Anthropic announced Claude Mythos Preview earlier this month, presenting it as a frontier model with cyber skills that outpace almost all human experts. The company said the model “reveals a stark fact: AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.”
Mythos Preview has already found thousands of high severity vulnerabilities, including flaws in every major operating system and web browser. Anthropic reported that it identified a 27 year old flaw in OpenBSD, a 16 year old flaw in FFmpeg, and chained vulnerabilities in the Linux kernel to gain full control of a machine. Many of these weaknesses had survived decades of human review.
The global cost of cybercrime might be around $500 billion every year, according to Anthropic. That context matters for the UK, where banking systems, NHS records, energy networks and government services depend on complex software.
Anthropic has not made Mythos Preview generally available. Instead, it launched Project Glasswing with partners including Amazon Web Services, Microsoft, Google, Cisco and The Linux Foundation. Anthropic is committing up to $100M in usage credits and $4M in direct donations to open source security groups.
How Capable Is The Model In Real World Cyber Tasks?
The UK’s AI Security Institute published its evaluation exactly a week ago. It found “continued improvement in capture-the-flag (CTF) challenges and significant improvement on multi-step cyber-attack simulations.”
On expert level CTF tasks, which no model could complete before April 2025, Mythos Preview succeeds 73% of the time, according to the Institute. In a 32 step corporate network attack simulation known as The Last Ones, the model completed the full chain in three out of ten attempts. On average, it completed 22 out of 32 steps. The next best model, Claude Opus 4.6, averaged 16 steps.
The Institute wrote that two years ago, “the best available models could barely complete beginner-level cyber tasks.” Now, when directed and given network access, Mythos Preview could “execute multi-stage attacks on vulnerable networks and discover and exploit vulnerabilities autonomously – tasks that would take human professionals days of work.”
It also said the model could not complete an operational technology range called Cooling Tower and that the simulated environments lacked active defenders. The Institute said it cannot say for sure how the model would perform against well defended systems.
What Are Companies Saying And What Should UK Organisations Do?
Anthony Grieco, SVP and Chief Security and Trust Officer at Cisco, said, “AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back.”
Amy Herzog, Vice President and CISO at Amazon Web Services, said, “We’ve been testing Claude Mythos Preview in our own security operations, applying it to critical codebases, where it’s already helping us strengthen our code.”
Lee Klarich, Chief Product and Technology Officer at Palo Alto Networks, said, “There will be more attacks, faster attacks, and more sophisticated attacks. Now is the time to modernise cybersecurity stacks everywhere.”
The AI Security Institute gives advice to UK organisations. It said Mythos Preview can exploit systems with weak security posture. It talks about “the importance of cybersecurity basics, such as regular application of security updates, robust access controls, security configuration, and comprehensive logging.” It also directs organisations to guidance from the National Cyber Security Centre and its Cyber Essentials scheme.
The reality for British businesses and public bodies is that AI can find and fix long hidden software flaws, but it can also find and exploit them. The task now is to make sure defensive use keeps up.
What Do AI Experts Think?
More experts in the AI space have shared their insights and comments on Claude Mythos. Here’s what they said:
Scott Dawson, CEO, DECTA
“Anthropic’s Mythos model serves as a sobering reminder that the financial sector’s greatest strength – its connectivity – is also its primary point of vulnerability. While the Bank of England and the IMF are right to be wary the unknown unknowns of such advanced AI, we must avoid a pivot toward purely defensive stagnation. The potential for an AI model to identify systemic exploits at scale is a serious security concern, but it is also a call to action for technical rigor.”
“For the UK’s fintech and payments ecosystem, the challenge is about building secure-by-design infrastructure that can withstand automated threats. Navigating this complexity will require a proactive regulatory regime that moves beyond static checklists to enforce dynamic, real-time oversight of algorithmic behaviour. As we move further into the era of autonomous financial workflows, the industry needs to prioritise standardised, high-quality data and robust safeguarding protocols.
“Stability in this new landscape won’t be achieved through silence or delay, but by ensuring that the same technology capable of exposing vulnerabilities is utilised to fix them. The goal for 2026 must be to stay ahead of the curve, transforming these sophisticated models from systemic risks into the very catalysts that harden our global financial resilience.”
More from Artificial Intelligence
- Experts Comment: The EU AI Act Comes Into Force This August – Will It Help Or Hinder European Startups?
- Chinese Scientists Call For Global AI Governance – What Would This Mean For Tech Startups Around The World?
- Is OpenAI Moving Into The Cyber Defence World Next?
- Experts Comment: AI Detectors Are Doing More Harm Than Good – Here Is How Education Should Actually Respond
- Why Are So Many Mega Influencers Creating AI Clones To Replace Them?
- OpenAI Puts Stargate UK Data Centre Project On Pause – But Why?
- Should Governments Have The Power To Switch Off The World’s Most Powerful AI Models?
- Taiwan’s TSMC Profits Set To Surpass 50% Thanks To AI Chip Demand
Nik Kairinos, CEO, RAIDS AI
“What makes Mythos significant is not only the capability, but what Anthropic chose to do with it. A frontier model, without instruction, surfaced a Linux kernel vulnerability that had gone unnoticed for 27 years. Restricting release to critical infrastructure partners is the right call, but it only buys time.
“When finance ministers, central bank governors, and the CEOs of major banks are publicly concerned about a single AI model, the framing has already shifted. We are no longer debating whether frontier AI creates systemic risk. We are watching institutions scramble to catch up to capabilities that are already in the wild.
“The harder problem sits downstream. You cannot prevent every zero-day from being found, by AI or otherwise. What you can do is monitor every AI system in your estate for anomalous behavior, in real time, with a continuous evidence trail. The organizations that instrumented their AI before this week are in a very different position from those still treating governance as an annual audit exercise.”
Radi El Haj, CEO, RS2
“The reported release of Anthropic’s Mythos cybersecurity model to UK financial institutions represents a significant inflection point for the sector. While attention has focused on the scale of vulnerabilities the model is said to have identified, the deeper implication is how rapidly artificial intelligence is reshaping the cyber risk landscape.”
“What this development highlights is a fundamental shift: AI is no longer just enhancing defensive capabilities – it is accelerating the discovery of systemic weaknesses across critical infrastructure. In this environment, the traditional timelines for identifying, patching and mitigating vulnerabilities are being compressed dramatically.”
“For financial institutions, this raises urgent questions about preparedness. If advanced models can uncover zero-day vulnerabilities at scale, it must be assumed that similar capabilities will eventually be accessible beyond controlled environments. The challenge is no longer hypothetical, it is operational.”
“This moment reinforces three key priorities for the industry.”
“First, resilience must be continuous rather than reactive. Static security models are insufficient in a context where threats can evolve in near real time. Institutions will need to invest in dynamic monitoring, automated response mechanisms and infrastructure capable of adapting at speed.”
“Second, systemic risk demands systemic coordination. The engagement of UK regulators and authorities reflects an understanding that cyber threats at this level extend beyond individual firms. Structured collaboration, controlled access to sensitive capabilities and rapid information sharing will be essential to maintaining stability.”
“Third, technology architecture is now a critical differentiator in risk management. Institutions operating on flexible, modern platforms will be better equipped to respond quickly to newly identified vulnerabilities, while those reliant on legacy systems may face increased exposure and slower remediation cycles.”
“Ultimately, this is less about a single model and more about a structural shift in how cyber risk is discovered, understood and managed. As AI continues to accelerate both insight and threat, the institutions that succeed will be those that treat cybersecurity not as a function, but as a core component of resilience and trust.”
Ansgar Dodt, VP Product Management, Software Monetisation, Thales
“We’ve been warning about this shift for a long time – AI is dramatically lowering the barrier to discovering and exploiting software weaknesses and accelerating it to a scale humans simply can’t match.
“The implication is clear: organisations now have to assume their software and applications will be continuously analysed, deconstructed and stress-tested by adversarial AI.
“That demands a fundamental rethink of software protection. It is necessary not only to systematize the remediation of vulnerabilities after they are discovered, but also for developers to make it more difficult, from the design stage onward, for attackers to understand and exploit the code. That means protecting the application itself – through encrypting code and sensitive data, obfuscating logic, and embedding runtime defences that actively detect debugging, tracing or tampering attempts and respond in real time, for example by preventing execution or invalidating access.”
“Critically, protection also needs to be resilient, ensuring the integrity of the application and removing the clear seams of vulnerability attackers can exploit to separate and analyse code. The goal is to deny adversaries, and increasingly their AI tools, the visibility they rely on.
“An industrialised cybersecurity approach is needed to combine AI-augmented SOCs, AI-driven DevSecOps, automated patching and response (SOAR), advanced testing, and legacy system protection within a trusted framework. Cloud Security Alliance’s recommendations and the upcoming Cyber Resilience Act (CRA) both emphasize integrating AI-based vulnerability analysis throughout the development lifecycle to prevent exploitation from the outset.
“Mythos Preview might never become public, but it’s only a matter of time before we see models with comparable hacking abilities released by competitors out in the wild. Organisations need to act now to harden their applications against AI-driven analysis, or risk being exposed at machine speed. The conversation needs to move quickly from awareness to implementation. With the obligations under the CRA, failing to protect software applications from vulnerabilities can lead to reputational damage, potential penalties, product recalls, and loss of market access.”
