Claude Mythos – Anthropic’s restricted “Mythos” model—designed for high-level computer security work—appears to be moving closer to broader public access. References to the preview model surfaced in Claude Code and Claude Security, and a short-lived toggle gave some users a g
The toggle didn’t last long. But in the few moments it appeared, it made one thing clear: Anthropic is getting ready to put its restricted Claude “Mythos” model closer to public use.
Mythos was first announced in April as a previewed model with major security risks tied to software and cyberattack development. On April 7, Anthropic introduced Mythos in early preview and described it as a new frontier model with strikingly advanced capabilities in computer security tasks.
Anthropic’s own framing is why the rollout remains so closely guarded. The company said Mythos delivers major improvements in code reasoning and autonomy, well beyond its current flagship model, Opus 4.7. And while coding upgrades are not new for AI systems. Mythos is different in Anthropic’s account: the company found the model can automatically develop functional cyberattacks at a highly professional level.
The stakes, in Anthropic’s view, are global. The company claimed that releasing Mythos could pose a severe risk to global digital infrastructure. warning that “The advantage will belong to the side that can get the most out of these tools.” In the near term. it said attackers could benefit if frontier labs aren’t careful about how these models are released. In the long run, Anthropic expects defenders to use the tools to fix bugs before new code ships.
That last promise is also the reason Anthropic decided against a public rollout at first. The company pointed to the risk of attackers exploiting a massive volume of unpatched vulnerabilities in popular apps such as Firefox. Anthropic said it needed to prepare a powerful guardrail system before opening Mythos to the public.
Now, those guardrails may have arrived—at least in part. Claude Code and Claude Security both now show references to the Mythos model, and some users briefly noticed a toggle to enable Mythos in the public version of Claude Code before it was taken offline.
The model is labeled “claude-mythos-1-preview.” It also briefly appeared in the public version of Claude Security. Taken together, the sightings suggest Anthropic is preparing Mythos for a public rollout—but it remains unclear whether it will be available across all subscription tiers.
Behind the scenes, Anthropic says it is working with companies on finding potential AI-driven exploits. At the same time. the company confirmed it is working on a new project called “Glasswing. ” described as an effort in which the AI startup collaborates with other companies to secure the world’s most critical software from potential AI-driven exploits. Glasswing uses the unreleased Claude Mythos Preview and has already helped up to 50 organizational partners.
The numbers Anthropic has shared help explain the earlier hesitation. Mythos Preview, Anthropic said, uncovered 10,000 high- or critical-severity vulnerabilities in its first month alone. Anthropic also showed a dashboard containing open-source vulnerabilities across all severities found by Mythos Preview. That scale of discovery is why Mythos has been held back—because the same capabilities that surface weak spots can also be used to find ways to break through them.
For now, Anthropic’s public offerings remain the same set it lists: Claude Opus 4.7, Opus 4.6, Opus 4.5, Sonnet 4.6, and Haiku 5.5.
The message from Anthropic has been consistent: guardrails first, public access later. But the brief appearance of Mythos in Claude Code has shifted the feeling from theoretical preparation to something closer to a countdown—one measured in toggles. references. and the moment when access becomes wide enough for both attackers and defenders to move.
Anthropic Claude Mythos Claude Code Claude Security AI security automated pentesting cybersecurity model guardrails software vulnerabilities Glasswing
So basically they’re making hacking easier, right?
I saw something about a toggle but it disappeared fast… seems like they’re just testing the waters. If it can “develop cyberattacks” then idk why people are acting like it’s normal.
Wait, Mythos is the one that helps defenders patch bugs before stuff ships? Like that’s the same thing as what regular AI does, no? Also Firefox?? I’m probably misunderstanding but it sounds like they’re blaming browsers for security issues like the browser is the attacker.
“Advantage will belong to the side that gets the most out of these tools”… that sentence is scary lol. They say it’s guarded but then it shows up in Claude Code and Claude Security for a second like, okay so what, one slip and everybody gets it? I don’t trust any of this, the first thing people will do is try to make it break into stuff. Defenders can patch all they want but attackers always move faster.