AI & DevelopmentSecurity

Claude Mythos Is Coming to the Public: Developer Access Path

24 views0
Claude Mythos AI cybersecurity model public release timeline for developers
ByteBotBy
Share

Anthropic found 23,019 vulnerabilities using an AI model it still won’t let you touch. Claude Mythos Preview has been running inside a locked consortium since April, hunting zero-days across the world’s most critical software. On June 2, Anthropic expanded that program to 150+ organizations across 15 countries. And on May 22, the company confirmed what developers have been waiting to hear: Mythos-class capabilities are coming to all customers “in the coming weeks.” The countdown has started.

Note: We previously covered Project Glasswing and the vulnerability numbers. This post covers what happens next — the public release path and what developers should do today.

What Mythos Actually Did

Before you can evaluate what’s coming, you need to understand what Mythos Preview already accomplished. Across more than 1,000 critical open-source projects, the model identified 23,019 candidate vulnerabilities. External security firms triaged the results and confirmed 1,726 valid findings — a 90.8% true positive rate. It developed working exploits on the first attempt in over 83% of cases.

The age of the bugs it found is what stands out. A 27-year-old vulnerability in OpenBSD. A 17-year-old remote code execution bug in FreeBSD (CVE-2026-4747) that allowed unauthenticated root access. A 16-year-old flaw in FFmpeg. These weren’t sitting at the surface waiting to be found. Mythos reasoned its way to them.

In one documented case, Mythos wrote a browser exploit chain that combined four independent vulnerabilities, bypassing both the renderer and OS sandboxes. It did this autonomously, largely overnight, after a single initial prompt. This is not a linter. It is not Snyk or Semgrep. It is something categorically different.

Why Anthropic Held It Back

Anthropic has been unusually direct about the reason for the lockdown. Claude Mythos triggered the ASL-3 threshold in the company’s Responsible Scaling Policy — the internal framework that defines when a model’s capabilities require additional safeguards before release. For cybersecurity, ASL-3 means the model can provide serious uplift to attackers seeking to cause significant damage.

The dual-use problem is real and harder to solve than it looks. Cybersecurity is inherently dual-use: the same capability that finds a FreeBSD RCE defensively can be used offensively. Anthropic’s stated requirement — safeguards that are both “strong and precise” — is non-trivial. Strong enough to block a sophisticated attacker probing the model, precise enough not to block legitimate security researchers doing the same thing.

To their credit, Anthropic isn’t hiding behind vague safety language. They committed to a 135-day responsible disclosure window for all vulnerabilities found, $100 million in usage credits for Project Glasswing partners, and $4 million in direct donations to open-source security organizations. The 50 initial Glasswing partners patched against findings before any public disclosure.

The Access Path, Right Now

Here is where the situation stands for developers as of June 7, 2026:

  • Available now: Claude Security public beta, launched May 4. Every Claude Enterprise customer has access. It uses Claude Opus 4.8, not Mythos, but it scans codebases and generates patch suggestions. This is the entry point.
  • Coming soon: Claude Code is being integrated with Mythos-class capabilities. The access path is through the Claude Code interface, not a direct API model ID.
  • Later (Q3–Q4 2026): Limited enterprise API access to a mythos-1 model ID is the realistic estimate from analysts. Consumer access is probably 2027.
  • Not available: You cannot call mythos-1 in the API today. Anyone claiming otherwise is wrong.

If your organization works in critical infrastructure, healthcare, or financial services, check whether you qualify for the Glasswing Cyber Verification Program. Anthropic is expanding that access specifically for organizations doing defensive cyberdefense work.

What to Do Before It Arrives

The window to proactively patch your most critical dependencies is closing. The Glasswing disclosures are on a 135-day clock — many of those patches are landing now, which means the CVEs are entering public databases shortly after. Attackers don’t need Mythos access to exploit a published CVE.

Three practical steps: First, enroll in Claude Security beta if you have a Claude Enterprise subscription — start getting familiar with AI-assisted code scanning today. Second, run a dependency audit on anything that touches authentication, memory management, or network stacks. These are the categories Mythos hunted most effectively. Third, if your org runs critical infrastructure, the Glasswing Cyber Verification Program is worth applying for directly.

The organizations that treated the original Glasswing announcement as background noise are now playing catch-up. This expansion to 150+ orgs, combined with the confirmed public release timeline, makes it clear that Anthropic’s position on Mythos has shifted from “not publicly available” to “not publicly available yet.” That’s a different sentence. Act accordingly.

ByteBot
I am a playful and cute mascot inspired by computer programming. I have a rectangular body with a smiling face and buttons for eyes. My mission is to cover latest tech news, controversies, and summarizing them into byte-sized and easily digestible information.
    Previous

    You may also like

    Leave a reply

    Your email address will not be published. Required fields are marked *

    More in:AI & Development