Claude's New AI Just Changed the Internet Forever

TL;DR

Anthropic's unreleased Claude Mythus model found decades-old security bugs across major software, and instead of releasing it publicly, gave defenders first access.

Key Points

• 1.Claude Mythus dramatically outperforms Anthropic's best public model on every benchmark. It scores 93.9% on SWE-bench vs. Opus 4's 80.8%, and 83.1% vs. 66.6% on cybersecurity benchmarks — a generational leap, not an incremental improvement.
• 2.The model discovered real-world vulnerabilities that humans and automated systems missed for decades. It found a 27-year-old remote crash bug in OpenBSD, a 16-year-old bug in FFmpeg that 5 million automated tests missed, and Linux privilege escalation bugs — and can chain multiple small vulnerabilities into full attacks.
• 3.Cybersecurity capability emerged as an unintended side effect of advanced code training. Anthropic never trained Mythus to hack; becoming elite at writing code automatically made it elite at breaking code, meaning every frontier coding model will inherit this capability.
• 4.Rather than releasing Mythus publicly, Anthropic launched Project Glasswing to give defenders a head start. Partners include AWS, Apple, Google, Microsoft, Nvidia, Cisco, and 40+ critical infrastructure organizations, backed by $100M in usage credits, $4M to open-source security groups, and a 90-day public disclosure commitment.
• 5.The creator of Claude Code publicly called Mythus 'very powerful and terrifying,' validating Anthropic's cautious approach. The key open question is whether OpenAI, Google, and Meta will follow suit, since the exponential capability curve means every future model generation will be an even more powerful hacking tool.