Anthropic limits access to AI model, fearing future of cyberattacks

Q: Why is Anthropic limiting access to Claude Mythos Preview?

Anthropic is limiting access because the model found thousands of critical vulnerabilities across operating systems, web browsers, and other software. The company said it is worried that similar capabilities could be used by bad actors to accelerate cyberattacks.

Q: What is Project Glasswing supposed to do?

Project Glasswing is a new initiative that brings together more than 40 companies to use Claude Mythos Preview for defensive security work. It is designed to find bugs, share the findings with partners, and patch critical vulnerabilities before attackers can exploit them.

Anthropic has announced it is rolling out its AI model, Claude Mythos Preview, to only a select group of companies after the new model found thousands of critical vulnerabilities across operating systems, web browsers and other software.

The new general-purpose model, Anthropic said, also found high-security vulnerabilities in every major operating system and web browser.

“Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely.”

AI has already been used by hackers to conduct cyberattacks. There has been a 72% year-over-year increase in AI-powered cyberattacks, with 87% of global organizations experiencing AI-enabled cyberattacks in 2025, according to AllAboutAI.

Anthropic expressed concern over what would happen if similar AI capabilities were used by bad actors.

To combat this, Anthropic announced Project Glasswing on Tuesday, a new initiative that brings together more than 40 companies, including Amazon Web Services, Apple, Cisco, Google, JPMorgan, the Linux Foundation, Microsoft and Nvidia.

Project Glasswing will use Claude Mythos Preview's capabilities to defensively find bugs, share the data with its partners and get ahead of threats by patching critical vulnerabilities before bad actors can exploit them.

Decades-old bugs are being discovered

A zero-day vulnerability is a software bug that can be exploited before anyone with the ability to fix it even knows it exists. Finding and patching them has historically required rare, expensive human expertise, but AI could change the scale and speed of detection.

Anthropic said the vulnerabilities it finds are “often subtle or difficult to detect.”

Many of them are 10 or 20 years old, with the oldest found so far being a now-patched 27-year-old bug in OpenBSD — an operating system known primarily for its security, it added.

It also found a 16-year-old bug in the FFmpeg media processing library, a 17-year-old remote code execution vulnerability in the open-source FreeBSD operating system and numerous vulnerabilities in the Linux kernel.

Mythos Preview also identified several weaknesses in the world’s most popular cryptography libraries, algorithms and protocols, including TLS, AES-GCM and SSH.

It added that web applications “contain a myriad of vulnerabilities,” ranging from cross-site scripting and SQL injection to domain-specific vulnerabilities such as cross-site request forgery, which is often used in phishing attacks.

Lifecycle of a zero-day exploit. Source: PhoenixNAP

Anthropic claimed that 99% of the vulnerabilities it found have not yet been patched, “so it would be irresponsible for us to disclose details about them,.

Software will emerge more secure, but not overnight

Anthropic said that this is likely just the beginning of a trend, and the “work of defending the world’s cyber infrastructure might take years,” but AI will help harden software and systems.

“In the long run, we expect that defense capabilities will dominate: that the world will emerge more secure, with software better hardened—in large part by code written by these models. But the transitional period will be fraught.”

Magazine: Nobody knows if quantum secure cryptography will even work