Anthropic holds back new AI model launch and grants access only to selected companies
Anthropic just made a decision you rarely see in the tech world: holding back one of its own products because it considers it too dangerous to be made available to the general public.
The product in question is Claude Mythos Preview, an artificial intelligence model with impressive capabilities in the field of cybersecurity — and it is precisely that power that has the company concerned.
It is not every day that one of the biggest AI companies in the world announces a new technology and, in the same breath, says it will restrict access to it. But that is exactly what happened.
The model has already found thousands of high-severity critical vulnerabilities in operating systems and browsers that no one had discovered before — some of them lurking undetected for more than two decades.
If that sounds like good news, it is because it is.
But there is another side to it: the same technology that finds these flaws can be used by those who want to exploit them.
And that is where things get more complex. 👇
What is Claude Mythos Preview and why it is so different
Claude Mythos Preview is not just another language model with a few extra technical skills. It represents a considerable qualitative leap in what an AI system can do within the realm of cybersecurity. While previous models could, at best, help developers identify generic patterns in vulnerable code, Mythos Preview goes much further: it analyzes entire systems, understands the context of how different components interact with each other, and maps out exploitation paths that human analysts would take weeks or months to discover. This is something that significantly changes the game, both for those defending systems and for those attacking them.
Receive the best innovation content in your email.
All the news, tips, trends, and resources you're looking for, delivered to your inbox.
By subscribing to the newsletter, you agree to receive communications from Método Viral. We are committed to always protecting and respecting your privacy.
Anthropic describes the model as a tool with deep technical reasoning capability, specifically trained to understand complex software and hardware architectures. In practice, this means it can read an entire operating system, identify where the original developers made implementation mistakes — no matter how small — and connect those mistakes to real attack vectors. Some of the vulnerabilities the model found have existed since the 2000s and went through decades of manual audits and automated tools without being detected. That says a lot about the level of technical sophistication built into this version of Claude.
It is also worth understanding that Claude Mythos Preview is being positioned as a restricted-use tool, unlike other Anthropic products that reach the market with relatively open access. The company made it clear that the model will not be available to the general public, at least not at this stage. Access is being managed selectively, focusing on organizations that work directly with cyber defense, security research, and critical software infrastructure.
Who will have access to the model and how it works
Anthropic defined a very specific group of companies and organizations that will be able to use Claude Mythos Preview. Among the selected companies are heavyweights like Microsoft, Apple, CrowdStrike, and Amazon Web Services, along with more than 40 organizations that build and maintain critical software infrastructure. This is not a random list — these are companies that deal daily with defending systems used by billions of people around the world.
The goal is straightforward: these partner companies will use Mythos Preview in their own defensive security work. They will be able to scan both proprietary systems and open-source code in search of vulnerabilities that have remained invisible for years. Discoveries made by these partners will be shared by Anthropic with the entire industry, creating a cycle of collective benefit. This means that even organizations that are not part of the consortium can indirectly benefit from the fixes and patches generated from the model’s work.
To make all of this happen, Anthropic announced a significant financial commitment: up to 100 million dollars in usage credits and 4 million dollars in direct grants for open-source security organizations. This investment shows that the company is not just doing marketing with the announcement — it is putting real resources on the table to ensure the technology is used productively and broadly within the security ecosystem.
Project Glasswing: the initiative that puts Claude at the center of digital defense
Project Glasswing is the name of Anthropic’s program that organizes and guides the use of Claude Mythos Preview within controlled cybersecurity contexts. The company formally announced the initiative alongside the model reveal and made it clear that the project was born precisely after internal researchers realized the full extent of Mythos Preview’s capabilities. In Anthropic’s own words, the model could reshape cybersecurity as we know it.
Within Project Glasswing, the model works in partnership with specialized security research teams, receiving context about the systems it needs to analyze and returning detailed reports on the vulnerability points it identifies. The process is supervised by humans at every stage, which is a deliberate decision by Anthropic to ensure the model does not operate autonomously in sensitive environments. This supervisory structure is part of what sets Project Glasswing apart from other industry initiatives that lean more heavily on AI system autonomy.
Anthropic described the project as an urgent attempt to put these capabilities to work for defensive purposes. That urgency is not just rhetoric — it reflects the company’s perception that, given the current pace of AI advancement, it will not be long before similar capabilities spread to other systems, potentially in the hands of actors who are not committed to the safe use of the technology.
The initiative also has a long-term research component, focused on understanding how large language models can be responsibly incorporated into offensive and defensive security workflows. This includes studying the limits of what Claude Mythos Preview can do without human guidance, mapping scenarios where the model might make technical interpretation errors, and developing containment mechanisms for situations where it identifies a critical vulnerability in an active production system. Project Glasswing is, essentially, a living laboratory for understanding how Anthropic can scale this technology responsibly in the years ahead. 🔬
The real problem: AI as a dual-use weapon in cybersecurity
Before models like Claude Mythos Preview, security vulnerabilities could go unnoticed for years, precisely because of the shortage of specialized professionals with deep enough knowledge to find them. The security auditing process has always been slow, expensive, and dependent on a limited pool of human experts. This meant that many flaws were only discovered when someone — often with bad intentions — stumbled upon them by accident or through systematic investigation.
Now, artificial intelligence is changing that dynamic in a radical way. And the problem is that this change is not one-sided. The same technology that allows legitimate companies to find and fix critical flaws is also creating opportunities for hackers and foreign adversaries to detect those same vulnerabilities faster and more efficiently than ever before.
Anthropic was quite direct about this concern in its official announcement. The company stated that the consequences — for the economy, public safety, and national security — could be severe if these capabilities spread without control. This kind of statement is not common in product announcements in the tech sector, and it shows the degree of genuine concern within the company about the potential for malicious use of the model.
Why Anthropic decided to hold back access to the model
The decision to restrict public access to Claude Mythos Preview was not made out of a lack of confidence in the product itself, but rather out of a very realistic understanding of how powerful cybersecurity technologies behave when they end up in the wrong hands. Anthropic has been consistent in its stance on the responsible development of artificial intelligence, and this case is a direct extension of that philosophy. The company openly acknowledges that it created something that, in malicious hands, could be used to compromise critical systems at scale — and that public admission is, in itself, quite unusual in the industry.
The company’s reasoning follows a dual-use logic that is well known in sectors like defense and pharmaceuticals: the same tool that heals can cause harm, depending on who uses it and how. In the case of the model developed by Anthropic, the ability to identify zero-day vulnerabilities — those that do not yet have an available fix — poses a concrete risk if the model were made available without filters. A malicious actor with access to Claude Mythos Preview would have, at their fingertips, a system scanning and exploitation tool that far surpasses anything currently available in the cyber attack tools market. This is not a distant hypothetical; it is a scenario the company clearly evaluated before deciding on restricted access.
Another relevant factor in the decision is the current state of the global debate on artificial intelligence regulation. Anthropic is positioning this restriction also as a signal to regulators and the industry as a whole: it is possible, and sometimes necessary, for technology companies to put voluntary brakes on products that present clear risks, even when that means giving up immediate revenue. This stance creates an interesting precedent and places the company in a different position from most of its competitors, who tend to prioritize speed to market over caution. 🤔
Anthropic also sees opportunities beyond the risk
Despite all the concern about misuse, Anthropic made a point of highlighting that these capabilities also bring enormous opportunities. The model does not only serve to find flaws in legacy systems — it can also help create new software with fewer security bugs from the start. This represents a paradigm shift: instead of fixing problems after they are exploited, it becomes possible to prevent them from existing in the first place.
The company described Project Glasswing as an important step toward giving defenders a lasting advantage in the era of AI-driven cybersecurity. That phrase carries a lot of meaning, because it implicitly acknowledges that we are entering a new phase where AI is not just an auxiliary tool — it is the battlefield itself.
What changes for the future of cybersecurity with models like this
The existence of Claude Mythos Preview — even with restricted access — already shifts the debate about the role of AI models in cybersecurity. Until recently, the discussion revolved around using artificial intelligence to automate repetitive analysis tasks, like log triage, alert categorization, and searching for known attack patterns. What Anthropic’s model has demonstrated is that the potential goes far beyond that: we are talking about systems capable of making original security discoveries, something that was previously considered the exclusive territory of highly specialized human researchers. This opens the door to a new generation of defense tools that can act proactively, before attacks happen.
For security teams that will have access to the model through Project Glasswing, the practical gain is immense. Identifying a critical vulnerability that has existed for 20 years in a widely used system means patches can be developed and distributed before malicious actors independently discover the same path. This kind of time advantage is exactly what defense teams need, since historically they operate at a disadvantage compared to attackers, who only need to find a single opening to succeed while defenders need to protect everything at once. A model with Mythos Preview’s scanning capability could begin to significantly rebalance that scale.
The long-term outlook, however, raises questions that still do not have clear answers. As models like Claude Mythos Preview become more common — and they will, it is only a matter of time — the digital arms race will intensify in ways that are still hard to predict. Anthropic is betting that transparency and access control are the best tools currently available to manage these risks. And, even though that bet might seem conservative in an industry that values speed, it may be exactly the kind of caution the moment demands. 🛡️
A precedent that could define how the industry handles powerful AI
Anthropic’s move with Claude Mythos Preview and Project Glasswing does not exist in a vacuum. It is part of a larger conversation about how the technology industry should handle artificial intelligence models that present potentially dangerous capabilities. Up to now, the dominant approach in the sector has been to launch first and deal with the consequences later. Anthropic is testing a different path: assessing the risks before a broad launch, restricting access to trusted partners, and actively investing in defensive use of the technology.
Whether this strategy will work in the long run, no one knows for sure. But the fact that a company with the size and relevance of Anthropic is willing to hold back a product with enormous commercial potential over security concerns is, at the very least, an important signal for the entire artificial intelligence ecosystem. Project Glasswing, with its consortium of more than 40 organizations and investment of up to 100 million dollars, shows that the company is not just making a statement of principles — it is building a real structure to put those principles into practice.
The world of cybersecurity is about to change in a pretty profound way. And, like it or not, artificial intelligence is going to be at the center of that transformation.
