I host and produce many podcasts in the cybersecurity space, and for the last few months, almost every guest has brought up the same name unprompted - Claude Mythos. We all know by now that AI is taking the world by storm, and the race to lead it is starting to feel less exciting and more unsettling - well, at least for me. 

I keep coming back to one question: When did we, as a society, become so dependent on the output of an app, even though it's humans who trained it to "think"? Now, Mythos enters the chat, and everyone wants to talk about all its capabilities, but we seem to be missing the point. 

em360tech image

Fewer people are asking what that capability means for the person sitting behind the firewall, or the ordinary user who has no idea any of this is happening. How many funny videos have we seen on social media of employees randomly copying and pasting private company information just to reply to a simple email? Many might think it seems harmless, but it's really not.

Mythos is Anthropic's most advanced model to date, and what sets it apart isn't general intelligence. It's what it can do with code. Anthropic says the model can identify and exploit software vulnerabilities at a level comparable to, or beyond, skilled human security researchers. This claim has caught the attention of regulators, banks, and security teams, all trying to understand what comes next.

With that in mind, this gap is exactly why Mythos has become a focal point in cybersecurity conversations. Through several episodes of the Security Strategist podcast, I've had the opportunity to listen to the thoughts of some of the industry's leading voices, including Richard Stiennon, Edward Wu, Dan Shiebler, Shachar Hirshberg, and Kevin Curran. Their perspectives helped cut through the headlines, and these are some of the key insights I took away from those conversations.


Mythos AI

Why Mythos Access Runs Through Project Glasswing

One of the things that intrigues me most about Mythos is who actually gets to use it. Access isn't open. It runs through Project Glasswing, an Anthropic-led coalition built specifically to find and fix vulnerabilities in the world's most critical software before attackers can exploit Mythos-class capability themselves. Founding partners named publicly include AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks, with Anthropic later expanding access to roughly 50 core partners plus dozens more delivered through cloud providers like AWS and Google Cloud.

During testing, Mythos turned out to be capable enough that Anthropic pulled back general release entirely. A few numbers worth sitting with, drawn from Anthropic's own Project Glasswing updates and independent reporting:

  • More than 10,000 high- or critical-severity vulnerabilities were found across critical software within roughly a month of the program's launch.
  • 6,202 high- and critical-severity vulnerabilities were identified out of more than 23,000 flaws found scanning 1,000 open-source projects.
  • Cloudflare alone found around 2,000 bugs, 400 of them high or critical severity, after gaining access.
  • A reported tenfold increase in partners' bug-finding rate once Mythos was in the loop.

For the public, Anthropic released a separate, more restricted version called Fable 5, built without Mythos's cybersecurity capabilities. The split exists because Anthropic says those capabilities are too dangerous to make broadly available until critical software is in a much stronger position.

Critics have pointed out the obvious tension that is in Anthropic's commercial interest to emphasise how unprecedented Mythos is, particularly as the company is reportedly considering an IPO later this year. Separating genuine capability from hype remains one of the biggest challenges in covering frontier AI, and Mythos is no exception.

Even so, regulators appear increasingly comfortable with broader access. Anthropic has confirmed that the US Department of Commerce has lifted export restrictions on its most advanced AI models. From 2 July 2026, Claude Fable 5 and Mythos 5 will once again be available to international users.

Mythos AI's Cat-and-Mouse Game

During the podcast with DropZone AI, Richard Stiennon put this question directly to Edward Wu, and his framing has stuck with me. His view is that Mythos didn't break the fundamental dynamic between attackers and defenders. What it did was push attacker tradecraft up a level, which means defenders now have to find their own next step function in response.

Wu broke down AI's value inside the security operations centre into two parts:

  1. Efficiency: teams do more with the same headcount and finally reach projects that always got pushed aside.
  2. Effectiveness: AI agents run dozens of alerts in parallel, querying multiple SIEMs and EDR tools at once, so analysts can finally cover the low and medium-severity alerts that used to get ignored simply because nobody had the hours.

He also raised something I hadn't considered, which is detection tuning. Security teams have spent years quietly turning off "noisy" alerts to manage workload, which technically cuts noise but punches holes in detection coverage. Wu shared that some of his customers are now using AI to reverse years of that tuning. This is to help widen visibility back out instead of running their SOC, as he put it, with a telescope strapped to their head.

On the exploit-writing capability itself, Wu wasn't surprised. He noted Mythos wasn't actually the first model capable of this, and that with good harness engineering, people found similar results from older models, and later from GPT-5.5 as well. As for hallucinations, his take was that most of what gets blamed on the model is really a failure of context engineering. Feed a model the right reference material, the same way you would hand someone a Wikipedia page before asking them a trivia question, and the error rate will drop dramatically.

When AI Attacks Outrun Defence

Dan Shiebler, one of the co-founders of Artemis Security, walked through why this moment feels structurally different from previous waves of AI hype, not just louder. You see, traditional security architecture relied on an economic reality. This meant that crafting an attack took time, resources, and reconnaissance, and using that attack cost the attacker something. That cost imposed a natural rhythm that defenders could exploit, but you see now with AI that breaks that rhythm. Crafting new attacks is now cheap and fast to iterate on, and agentic architectures let attackers pivot across systems without a human steering every decision.

Shiebler described attacking an organisation as an exploration process, chasing down dozens of threads that mostly lead nowhere until one doesn't. AI lets attackers run that exploration in parallel instead of one thread at a time, which means defenders can no longer assume there's a human pause between stages of an attack chain.

Cybersecurity expert Richard Stiennon, who also hosts so many of EM360Tech's podcasts, connected this directly to Mythos in this conversation with Shiebler. He described how it chained together a series of individually minor vulnerabilities into full control of a machine. He called it the clearest public picture yet of automated attack chaining in practice, especially given how little documentation exists on doing this at scale.

Are you enjoying the content so far?

Shiebler also raised a point I think gets lost in the hype, which is the "harness," meaning the software scaffolding running around a model, matters as much as the model itself. Better harnesses mean more parallel execution and shared memory across agent instances, which makes a working exploit method far more dangerous once it exists, since it can be cloned and run by every attacker who finds it. The flip side, he was careful to add, is that defenders have access to the same harness improvements.

Frontier AI Lab Flags Bigger Security Concerns

away the branding, and what Mythos really represents is a public admission, from a frontier lab and its enterprise partners, that the bottleneck in cyber offence and defence is no longer human attention.

Shachar Hirshberg, who is the other co-founder from Artemis Security, said during the show that almost every enterprise security leader he talks to now gets the same question from their board: " How do we prepare for the Mythos era?” He answers that the Mythos era isn't coming. It's already here, and the conversation has shifted to how companies prepare both strategically and operationally.

Mythos and the Future of Software Quality

Not every voice in this conversation is alarmed, though. Kevin Curran, Professor of Cybersecurity at Ulster University, gave me the most surprising turn of the discussion. He admitted he hit a moment of genuine panic back in January, when he first grasped the trajectory of agentic AI. His thinking has shifted since, for two reasons. The first is economic. Hackers, including nation-state actors, are ultimately driven by money and control rather than chaos for its own sake. As a result, a form of mutual deterrence helps keep the worst outcomes in check.

The second reason is what he's watched defenders do with the same technology. Firefox fixed 271 bugs in a matter of weeks using Opus 4.6, not even Mythos, scanning their own codebase more thoroughly than any human team could manage. Their conclusion was that software free of known defects is now within reach, because the scanning tools finally outperform every human reviewer, including, in their own assessment, any human attacker.

Curran's bigger point is about adaptation. People across the security industry, himself included, are dealing with a strange mix of emotions. This is a quiet grief that decades of hard-won expertise are being absorbed by tools anyone can run, alongside real excitement about what those same tools let defenders do. His own description was that it's a mixed bag, and I think that's the most honest summary of where the whole industry stands right now.


Everyone is talking about Mythos, but what does it actually mean for cybersecurity?

Mythos and Cybersecurity

What I take away from all of this is that the numbers back this up. According to Anthropic's own Project Glasswing updates, partners found more than 10,000 high or critical-severity vulnerabilities within about a month of the program launching, including thousands in major open-source projects. The raw capability only tells half the story. The security leaders I spoke with argue defenders get the same parallel-processing and harness advantages attackers do. The gap isn't the technology, it's whether organisations actually rebuild their detection and response processes to use it. That's what I keep coming back to. 

Mythos isn't a single product story. It's a preview of where both sides of cybersecurity are heading. This means attackers are running parallel, automated exploration with less human bottlenecking, and defenders gaining that same scale for detection and response if they're willing to rebuild around it. The sky isn't falling as fast as I thought it would back in January. It also isn't standing still. As Curran put it, anyone working in this field today is dealing with a reality that requires holding two truths at once.