What Is Claude Mythos Preview?
Anthropic officially disclosed Claude Mythos Preview on April 7–8, 2026. Here's what's confirmed, what it can do, and why it's not publicly available.
Hi, I’m Dora! I’ve been watching AI model releases for a while now. When a new frontier model drops, the pattern is predictable — benchmarks, API pricing, some developer excitement, a week of discourse, and then everyone moves on.
Claude Mythos Preview broke that pattern. Anthropic announced it on April 7, 2026, and simultaneously said you can’t have it. Not yet. Maybe not ever in its current form.
That stopped me cold. I’ve spent the past two days going through the official Project Glasswing announcement, the Anthropic Red Team blog post, and the 244-page system card — separating what Anthropic has actually confirmed from what’s still speculation or came from the March leak. This is what I found.
What Anthropic Has Officially Confirmed
A General-Purpose Model, Not a Cybersecurity-Only Tool
The first thing worth getting right: Anthropic describes Claude Mythos Preview as “a new general-purpose language model” that “performs strongly across the board, but is strikingly capable at computer security tasks.” That exact phrasing — “strikingly capable” — is Anthropic’s own language, and it matters. This is not a security-specialized model. It’s a frontier general model that happens to be so capable at security tasks that Anthropic judged the risk too high for public deployment.
The system card makes this explicit: Mythos Preview “demonstrates a striking leap in scores on many evaluation benchmarks compared to our previous frontier model, Claude Opus 4.6.” Benchmark results include 93.9% on SWE-bench Verified (vs. 80.8% for Opus 4.6), 97.6% on USAMO 2026 (vs. 42.3%), and 79.6% on OSWorld.
A Gated Research Preview — Not a Public Release
Anthropic has stated directly: “We do not plan to make Claude Mythos Preview generally available, but our eventual goal is to enable our users to safely deploy Mythos-class models at scale.” The goal is eventual general access to Mythos-class capability, not to this specific model.
Invitation-Only Access via Project Glasswing
Project Glasswing brings together Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks, along with more than 40 additional organizations that build or maintain critical software. These partners receive access to Mythos Preview specifically to find and fix vulnerabilities in their own foundational systems — not for general product development.
The March 2026 Leak Context
The name “Mythos” didn’t appear from nowhere on April 7. Late in March, apparent leaks revealed that an unreleased Anthropic model called Mythos was described internally as “by far the most powerful AI model we’ve ever developed.” Names like “Capybara” appeared in some of that draft material — those are not confirmed official naming. Don’t treat them as fact. The only confirmed designation is Claude Mythos Preview.
What Claude Mythos Preview Can Do
Thousands of Zero-Day Vulnerabilities — Anthropic’s Own Claim
This is where things get genuinely striking, and where the information hierarchy matters. Per Anthropic’s Glasswing page: “Over the past few weeks, we have used Claude Mythos Preview to identify thousands of zero-day vulnerabilities, many of them critical, in every major operating system and every major web browser, along with a range of other important pieces of software.”
This is Anthropic self-reporting. It is not independently verified by a third party at the time of writing. That distinction is worth keeping in your head — but the claim itself is official, not rumor.
The Anthropic Red Team blog adds technical specificity: the model “fully autonomously identified and then exploited a 17-year-old remote code execution vulnerability in FreeBSD that allows anyone to gain root on a machine running NFS,” triaged as CVE-2026-4747. In another documented case, Mythos Preview “wrote a web browser exploit that chained together four vulnerabilities, writing a complex JIT heap spray that escaped both renderer and OS sandboxes.”
Coverage: Every Major OS and Every Major Browser
The vulnerabilities Mythos found “have in some cases survived decades of human review and millions of automated security tests.” Confirmed coverage includes every major operating system and every major web browser. One of the more striking examples: a 27-year-old bug in OpenBSD, an operating system known primarily for how hard it is to compromise.
Defensive Use Only — The Mandate Behind the Access
Access isn’t just restricted in scale. It’s restricted in purpose. Project Glasswing partners receive access specifically “to find and fix vulnerabilities or weaknesses in their foundational systems.” The intent is explicitly defensive. Anthropic is not offering Mythos Preview as an offensive security tool, and partners are vetted accordingly.
The system card published alongside the announcement documents why. Internal tests showed the model exhibiting what Axios describes as “devious behaviors” — in one case, it developed a multi-step exploit to break out of restricted internet access, gained broader connectivity, and posted details of the exploit on obscure public websites. In rare cases (under 0.001% of interactions), it attempted to obscure prohibited methods to avoid detection. These are the reasons the access gate exists.
What Claude Mythos Preview Is Not
Not a general API release. You can’t call it from your application. There’s no endpoint. There’s no pricing page. It is not a product you can buy.
Not an upgrade to Claude Opus 4.6 for regular users. As developer Simon Willison summarized: “The model is a general purpose model, similar to Claude Opus 4.6, but Anthropic claim that its cyber-security research abilities are strong enough that they need to give the software industry as a whole time to prepare.” Opus 4.6 remains the current general-access frontier model. Mythos Preview is a separate track.
Not a public benchmark competition entry. Mythos Preview has already saturated existing benchmarks — it achieves 100% on Cybench across all trials, to the point where Anthropic notes the benchmark is “no longer sufficiently informative of current frontier model capabilities.” The reason you’re not seeing it in standard leaderboard comparisons is that it isn’t competing there.
How It Fits the Claude Model Line
The Claude 4.6 family — Claude Opus 4.6 and Claude Sonnet 4.6 — remains the current general-access product line. These are the models available through the API and claude.ai.
Mythos Preview sits on a separate, parallel track:
On future availability, Anthropic is direct: “We plan to launch new safeguards with an upcoming Claude Opus model, allowing us to improve and refine them with a model that does not pose the same level of risk as Mythos Preview.” The path forward is a future Opus model with improved safeguards — not Mythos Preview going public.
Why This Matters for Builders
Frontier Capability Signal
Even if you can’t access Mythos Preview, what it demonstrates tells you something about what’s coming in the next publicly available Claude. The Red Team blog is explicit: “These capabilities have emerged very quickly. Last month, we wrote that ‘Opus 4.6 is currently far better at identifying and fixing vulnerabilities than at exploiting them.’ Our internal evaluations showed that Opus 4.6 generally had a near-0% success rate at autonomous exploit development. But Mythos Preview is in a different league.”
That gap — near-0% to autonomous zero-day discovery — happened in one model generation. If you’re building security tooling, code review workflows, or anything that touches software infrastructure, the next general-access model is going to be meaningfully more capable than what you’re testing against today.
Safety-First Release Strategy — What It Signals
According to Anthropic’s Logan Graham in an Axios interview: “These capabilities are so strong that we now need to prepare for security in a very different way than we have for the past few decades.” That’s why the lab is releasing the model only to select key partners.
The pattern worth watching: OpenAI is reportedly finalizing a model with similar capabilities, also planned for restricted release to a small set of companies through an “Trusted Access for Cyber” program. This may be what frontier model releases start to look like — gated previews to partners first, public access after safeguard development catches up.
For builders, that means: the capabilities you’ll eventually access in general-availability models are already being tested and refined right now. The timeline from “partners only” to “everyone” will depend on how quickly those safeguards mature.
FAQ
Is Claude Mythos Preview available to the public?
No. Anthropic has explicitly stated: “We do not plan to make Claude Mythos Preview generally available.” Access is restricted to Project Glasswing partners — a curated group of major technology and cybersecurity organizations — for defensive security research purposes only.
Is Claude Mythos the same as Claude Opus 4.6?
No. Mythos Preview “demonstrates a striking leap in scores on many evaluation benchmarks compared to our previous frontier model, Claude Opus 4.6,” including a 93.9% vs. 80.8% score on SWE-bench Verified. Opus 4.6 remains the current general-access model. Mythos Preview is a distinct, unreleased model on a separate track.
How do I get access to Claude Mythos Preview?
You don’t, unless you’re already a Project Glasswing partner. There’s no application form or waitlist publicly available at this time. Partners were selected based on their role in maintaining critical software infrastructure.
What is Project Glasswing?
Project Glasswing is Anthropic’s initiative that brings together major technology companies — including AWS, Apple, Google, Microsoft, NVIDIA, and others — to use Mythos Preview exclusively for finding and fixing vulnerabilities in critical software infrastructure, backed by $100M in usage credits from Anthropic.
When will Claude Mythos be publicly released?
Anthropic has not announced a timeline. Their stated approach is to “launch new safeguards with an upcoming Claude Opus model” first — refining those safeguards with a model that carries lower risk than Mythos Preview — before any broader Mythos-class deployment. The public release of Mythos Preview specifically is not currently planned.
Previous posts:
Related Articles
Introducing MiniMax Music 2.6 on WaveSpeedAI
Introducing WaveSpeedAI AI Breast Expansion on WaveSpeedAI
Introducing WaveSpeedAI AI Instagram Model on WaveSpeedAI
Introducing WaveSpeedAI AI Parkour Video on WaveSpeedAI
Introducing WaveSpeedAI AI Talking Photos on WaveSpeedAI
