On April 7, 2026, Anthropic released something it immediately declined to make publicly available. What Claude Mythos Preview demonstrated in testing didn’t just raise the bar for AI capability, it fundamentally redrew the threat map for every security leader who hasn’t yet adjusted their programs to a machine-speed world.
What Actually Happened
Anthropic’s Claude Mythos Preview is a frontier-tier general-purpose model whose release was accompanied by an immediate decision not to make it publicly available, a signal of how operationally significant its capabilities are. Simultaneously, Anthropic launched Project Glasswing: a controlled coalition of twelve of the most consequential technology organizations on earth, given first-mover access to Mythos specifically for defensive security work.
For security leaders, this is not a product launch worth a briefing summary. It is a structural shift in the threat environment and the gap between organizations inside the Glasswing coalition and those outside it is already widening.
Prior AI models including Claude Opus 4.6 had a near-zero autonomous exploitation rate. Mythos has removed that ceiling entirely and the UK AI Security Institute’s independent evaluation confirmed it, placing Mythos at 73% success on expert-level tasks that no prior model could complete at all as recently as April 2025.
What Mythos Can Actually Do
The numbers from pre-release testing are not marketing language. Mythos Preview identified thousands of previously unknown zero-day vulnerabilities across every major operating system and web browser, including flaws that had survived decades of human review and millions of automated scans. It uncovered a 27-year-old vulnerability in OpenBSD, an OS whose entire identity is built on security hardening. Over a two-week window, it flagged more than 100 high-severity vulnerabilities in Mozilla Firefox alone.
“AI models have reached a level where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.”
Anthropic, April 2026
What separates Mythos from prior-generation tooling is not just discovery, it is autonomous exploitation. When given a list of 100 Linux kernel CVEs from 2024 and 2025, Mythos filtered them to 40 potentially exploitable candidates, then autonomously wrote working privilege escalation exploits for more than half, without human intervention after the initial prompt.
The exploitation gap has closed
The relevant prior metric: earlier models had a near-zero autonomous exploitation rate. Mythos has removed that ceiling. The UK AI Security Institute placed it at 73% success on expert-level tasks that no prior model could complete at all as recently as twelve months ago. This is not incremental progress. It is a category change.
What Project Glasswing Actually Is
Glasswing is Anthropic’s answer to the dual-use problem of owning a system capable of finding and exploiting critical vulnerabilities at scale. The coalition gives twelve founding partners access specifically for defensive security work on their own first-party systems and the open-source infrastructure they depend on.
The partner selection is deliberate, cloud platforms, OS and browser vendors, security infrastructure providers, GPU and AI infrastructure, networking vendors, and a major regulated financial institution:
Anthropic has committed to publicly releasing findings within 90 days of the April 7 launch, a report due in early July 2026 covering what was found, what was patched, and what the disclosure architecture learned. Treat that report as required reading for your security architecture team the moment it drops.
Central banks, government agencies, healthcare systems, and critical infrastructure operators are not inside the program. Their exposure is not reduced by Glasswing’s existence. A group of Discord users gaining unauthorized access to Mythos in early preview is a reminder that controlled access is a temporary condition, not a permanent moat.
The Real Threat Model Has Shifted
For most of cybersecurity’s history, finding serious vulnerabilities was the hard part. That constraint shaped the entire industry: patch cadences, bug bounty economics, red team resourcing, and SLA timelines were all calibrated to a world where the attacker’s main bottleneck was discovery.
The bottleneck is no longer finding vulnerabilities. It is responding to them faster than they can be weaponized.
Propelex Security Intelligence
That calculus is broken now. The median time from vulnerability disclosure to first exploitation was 771 days in 2018. By 2024 it had compressed to four hours. In 2025, most exploited vulnerabilities were weaponized before they were even publicly disclosed. When a patch ships, AI can now reverse-engineer it, identify the underlying flaw, and produce a working exploit in minutes.
The window between defender and attacker has effectively closed. The implication for security programs is direct: the priority is no longer improving discovery pipelines alone. It is compressing the time between discovery and verified remediation at scale and building organizational architectures that can sustain that pace. AI-enabled attacks already increased 89% year-over-year in 2025. The asymmetry is structural, not temporary.
What CISOs Should Act On Now
- Audit your patch latency. If 45% of your discovered vulnerabilities remain unpatched at 12 months, that backlog is now a materially different risk. Map it, prioritize it, and build remediation velocity into board reporting.
- Treat end-of-life software as critical risk. Systems running unsupported software that AI can rapidly enumerate are no longer an acceptable risk tolerance. Accelerate EOL migration programs.
- Build AI-augmented triage capacity. The volume of vulnerabilities that Mythos-class tooling will surface will overwhelm manual processes. Invest in automated prioritization and validation pipelines before the volume arrives.
- Watch the July 2026 Glasswing disclosure report. Anthropic’s 90-day public report will contain specifics on what was found, where, and how it was fixed. Treat it as required reading for your security architecture team.
- Assume open-source dependency exposure. Most modern stacks depend on open-source components. Glasswing partners are scanning those libraries now. A significant patch wave is expected before July. Monitor your dependency tree continuously.
- Start the quantum-readiness conversation. The 2030 quantum deadline on encryption is the medium-term structural threat. Both Mythos and quantum computing require investment decisions made in the next 12 months.
The Bigger Picture
Mythos and Glasswing are not a solution to the AI security problem. They are a signal of what the problem now looks like. Security leaders who treat this as a future-state concern are already behind. The organizations that build high-velocity remediation infrastructure deliberately before it becomes urgent, will carry a durable resilience advantage into a threat environment that is accelerating every quarter.
The access gap is a strategic risk. Being outside the Glasswing coalition is not a reason for panic, it is a reason for deliberate action. Propelex helps enterprises close the gap between vulnerability discovery and remediation, applying the same analytical frameworks that Glasswing partners are using internally, tailored to the specific constraints and priorities of your organization.
The organizations that build high-velocity remediation infrastructure now, before the Glasswing report lands, before the patch wave hits, before the next generation of tooling is accessible without controlled access agreements — will carry a structural resilience advantage. That window is open. It will not stay open.
The July Glasswing report lands soon. Will your program be ready?
A significant patch wave is coming. Attackers are already running Mythos-class tooling. The organizations that move now before the report, before the wave, before the next breach are the ones that won’t be reacting in a crisis. Propelex brings Fortune 50 security expertise to organizations that can’t afford to be caught flat-footed. We’ll assess your exposure, close the gaps, and build the remediation velocity your program needs to keep pace.