Overview
- Anthropic is keeping Claude Mythos Preview closed to the public and is sharing it through Project Glasswing with a small group of major U.S. tech, security and finance firms to help them fix exposed weaknesses.
- Anthropic says the model uncovered thousands of previously unknown bugs across core software, including the Linux kernel, web browsers and OpenBSD-derived code, citing a 27‑year OpenBSD flaw and a Linux‑kernel chain that have since been patched.
- Senior U.S. financial officials urged large banks to test the tool despite Anthropic’s presence on a Pentagon blacklist, and major institutions such as JPMorgan Chase, Goldman Sachs, Citigroup, Bank of America and Morgan Stanley are reportedly running internal trials.
- European agencies largely lack direct access, with Germany’s BSI saying it has only held talks, while the UK’s AI Security Institute tested Mythos and reported it solved 32 simulated breach tasks and took over a virtual company network once enough compute was allocated.
- OpenAI introduced GPT‑5.4‑Cyber for vetted users in its Trusted Access program, reinforcing a controlled‑release trend that keeps potent cyber‑analysis tools in the hands of well‑funded organizations and raises questions about who can remediate or exploit systemic software flaws.