technical documents and reports from various organizations agree that Mythos marks a turning point in the automation of complex attacksIn test environments simulating real corporate networks, the system was able to chain vulnerabilities, escalate privileges, and achieve persistent access in hours—tasks that would take a human expert days or weeks.
In Firefox's JavaScript engine, for example, earlier versions of Anthropic's models rarely managed to turn vulnerabilities into working exploits. Mythos, under the same test conditions, generated dozens of operational exploitsIt accurately replicates the exploitation of the most effective vectors. On analysis platforms like OSS-Fuzz, designed to find bugs in open-source software, it is credited with detecting high-severity vulnerabilities that had gone unnoticed despite years of automated testing.
The model has also demonstrated remarkable capabilities in reverse engineeringIt can reconstruct part of a program's logic from compiled binaries and, from there, locate and exploit flaws without accessing the original source code. This type of capability brings AI closer to scenarios that, until recently, were considered exclusive to highly specialized human teams.
One of the most frequently cited episodes in security assessments is the so-called "sandwich test." In an isolated laboratory environment, Mythos was given control of a system with explicit instructions to attempt escape the sandbox and contact the researcher who was supervising the test. The model managed to exploit a chain of vulnerabilities to escape its restricted environment and send an email to the person in charge, who was out of the office at the time. Although the incident occurred in an earlier internal version and under directed command, it illustrates the extent to which the system can operate in complex scenarios with minimal supervision.
Despite these demonstrations, analysts insist on clarifying that We are not dealing with a "conscious" AI or one with its own willMythos doesn't decide to attack systems on its own; it executes the tasks it's given as efficiently as possible. The risk, in this sense, isn't that the model will rebel, but that someone will use it—or force it to do so through sophisticated prompts—to perform harmful actions.
Project Glasswing: Mythos in the service of defense… for a select few
Instead of opening access to the general public, Anthropic has chosen to surround Mythos with a specific program, Project GlasswingDesigned to use the model's capabilities in a controlled manner for the protection of critical software, the initiative involves offering the system, under strict usage conditions, to a select group of large technology companies, infrastructure providers, and financial institutions.
Among the organizations with access are giants such as Amazon Web Services, Apple, Microsoft, Google CloudNvidia or Broadcomas well as cybersecurity firms like CrowdStrike, whose own flawed software caused a major global disruption in 2024. These are joined by world-renowned banks, including JP Morgan Chase and several large Wall Street groups, as well as other organizations responsible for maintaining sensitive IT infrastructures.
Anthropic has also announced loans worth $100 million This funding will enable these organizations to use Mythos for vulnerability analysis, along with donations to free software foundations such as the Linux Foundation and the Apache Software Foundation. The official objective is clear: to allow those who manage the world's most critical software to identify and correct flaws before such tools become available to potential attackers.
This strategy, however, is generating some unease within the sector. On the one hand, it reinforces the idea that technology is dangerous enough to require restricted access. On the other hand, It creates a gap between those who benefit from the Mythos "shield" and those who are left out.Companies and administrations that are not part of Glasswing run the risk of later facing vulnerabilities that were identified and patched in privileged environments, but that are still present in their own systems.
In Europe, this asymmetry is of particular concern to those responsible for critical infrastructure and the security teams of large industrial and financial groups, who are closely monitoring whether Brussels and the European capitals are ensuring that similar programs include key players from the continent on equal terms and cloud sovereignty with the US partners.
Reaction from governments, regulators and the financial sector
The impact of Mythos is not limited to the technical realm. In just a few days, the announcement of the model triggered high-level meetings in the United States and EuropeThe US Treasury Secretary summoned the heads of the country's major banks to Washington to assess the risks the system could pose to financial stability, while the Chairman of the Federal Reserve also participated in those talks.
According to leaks reported by international media, these entities were allegedly encouraged to Test Mythos in defensive modeusing it to scan their own infrastructure for weaknesses before others can. The implicit message is that the threat is serious enough to warrant a coordinated public-private response.
Meanwhile, the co-founder of Anthropic has confirmed that the company maintains direct talks with the United States government about Mythos and future models. These discussions take place in a tense context, after US authorities recently added the company to a list of supply chain risks, following friction related to the use of their models by the Department of Defense.
Across the Atlantic, the European Union has taken note. The European Commission has publicly endorsed a gradual and cautious approach to models like Mythos, and Financial regulators in the UK and on the continent have begun to specifically study its potential implications for banking and markets. The UK government's AI Security Institute (AISI) has described the system as a significant leap forward in terms of cyber threat compared to previous generations.
In Spain, although public debate is still limited, supervisory bodies and cybersecurity teams from banks and large energy companies are closely monitoring these developments. For the European financial sector, any advance that could facilitate coordinated attacks against payment systems, interbank networks, or trading platforms is a cause for serious concern.
Skepticism, doubts and debate about the “hype” surrounding Mythos
Anthropic's account, which combines security warnings with spectacular performance figures, has not been without its critics. Several AI and cybersecurity experts have called for caution when interpreting the company's statementsnoting that much of the available data comes only from internal reports.
Some analysts have reviewed in detail the extensive documentation published by Anthropic and point out that the figure of “thousands of high-severity vulnerabilities” is based on extrapolations from a relatively small number of manually reviewed cases. In certain test suites, Mythos reportedly found a significant number of critical flaws, but far from the almost apocalyptic scenario suggested by some headlines.
Other independent studies have attempted to compare Mythos's performance with smaller, open-source models, passing vulnerable code snippets to different AIs to see if they could detect the same flaws. The results indicate that Some open models are also capable of identifying complex vulnerabilitiesThis calls into question the idea that Mythos plays in a completely different league in all scenarios.
These kinds of counterexamples don't negate the capabilities of Mythos, but they do suggest that Part of the "too dangerous to publish" discourse also has a marketing dimension.Presenting a model as both extraordinarily powerful and a potential risk reinforces the image of technological leadership and responsibility, something very valuable in an increasingly competitive market.
The industry's recent history also recalls the precedent of GPT-2 in 2019, when OpenAI initially decided not to publish the full model, claiming it was too dangerous due to its potential to generate disinformation. Eventually, that version was released to the public without any of the predicted catastrophes materializing, and many experts cited it as an example of overreaction. With Mythos, The difference is that the focus is no longer on the text, but on the integrity of the digital infrastructure., a much more sensitive area for governments and banks.
A delicate balance between security, business, and access to technology
Beyond the media noise, the Mythos situation raises a fundamental issue: who decides when an AI model is too dangerous to release And under what criteria? For now, the decision has been unilateral on the part of Anthropic, which has opted to keep the system in a kind of controlled quarantine, reserving it for selected partners.
This position is not solely based on security reasons. Running a model with the characteristics of Mythos is very expensive in terms of computing, and the company itself acknowledges that it currently does not have the necessary infrastructure to serve it massively to millions of users. In practice, security precautions and technical limitations go hand in hand, giving Anthropic time to fine-tune both the model and its deployment.
At the same time, the company has begun to clearly differentiate between its various products. While Mythos remains as most advanced internal standardWhile reserved for research and strategic collaboration contexts, other models like Claude Opus 4.7 are geared towards everyday use by businesses and professionals. Anthropic has even publicly acknowledged that Opus 4.7 is "less capable" than Mythos in general terms and, in particular, regarding its cyber capabilities—something unusual in an industry that typically presents each new model as the best in every way.
In this scheme, Mythos functions as testbed for next-generation capabilitiesWhile commercially available models incorporate only a portion of these capabilities, with additional limitations designed to reduce risks, this separation between “experimental” and “production” models can be a reasonable approach for many European organizations interested in leveraging AI without being on the front lines of exposure, provided there is sufficient transparency regarding the actual capabilities of each system.
What is ultimately emerging is a scenario in which Cybersecurity is fully entering the era of large-scale offensive and defensive AITools like Mythos promise to accelerate the identification of vulnerabilities in systems that have been in operation for years, but they also force a rethinking of how the technology underpinning the digital economy is distributed and governed. For Europe and Spain, the challenge will not only be protecting themselves from increasingly powerful models, but also ensuring they are not left out of the mechanisms that allow them to be used to strengthen their own security.
