Anthropic’s Mythos AI model, a cyber-focused system the company has described as dangerous in the wrong hands, appears to have reached exactly the kind of people it was supposed to avoid. Bloomberg reports that a small group of unauthorized users got access to Claude Mythos Preview, even though Anthropic has kept the model off the public release schedule because it can identify and exploit vulnerabilities across major operating systems and browsers.
That’s the awkward part: the model is supposed to be limited to a narrow set of partners through Project Glasswing, including Nvidia, Google, Amazon Web Services, Apple, and Microsoft, with governments also taking a look. Instead, someone outside the circle reportedly found a way in using a mixture of contractor access and ordinary internet sleuthing tools. AI security has a habit of turning into security theater until someone proves otherwise.
How the Mythos access happened
According to Bloomberg, the group used knowledge of Anthropic’s other model formats, information tied to a recent Mercor data breach, and what amounted to a guess about where Mythos was hosted. One unnamed contractor reportedly had some role in the access chain, but Anthropic says it is investigating only a third-party vendor environment and has no evidence that the issue spread into its own systems.
The timing is embarrassing, too. The illicit access reportedly happened on April 7, the same day Anthropic announced limited testing of Mythos. That kind of overlap is the sort of detail attackers love and companies hate, because it suggests the window between ”controlled rollout” and ”publicly discoverable” may be smaller than the marketing decks imply.
Why Anthropic kept Claude Mythos locked down
Mythos is not a chatbot with a fancy badge. Anthropic says the model is built to find and exploit weaknesses in major software platforms when directed by a user, which is precisely why the company has no plans to ship it broadly. The pitch is obvious: powerful defensive research. The risk is equally obvious: the same capability is attractive to anyone who wants to break things instead of fix them.
- Model: Claude Mythos Preview
- Access: limited to a handful of companies through Project Glasswing
- Reported issue: unauthorized access by a small group of users
- Anthropic’s current position: no evidence of impact beyond a third-party vendor environment
The leak economy around unreleased AI models
Bloomberg says the group has been sharing screenshots and even a live demonstration as proof, and that members have been active in a Discord channel focused on unreleased AI models. That is the new product-launch preview cycle whether companies like it or not: private models, public curiosity, and a small cottage industry built around getting there first.
If Anthropic is unlucky, Mythos becomes a cautionary tale about vendor access and model secrecy. If it is typical, the episode simply confirms that the tighter the gate around a high-value AI system, the more attention it attracts from people who treat ”unauthorized” as a challenge rather than a warning label.