Claude Mythos & Project Glasswing: The AI Too Powerful to Release (April 2026)
By Learnia Team
Claude Mythos & Project Glasswing: The AI Too Powerful to Release
This article is written in English. Our training modules are available in multiple languages.
📅 Last Updated: April 8, 2026 — Announced April 7, 2026. Not publicly available.
📚 Related: Claude Opus 4.6 Guide | Opus 4.6 vs GPT-5.3 Codex | How to Choose the Right LLM
On April 7, 2026, Anthropic announced Project Glasswing — a partnership initiative built around Claude Mythos, their most powerful model. Mythos sits above the Opus tier, demolishes every existing benchmark, and found critical security vulnerabilities that had been hiding in open-source software for up to 27 years.
But here's the unprecedented part: Anthropic is not making Mythos generally available. Instead, they're restricting access to 12 vetted security partners — AWS, Apple, Google, Microsoft, CrowdStrike, and others — who will use it exclusively for defensive cybersecurity.
This is the first time a major AI company has built a frontier model and deliberately withheld it from the public. In this guide, we'll explain what Mythos can do, why Anthropic made this decision, and what it means for the future of AI development.
What Is Claude Mythos?
Claude Mythos is Anthropic's general-purpose frontier model — not a narrow cybersecurity tool, but a broadly capable AI that happens to be exceptionally good at finding vulnerabilities. It represents a new tier above Opus, trained with techniques that pushed performance well beyond what Opus 4.6 can achieve.
Key Facts
| Specification | Claude Mythos | Claude Opus 4.6 |
|---|---|---|
| Tier | Above Opus (new) | Opus |
| SWE-bench Verified | 93.9% | 80.8% |
| Terminal-Bench 2.0 | 82% | 65.4% |
| GPQA Diamond | 94.6% | 91.3% |
| OSWorld | 79.6% | 72.7% |
| CyberGym | 83.1% | 66.6% |
| Input Price | $25/M tokens | $5/M tokens |
| Output Price | $125/M tokens | $25/M tokens |
| Public Access | ❌ Partners only | ✅ General availability |
Project Glasswing: Defensive AI Security
Instead of burying Mythos or releasing it recklessly, Anthropic created Project Glasswing — a structured partnership program where vetted organizations use Mythos exclusively for finding and fixing vulnerabilities.
The Discovery That Changed Everything
During internal testing, Mythos found vulnerabilities that human security researchers had missed for decades:
- →A 27-year-old bug in OpenBSD — one of the most security-audited operating systems in history
- →A 16-year-old vulnerability in FFmpeg — the media framework used by virtually every video application
- →Exploit chains in the Linux kernel that could be combined for privilege escalation
- →Thousands of additional zero-days across browsers, operating systems, and critical infrastructure software
Launch Partners
12 organizations have direct Mythos access through Glasswing:
| Partner | Role | Focus Area |
|---|---|---|
| AWS | Cloud infrastructure | Cloud service security |
| Apple | Consumer hardware/software | macOS, iOS vulnerability scanning |
| Search, cloud, Android | Chromium, Android, cloud security | |
| Microsoft | Enterprise software | Windows, Azure, Office security |
| CrowdStrike | Cybersecurity firm | Endpoint protection, threat intelligence |
| Palo Alto Networks | Network security | Firewall, cloud security |
| + 6 others | Various | Enterprise and government |
An additional 40+ organizations have applied for access and are in the vetting process.
Benchmark Performance
Mythos doesn't just lead benchmarks — it redefines the scale. The gap between Mythos and the second-best model is larger than the gap between Opus 4.6 and mid-tier models.
What These Numbers Mean
SWE-bench Verified (93.9%) — Given a real GitHub issue, Mythos can autonomously write the correct fix 94 times out of 100. Opus 4.6 does it 81 times. That 13-point gap is enormous at the top of the scale.
Terminal-Bench 2.0 (82%) — The most demanding agentic coding benchmark, where models must navigate real terminal environments, debug errors, and complete multi-step tasks. Mythos leads by 17 points.
CyberGym (83.1%) — Purpose-built for evaluating AI on real vulnerability detection. Mythos scores 17 points above Opus 4.6, confirming its exceptional security capabilities.
Why Withhold a Model?
This is the first time a major AI lab has built a general-purpose frontier model and deliberately restricted public access. Understanding Anthropic's reasoning reveals important lessons about AI safety.
The Dual-Use Problem
Mythos can find vulnerabilities defensively (patching them) or offensively (exploiting them). The same capability that makes it invaluable for security teams makes it dangerous in the wrong hands.
Anthropic's Three-Part Strategy
- →Restricted access — Only vetted partners through Glasswing. No public API, no consumer access.
- →Financial commitment — $100 million in usage credits for partners and $4 million for open-source security projects.
- →Responsible disclosure — All vulnerabilities found by Mythos must be reported to maintainers before any public discussion.
The "Capybara" Leak
In March 2026, a data incident exposed internal Anthropic documents referencing a model codenamed "Capybara" with unusual cybersecurity capabilities. The leak included benchmark scores that far exceeded any public model and references to vulnerability discoveries.
Anthropic initially declined to comment. After independent researchers confirmed the benchmark claims, Anthropic accelerated the Project Glasswing announcement — moving it forward by several weeks.
The incident raised important questions about:
- →Security of AI labs themselves — If an AI company can't protect its own secrets, how do we trust them with society-scale decisions?
- →Responsible disclosure timelines — Should Anthropic have announced Glasswing before the leak?
- →Market dynamics — Competitors may now race to build similar capabilities without Anthropic's caution
Pricing & Economics
Mythos is the most expensive AI model publicly priced:
| Model | Input (per M tokens) | Output (per M tokens) | Ratio vs Opus 4.6 |
|---|---|---|---|
| Claude Mythos | $25 | $125 | 5× |
| Claude Opus 4.6 | $5 | $25 | 1× (baseline) |
| GPT-5.3 Codex | $10 | $30 | ~2× |
| Gemini 3.1 Pro | $3.50 | $10.50 | ~0.7× |
Financial Commitments
- →$100 million in usage credits distributed across Glasswing partners
- →$4 million in grants specifically for open-source security projects
- →Pricing structured to make extensive scanning economically viable for partners
What This Means for Developers
If You're a Security Professional
Project Glasswing is likely the most significant development in AI-assisted security since the invention of fuzzing. If your organization qualifies, apply for Glasswing access. Even without direct Mythos access, expect the vulnerabilities it finds to generate a wave of patches across major projects in coming months.
If You're Using Claude for Coding
Opus 4.6 remains your model. Its 80.8% SWE-bench score and general availability make it the best choice for day-to-day development. Mythos is not coming to Claude.ai, Claude Code, or the public API anytime soon.
If You're Building AI Products
Mythos proves that frontier models continue to advance rapidly. If your product depends on AI capabilities, plan for models that are 15–25% better at coding, reasoning, and analysis every 3–6 months. The jump from Opus 4.6 to Mythos suggests the next publicly available model will be significantly more capable.
The Bigger Picture: AI and Cybersecurity
Mythos represents a turning point for three conversations:
1. AI Capability Growth Is Accelerating
The jump from Opus 4.6 (February 2026) to Mythos (April 2026) is the largest two-month improvement in frontier AI history. This pace has implications for every industry.
2. The Safety vs. Access Debate Gets Real
For years, AI safety discussions were theoretical: "What if a model could do X?" Mythos makes it concrete: "This model can find zero-days in every major OS. What do we do?" Anthropic chose restriction. Not everyone will agree with that choice.
3. Defense Beats Offense (For Now)
By finding vulnerabilities before attackers, Mythos tilts the cybersecurity balance toward defenders — but only if access stays restricted. If similar capabilities leak or are replicated without safety controls, the advantage reverses.
Conclusion
Claude Mythos is the most capable AI model ever built — and the first one deliberately kept from the public. Project Glasswing is Anthropic's bet that some capabilities are better deployed through trusted partners than released broadly. Whether this model becomes a blueprint for responsible AI deployment or an example of excessive caution will depend on what happens next: how many vulnerabilities get patched, whether competitors follow Anthropic's approach, and whether Mythos-level capabilities eventually reach the public in a safer form.
For now, Opus 4.6 remains the most powerful Claude model you can actually use. But Mythos shows where AI is heading — and it's heading there fast.
Module 4 — Chaining & Routing
Build multi-step prompt workflows with conditional logic.
Weekly AI Insights
Tools, techniques & news — curated for AI practitioners. Free, no spam.
Free, no spam. Unsubscribe anytime.
→Related Articles
Cognitive Surrender: Why 73% of People Trust AI Even When It's Wrong (2026 Research)
GEN-1: The GPT-3 Moment for Physical AI — Robots That Learn From Mistakes (2026)
MemPalace: The Open-Source AI Memory System That Scores 96.6% — Complete Guide (2026)
FAQ
What is Claude Mythos?+
Claude Mythos is Anthropic's most powerful AI model, announced April 7, 2026 through Project Glasswing. It sits above the Opus tier and scored 93.9% on SWE-bench Verified — a jump of 13 points over Opus 4.6. It is not publicly available due to its cybersecurity capabilities.
Why isn't Claude Mythos publicly available?+
Mythos discovered thousands of zero-day vulnerabilities including a 27-year-old OpenBSD bug and a 16-year-old FFmpeg bug. Anthropic is withholding general access until cybersecurity safeguards are in place, making it available only to vetted security partners.
What is Project Glasswing?+
Project Glasswing is Anthropic's initiative to use Claude Mythos for defensive cybersecurity instead of restricting it entirely. 12 launch partners — including AWS, Apple, Google, Microsoft, and CrowdStrike — receive access to deploy Mythos for vulnerability detection.
How does Claude Mythos compare to Claude Opus 4.6?+
Mythos outperforms Opus 4.6 on every major benchmark: 93.9% vs 80.8% on SWE-bench Verified, 82% vs 65.4% on Terminal-Bench 2.0, 94.6% vs 91.3% on GPQA Diamond, and 79.6% vs 72.7% on OSWorld. It costs 5× more ($25/$125 per million tokens).
How much does Claude Mythos cost?+
Claude Mythos is priced at $25 per million input tokens and $125 per million output tokens — 5× more expensive than Opus 4.6. Anthropic is providing $100 million in usage credits to launch partners and $4 million to open-source security projects.
What benchmarks does Claude Mythos lead?+
Mythos leads on SWE-bench Verified (93.9%), Terminal-Bench 2.0 (82%), SWE-bench Pro (77.8%), GPQA Diamond (94.6%), HLE with tools (64.7%), BrowseComp (86.9%), OSWorld (79.6%), and CyberGym (83.1%).
Was Claude Mythos leaked before its official announcement?+
Yes. In March 2026, a data incident revealed a model codenamed 'Capybara' with unusual cybersecurity capabilities. Anthropic confirmed this was an early version of Mythos and accelerated the Project Glasswing announcement.