Claude Mythos Preview is Anthropic's unreleased frontier model, officially acknowledged April 7, 2026 as the core of Project Glasswing — a closed cybersecurity initiative restricted to around 40 partner organisations. It leads 17 of 18 benchmarks Anthropic measured: SWE-bench Verified 93.9% (13+ points above any publicly available model), CyberGym 83.1%, Terminal-Bench 2.0 82%, USAMO 2026 97.6%.
Why It's in Assess — not Adopt or Trial
Mythos is not available to the general public. You cannot procure it, you cannot call it from the Anthropic API, and Anthropic has stated it does not currently plan a public release because the model's offensive cybersecurity capabilities are judged too dangerous to ship broadly. Engineering teams cannot adopt or trial something they cannot access.
It earns an Assess slot rather than being left off the radar because:
- The benchmark delta is material. A jump from 80.8% (Claude Opus 4.6) to 93.9% on SWE-bench Verified is the largest single-release gain on that benchmark since it was introduced. If the score holds under independent verification, it signals a step change in what a frontier model can autonomously resolve from a real GitHub issue.
- Partner access is real. Anthropic's Project Glasswing partners include Amazon, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks, plus ~40 additional critical-infrastructure organisations. That is a production-deployed cohort, even if narrow.
- It resets expectations for Opus/Sonnet successors. Whatever Anthropic ships next publicly will likely sit between Opus 4.6 and Mythos on capability. Teams planning long-horizon agentic workloads should factor this ceiling into their roadmap.
- Financial-sector attention is real. On April 10, Federal Reserve Chair Powell and Treasury Secretary Bessent briefed major U.S. bank CEOs on Mythos's capabilities — an unusual step that signals the model's capabilities have moved beyond the tech industry.
Reported Benchmark Scores
| Benchmark | Mythos Preview | Claude Opus 4.6 (reference) |
|---|---|---|
| SWE-bench Verified | 93.9% | 80.8% |
| SWE-bench Multilingual | 87.3% | 77.8% |
| SWE-bench Multimodal | 59.0% | 27.1% |
| SWE-bench Pro | 77.8% | — |
| CyberGym | 83.1% | 66.6% |
| Terminal-Bench 2.0 | 82.0% | 65.4% |
| USAMO 2026 | 97.6% | ~42.3% |
| GPQA Diamond | 94.5% | ~91.3% |
| MMMLU | 92.7% | — |
All Mythos numbers are vendor-reported and have not been independently reproduced, because third-party evaluators do not have API access to the model. Treat as directional until corroborated. The sole benchmark where Mythos does not lead: MMMLU, where Gemini 3.1 Pro scores 92.6–93.6, essentially tied.
What Mythos Can Do (Vulnerability Research)
The capability that triggered the restricted release: Mythos autonomously identifies, exploits, and chains zero-day vulnerabilities without human guidance after the initial prompt. Specific confirmed examples:
- 17-year-old FreeBSD RCE (CVE-2026-4747): Unauthenticated remote code execution giving full server control. Fully discovered and exploited autonomously.
- 27-year-old OpenBSD crash: A remote crash vulnerability surviving three decades of expert review and fuzzing.
- 16-year-old FFmpeg bug: Missed across more than 5 million automated test runs; found by Mythos through code reasoning.
- Linux kernel privilege escalation chain: A multi-step exploit chain requiring discovery of two cooperating bugs and their interaction — exactly the kind of vulnerability automated tools cannot find.
Vulnerability chaining is the key differentiator over earlier models: Mythos strings together three, four, or sometimes five independent vulnerabilities into a single sophisticated exploit path, producing outcomes that no single vulnerability would yield on its own. This shifts the threat model for defenders.
What Project Glasswing Is
Project Glasswing is a ~$100M initiative in model-usage credits and foundation donations ($2.5M to Alpha-Omega/OpenSSF via the Linux Foundation, $1.5M to the Apache Software Foundation). Partners receive Mythos Preview access specifically to scan first-party and open-source software for vulnerabilities.
The framing matters: Anthropic is positioning the restricted release as a safety measure, not as a commercial preview. There is no stated GA date. The Cloud Security Alliance, SANS Institute, and OWASP issued a joint report concluding that organisations are "likely to be overwhelmed" in the near term by threat actors using AI to find and exploit vulnerabilities faster than defenders can patch — though attackers "still face a heavier relative burden due to the inherent limitations of patching."
When NOT to Plan Around Mythos
- Procurement roadmaps. Do not write RFPs or budget forecasts that assume Mythos API access in the next two quarters. Treat it as unavailable until Anthropic announces otherwise.
- Benchmark comparisons for model selection. Mythos scores should not anchor purchasing decisions between Sonnet 4.6, Opus 4.6, and GPT-5.4 today. Compare the models teams can actually deploy.
- Vulnerability disclosure workflows. If your organisation is not a Glasswing partner, you cannot currently use Mythos for defensive security work — and independent evaluation of its false-positive rate is not public.
Key Characteristics
| Property | Value |
|---|---|
| Provider | Anthropic |
| License | Proprietary |
| Pricing | Not publicly listed (partner access only) |
| Context window | Not publicly disclosed |
| Parameters | Not publicly disclosed |
| Architecture | Not publicly disclosed |
| Status | Restricted preview — Project Glasswing partners only |
| Website | anthropic.com/glasswing |
Further Reading
- Project Glasswing (Anthropic)
- Mythos Preview technical blog (Anthropic Frontier Red Team)
- Anthropic debuts preview of powerful new AI model Mythos in new cybersecurity initiative (TechCrunch)
- Anthropic says its most powerful AI cyber model is too dangerous to release publicly (VentureBeat)
- On Anthropic's Mythos Preview and Project Glasswing — Schneier on Security — analysis of attacker/defender balance implications
- Powell, Bessent discussed Anthropic's Mythos AI cyber threat with major U.S. banks (CNBC)
- Project Glasswing — restricting Claude Mythos to security researchers (Simon Willison)
- SWE-bench Verified entry (this radar) — for how to read the scores above