There have been plenty of AI moments that felt significant in the moment and faded fast. GPT-4 dropping. Gemini's launch stumble. The first time a chatbot passed the bar exam. All of them stayed inside the tech news cycle — discussed by developers, dissected by researchers, ignored by anyone who runs a bank.
The Claude Mythos Preview is different. When Anthropic's new model autonomously discovered thousands of zero-day vulnerabilities across every major operating system and web browser during internal red-teaming, the company made a decision that no AI lab had ever made before: they refused to release it.
Then the Federal Reserve got involved. Then the Treasury Secretary called a meeting. Then the bank CEOs sat down in a room to discuss a cybersecurity risk they didn't build, don't control, and can't easily patch away.
That's when you know the story has changed.
What Mythos Actually Found
Claude Mythos Preview sits in Anthropic's new "Capybara" model tier — more powerful than the existing Opus line. During internal safety evaluations, the model demonstrated something that red teamers hadn't seen at this scale before: the ability to autonomously discover and document previously unknown vulnerabilities across software that billions of people use every day.
Not a handful. Not the kind of bug bounty finds that security researchers spend weeks chasing. Thousands of zero-days — vulnerabilities that have no patch, no CVE entry, and no fix waiting in a vendor's queue — across every major operating system and every major web browser.
Why Zero-Days Are Different
A zero-day vulnerability is one that is unknown to the software vendor. There is no patch. There is no workaround. The moment an attacker knows about it and you don't, they have an open door into your systems — and you have no way to close it. Mythos didn't find these the way a human researcher would, either. It found them at machine speed, systematically, across the entire software stack that modern computing runs on.
The scale matters. Security researchers have long known that AI would eventually be a net negative for cyber defense — that the same capabilities that help defenders scan for vulnerabilities would help attackers find them faster. Mythos Preview is the first concrete evidence of what that actually looks like at the frontier. The concern isn't theoretical anymore.
"This is the first time in the history of AI development that a lab has looked at what their model can do and decided the risk of release outweighs the benefit."
— The defining question Mythos forces every AI lab to answerWhat Anthropic discovered was that releasing Mythos publicly — even to paying API customers — would hand every threat actor on the planet an automated zero-day discovery engine. The attack surface wasn't one company's software. It was everything.
What Project Glasswing Is
Instead of a public launch, Anthropic announced Project Glasswing — a controlled access program designed to put Mythos's capabilities in the hands of defenders before attackers can independently replicate what the model found.
The structure is deliberate. Access isn't sold. It's granted to vetted cybersecurity organizations, defensive research teams, and infrastructure security teams that can use the model to patch vulnerabilities rather than exploit them.
Up to $100M in Usage Credits
Qualified cyber defenders can access Mythos through a credit program worth up to $100 million. This removes the cost barrier for nonprofit security orgs and public infrastructure defenders who need access most.
$4M in Direct Donations
Anthropic committed $4 million in donations to cybersecurity organizations as part of the Glasswing launch — funding defensive research and the organizations that train the next generation of security professionals.
Defenders-First Rollout
The rollout is sequenced: defensive security teams get access before any commercial release. The goal is to close as many of the discovered zero-days as possible before the vulnerabilities become widely known.
Controlled Vetting Process
There is no self-serve signup. Organizations must apply and be vetted. Anthropic is screening for legitimate defensive use cases — not red teams working on offensive research for clients with ambiguous intentions.
The Strategic Logic of Glasswing
The name itself signals the approach. A glasswing butterfly's wings are transparent — you can see through them. The program is designed to be visible and accountable in a way that a quiet, restricted release wouldn't be. Anthropic is making a public commitment to a specific access structure rather than quietly limiting distribution and hoping no one notices. That transparency is part of the strategy.
It's worth noting what Glasswing is not: it's not a permanent withholding of the model. It's a sequenced release that prioritizes patching over exploitation. The question of whether that gap — between when defenders patch and when a future public release happens — will be enough is one that nobody can answer yet.
Why the Fed Got Involved
The emergency meeting convened by U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell brought together the CEOs of the country's largest banks to discuss something that, six months ago, would have seemed like science fiction: an AI model as a source of systemic financial risk.
Reported by Bloomberg and CNBC, the meeting centered on a specific scenario: what happens to the global financial system if Mythos-class capabilities — or something similar independently developed — reach actors who want to use them against banking infrastructure?
Why Banks Specifically?
- Interconnected systems: Major banks run on legacy software stacks that predate modern security practices. Zero-day vulnerabilities in common operating systems and browsers create entry points into systems that process trillions in daily transactions.
- Cascading failure risk: A successful attack on a major clearing institution doesn't just affect that bank — it can freeze settlement across the entire system. The Fed's concern is not a single bank being compromised, but contagion.
- Existing precedent: Chinese state-sponsored hackers have already used an older, weaker Claude model to breach approximately 30 organizations. That happened with a model far less capable than Mythos Preview.
- Speed asymmetry: An AI-assisted attacker can find and exploit a vulnerability faster than a human security team can detect and respond to it. The timeline advantage that defenders have historically relied on disappears.
This is the first time in recorded history that an AI model has been flagged as a systemic financial risk by federal regulators. Not a risk to a company, not a risk to a sector, but a risk to the plumbing of the financial system itself.
"The meeting wasn't about whether AI is coming. It was about whether the financial system is ready for what AI can already do."
— The framing that changed the room, per Bloomberg/CNBC reportingThe China angle sharpens the concern. When Bloomberg reported that Chinese state-sponsored hackers had already used a Claude model — an older, less capable version than Mythos — to breach approximately 30 organizations, it removed the theoretical framing. This isn't a risk that might materialize. It's a risk that has already begun materializing with inferior tools.
Mythos Preview is categorically more capable than what those actors used. The gap between "what they already did" and "what they could do with Mythos" is the core of what Bessent and Powell were asking bank CEOs to think about.
What This Means for Solopreneurs
You might read about a Fed emergency meeting and a trillion-dollar financial system risk and think: this is above my pay grade. And structurally, you're right — you didn't build the banking system and you can't patch its vulnerabilities.
But there are four things this story changes for every solopreneur who runs a business on digital infrastructure.
The Practical Exposure
Zero-days in operating systems and browsers affect your machine, your browser sessions, your saved passwords, your connected accounts, and your payment processing. "Enterprise-grade threat" is not a category that stops at the enterprise firewall. The same vulnerabilities that threaten banks are sitting in the same macOS and Chrome versions you're running right now.
Four Practical Steps to Take Now
-
Update everything, immediately. This is the one concrete action you can take in response to zero-day exposure. Software vendors will start pushing patches as the Glasswing program identifies vulnerabilities. If you have automatic updates turned off — on your OS, your browser, your plugins — turn them on. Every day you delay an OS update is a day of unpatched exposure.
-
Audit your AI vendor stack. The China breach story is a direct reminder that the AI tools you use to run your business are also vectors. Ask what data your AI tools retain. Ask who they share it with. Ask what model versions they're running and what their security disclosure policies look like. This isn't paranoia — it's vendor vetting, the same thing you'd do for any SaaS tool that touches your financial data.
-
Separate your business credentials from your personal ones. If a zero-day compromises your browser, everything that browser has access to is exposed. Running your business on the same browser profile as your personal accounts means a single exploit reaches everything. Use a dedicated browser profile — or a dedicated device — for business-critical logins.
-
Assume your payment processor and banking integrations are now higher-risk. The Fed's focus on systemic financial risk is relevant to you in a specific way: if you're relying on integrations between your business tools and financial services, audit those integrations. Use the minimum permissions necessary. Don't leave OAuth connections alive for tools you no longer actively use.
The Capybara Tier Context
Mythos Preview is part of a new "Capybara" model tier — Anthropic's designation for models that exceed the current Opus capability ceiling. The naming convention matters because it signals that Mythos is not an incremental update to Claude 3.5 or 4. It's a capability jump significant enough that Anthropic felt it required a new classification. The cybersecurity implications are one dimension of that jump. They will not be the last.
There's a broader framing worth sitting with: for most of the last three years, "AI safety" was a debate between researchers about alignment, superintelligence timelines, and abstract risk scenarios. Mythos Preview collapsed that abstraction. The risk isn't hypothetical. It found thousands of real vulnerabilities in real software that runs on real machines — including yours. The conversation is now about operational security, not philosophy.
Protect Your Business: Free AI Security Checklist + Full SOP Pack
The security landscape changed this week. Your processes should change with it. We put together two resources specifically for solopreneurs who want to close the gap between "I know I should do something" and "I actually have a system."