Anthropic Built an AI So Powerful, They Said It Was Too Dangerous to Release. Then It Got Hacked.
Meet Claude Mythos, the model rattling governments, security experts, and Silicon Valley all at once.
I was scrolling through my feed last week when I saw a headline that made me stop and read it twice: "AI company builds tool that can hack any computer on Earth, says it's too dangerous to release." My first thought was that it was clickbait. It wasn't. This is real, it happened this month, and it involves one of the biggest names in artificial intelligence right now: Anthropic.
If this is your first time hearing about Anthropic, don't worry. A lot of people know ChatGPT and OpenAI, but fewer people know about Anthropic and their AI called Claude, which is one of the most capable and widely used AI systems in the world right now. Before we get into the Mythos story, let's quickly introduce the key players, because this story involves several major companies and you'll want to know who they are.
First, who are these companies?
Founded in 2021 by Dario Amodei and his sister Daniela Amodei, along with several colleagues who all previously worked at OpenAI, the company behind ChatGPT. They left because they disagreed with the direction OpenAI was heading, feeling that safety was being sacrificed for speed. So they started their own company, built specifically around the idea that AI should be safe first. Their AI is called Claude. As of early 2026, Anthropic is valued at around $380 billion.
OpenAI is the San Francisco company behind ChatGPT, the AI chatbot that essentially introduced the world to conversational AI when it launched in late 2022. Before that explosion, most people had no idea what a large language model was. OpenAI is where several of Anthropic's founders, including Dario Amodei, originally worked before leaving to build a safer alternative.
Amazon Web Services is the world's largest cloud computing platform, powering a huge portion of the internet. Amazon has invested over $33 billion into Anthropic, making it one of the largest AI investments in history. In return, Anthropic committed to running its AI systems on Amazon's servers. Amazon gets early access to Anthropic's most powerful models, including Mythos.
Microsoft has invested billions in OpenAI and integrated AI into everything from Word to Bing. But they've also partnered with Anthropic, giving them access to Mythos for security testing. Microsoft is essentially betting on multiple horses in the AI race, which is a sign of just how important this technology has become.
Nvidia makes the GPUs, the specialised chips that almost every major AI system in the world runs on, including Claude. Without Nvidia's hardware, the current AI boom simply wouldn't exist. They've become one of the most valuable companies on the planet as a direct result. Nvidia is also one of the companies given access to test Mythos.
Google has its own AI called Gemini, but has also invested billions into Anthropic, its direct competitor. Strange as that sounds, it's a common move in tech: invest in the competition to ensure you're on the winning side no matter what. Google is also one of the companies testing Mythos under Anthropic's limited release programme.
So what exactly is Claude Mythos?
Anthropic releases their AI models in tiers, with names like Haiku (smallest, fastest), Sonnet (middle ground), and Opus (largest, most powerful). Mythos sits above all of them as a completely new tier, more capable than anything Anthropic has built before.
But what makes Mythos different isn't just that it's smarter. It's what it's specifically good at that has everyone concerned.
What Mythos can do that no AI has done before
Find hidden security flaws autonomously. Mythos can scan software and operating systems for vulnerabilities, which are weaknesses in the code that hackers could use to break in, entirely on its own with no human guiding it. During testing, it found flaws in every major operating system and every major web browser, including bugs that had been hiding in the code for 10, 20, even 27 years.
Build working exploits from scratch. Finding a flaw is one thing. Mythos can then build a working attack using that flaw, automatically, with no human help at all. In one case it chained four separate vulnerabilities together into a single browser exploit. That is the kind of sophisticated attack that would normally require an expert hacker with years of experience.
Do it overnight, while you sleep. Engineers at Anthropic with no formal security training asked Mythos to find vulnerabilities and went to bed. They woke up the next morning to a complete, working exploit. That's the part that silenced a lot of people in the security world.
Cover its tracks. Perhaps most alarming of all, Mythos can cover evidence of its own activity after an attack, making it harder to detect that anything happened.
So why build it at all?
This is the question worth sitting with. If it's dangerous, why create it?
Anthropic's argument, one that serious people in cybersecurity agree with, is that tools like Mythos are going to exist whether or not any single company builds them. The technology is advancing regardless. The question is whether the people building it are thinking carefully about the risks, or not. Anthropic's position is that they'd rather be the ones who build it, study it, and figure out how to defend against it, than leave that work to someone with fewer safety concerns.
To that end, they launched a programme called Project Glasswing, a coordinated effort to use Mythos to find and patch vulnerabilities in the world's most critical software before bad actors can find them first. Think of it like hiring a thief to test the locks on your bank vault. The intent is defensive, even if the capability is offensive.
Here is where it gets worse: it was hacked on day one
Anthropic announced Mythos and their limited release plan on the same day. The model would only be available to a handful of trusted companies: Amazon, Microsoft, Google, Nvidia, and a few major banks including Goldman Sachs, Citigroup, and JPMorgan, all for security research purposes only.
On that exact same day, unauthorised users got in.
Anthropic reveals the model publicly for the first time and begins controlled access through Project Glasswing partners. The announcement itself causes significant concern in government and security circles.
On the same day as the announcement, a group of users in a private online forum found a way in through a company that works with Anthropic, not through Anthropic's own systems directly. They gained full access to Mythos.
According to Bloomberg, who broke the story, the group had been using Mythos regularly after gaining access. They were not using it for cyberattacks, but the access itself was deeply alarming to Anthropic and to security officials.
Anthropic acknowledged the breach, stating they were investigating unauthorised access through a third-party vendor environment and that there was no evidence their own core systems were compromised.
The US government, which had already been briefed by Anthropic on Mythos's capabilities, began trying to assess the risks. Treasury Secretary Scott Bessent convened a meeting with senior American bankers specifically to discuss the model.
The irony is almost too on-the-nose. A model designed to expose security vulnerabilities was itself accessed through a security vulnerability. On its first day.
What does this mean for the rest of us?
Realistically, most people reading this aren't going to be targeted by Mythos-level cyberattacks anytime soon. The immediate concerns are at the level of governments, banks, hospitals, and critical infrastructure. These are the systems that, if compromised, affect everyone indirectly.
But the bigger picture matters. We are watching in real time as AI crosses a threshold that most people haven't fully registered yet. For years, AI was about generating text, answering questions, making recommendations. Mythos represents something different: an AI that can independently navigate complex technical systems, find their weaknesses, and exploit them better than most human experts.
Where things stand right now
As of this week, Mythos remains under limited release. Anthropic is continuing Project Glasswing with its select partners while investigating the unauthorised access incident. Washington is still figuring out how to respond to a technology that doesn't fit neatly into existing regulatory frameworks. And the security community is debating, loudly, whether Anthropic made the right call building this at all.
What's clear is that the AI conversation has permanently changed. We are no longer talking about chatbots that write emails or generate images. We are talking about systems that can independently attack and defend the digital infrastructure that modern life runs on. That is a different kind of technology and it deserves a different level of attention.
This story is still developing
We will be covering more of what is happening in tech as it unfolds. If Mythos rattled you even a little, the next few months in AI are going to be worth paying attention to. Stay with us to get:
0 Comments