Anthropic unveils Mythos AI model via cybersecurity initiative with Apple, Amazon and others

Back to home

Share

Regulation

5 min read

|

Updated 1 month ago

|

$AMZN $AAPL

Briefing

Anthropic has launched Project Glasswing, a cybersecurity initiative built around a new AI model called Mythos, granting preview access to select partners including Apple, Amazon, Nvidia, Google, and Microsoft. The model has identified thousands of zero-day vulnerabilities across major systems, according to reporting by The Hacker News. Anthropic withheld broader release after determining Mythos's offensive hacking capabilities exceeded safe disclosure thresholds. An Anthropic co-founder has confirmed the company briefed the Trump administration on Mythos, and Treasury Secretary Bessent has separately characterised the model as a breakthrough in the China AI race.

Anthropic's Mythos model: capability, containment, and commercial access

Anthropic has introduced Mythos, a new AI model positioned explicitly around offensive and defensive cybersecurity, through a programme it calls Project Glasswing. The initiative is framed as an effort to secure critical software infrastructure ahead of broader AI deployment, though the model's capabilities have prompted as much concern as reassurance.

According to Bloomberg, Anthropic has granted Apple and Amazon preview access to Mythos, a notable commercial arrangement given Amazon's existing investment in Anthropic and Apple's growing AI partnerships. The Motley Fool reported that the preview programme has expanded further to include Nvidia, Google, and Microsoft, broadening the consortium of technology partners with early access. The selective rollout reflects a deliberate staging strategy: Anthropic has declined to release Mythos publicly, with Axios reporting that the company concluded the model's autonomous hacking capabilities were too powerful for open distribution. The Guardian has also reported that Anthropic is keeping the tool out of public hands for fear of enabling widespread hacking. Forbes has separately characterised Mythos as revealing a Pandora's Box of AI existential risks, noting that the decision not to release it publicly was made on safety grounds. Bloomberg has reported separately on how Anthropic learned Mythos was too dangerous for broader release, while the Wall Street Journal has published commentary arguing that with Mythos, AI pays for itself.

The Hacker News reported that Mythos identified thousands of zero-day vulnerabilities across major systems during testing, a finding that illustrates both the model's utility for defenders and its risk if accessed by malicious actors. CNN noted that the same capabilities that accelerate threat detection could allow attackers to move faster than existing defences permit. CBS News has separately reported that Mythos can spot weaknesses in almost every computer on earth.

JPMorgan Chase CEO Jamie Dimon has stated that Mythos reveals significantly more vulnerabilities for cyberattacks, according to CNBC, adding one of the most prominent voices in global banking to the broader chorus of concern about the model's implications for financial and critical infrastructure security.

Not all industry observers share the alarm. Fortune has reported that at least one prominent industry veteran argues the real problem posed by Mythos is not finding vulnerabilities but fixing them, a view that pushes back against the prevailing narrative that discovery alone constitutes the primary risk.

The New York Times characterised Mythos as a cybersecurity "reckoning" and, in a separate opinion piece, described Anthropic's decision to withhold the model as a "terrifying warning sign" rather than straightforward reassurance, arguing the restraint itself signals how far offensive AI capability has advanced. A further New York Times opinion piece has examined what it describes as the future of the internet being at a crossroads following Mythos. WIRED has also examined what it describes as the cybersecurity reckoning Mythos will force. The Economist has separately examined how dangerous Mythos is, and also reported on why Anthropic and OpenAI are locking up their latest models. Platformer has reported that the model has cybersecurity experts rattled. The Los Angeles Times, in a commentary, argued that concerns about Mythos dwarf prior AI safety debates in significance.

The ripple effects have extended beyond the technology sector and beyond the United States. UK financial regulators are rushing to assess the risks posed by Mythos, according to the Financial Times, which has also examined the cybersecurity risk Mythos poses to all states, indicating that concern about the model's systemic implications has reached supervisory authorities outside of Washington. Reuters has separately reported that the ECB plans to quiz bankers about risks posed by Anthropic's new AI model, extending regulatory scrutiny to the eurozone. In the United States, Treasury Secretary Bessent and Federal Reserve Chair Powell warned major American bank CEOs about the cybersecurity risks tied to Mythos, according to Bloomberg, Reuters, and CNBC, with the meeting held at Treasury headquarters in Washington. Bloomberg has also reported that Bessent has characterised Mythos as a breakthrough in the China AI race, adding a geopolitical dimension to the administration's assessment of the model. Reuters has also reported that AI-boosted hacks using Mythos could have dire consequences for banks. CNBC also reported that Vice President Vance and Secretary Bessent had questioned technology company executives about AI security ahead of Mythos's release. Bloomberg had characterised the outreach as an urgent response to what was described as an Anthropic model scare, indicating that financial regulators view Mythos's capabilities as a systemic concern for critical financial infrastructure. TechCrunch has reported that Trump administration officials may be going further, potentially encouraging banks to test Mythos directly, suggesting the government posture has shifted from warning to active engagement with the technology. An Anthropic co-founder has separately confirmed to TechCrunch that the company briefed the Trump administration on Mythos ahead of its release.

Anthropic is not alone in navigating the tension between capability and containment. Axios reported that OpenAI is planning a staggered rollout of its own new model over cybersecurity risk, a parallel approach that suggests the industry is converging on staged release as the default framework for powerful security-relevant AI. Bloomberg has since reported that OpenAI has released its own cyber model, named GPT-5.4-Cyber, to a limited group, framing the move explicitly as a race with Mythos. Reuters separately reported the release occurred approximately one week after Anthropic's announcement.

Project Glasswing positions Anthropic in direct competition with other AI developers pursuing enterprise security contracts, at a moment when critical infrastructure owners are under pressure to demonstrate AI-readiness. The decision to channel early access through a broad group of major technology platforms, rather than dedicated cybersecurity vendors, suggests Anthropic is prioritising integration with existing cloud, device, and chip ecosystems over specialist security partnerships.

Analysis

Amazon and Apple receiving preview access to a model Anthropic declined to release publicly creates an asymmetric cybersecurity capability gap between these two platforms and the rest of the enterprise technology market. Cloud customers running workloads on AWS gain access to offensive vulnerability detection that competing cloud providers cannot currently match. This accelerates enterprise migration decisions toward AWS on security grounds, a procurement driver distinct from cost or feature competition.
Anthropic routing Mythos through Amazon and Apple rather than dedicated cybersecurity vendors such as CrowdStrike, Palo Alto Networks, or SentinelOne is a deliberate ecosystem bet. Specialist security vendors are bypassed at the foundation model layer, which compresses their moat on detection logic if hyperscaler-native AI security becomes the default. The competitive pressure on pure-play cybersecurity vendors intensifies precisely as their own AI security marketing is accelerating.

Connected Events

Markets · 2 months ago

Anthropic seals chip deals with Google and Broadcom worth hundreds of billions

Anthropic's concurrent announcement of chip supply deals with Google and Broadcom worth hundreds of billions, alongside surpassing $30 billion in annualised revenue, means Mythos arrives with compute infrastructure already secured at scale. The Glasswing rollout is not constrained by capacity; it is constrained by choice, making the selective Apple and Amazon access a deliberate commercial strategy rather than a supply limitation.

Markets · 2 months ago

Amazon imposes 3.5% fuel surcharge on third-party sellers amid Iran war

Amazon imposing a 3.5% fuel surcharge on third-party sellers while simultaneously receiving exclusive preview access to Mythos illustrates the dual-track position Amazon now occupies: extracting margin from its marketplace on the cost side while gaining a proprietary AI security advantage on the capability side. Both developments in the same week compound Amazon's structural leverage over third-party sellers who depend on the platform.

Anthropic's Mythos model: capability, containment, and commercial access

Analysis

Connected Events

Anthropic seals chip deals with Google and Broadcom worth hundreds of billions

Amazon imposes 3.5% fuel surcharge on third-party sellers amid Iran war

Further reading

Related Stories

House Oversight Committee opens insider trading probe into Kalshi and Polymarket

Trump delays AI executive order over undisclosed objections to draft language

Anthropic unveils Mythos AI model via cybersecurity initiative with Apple, Amazon and others

Air France and Airbus convicted of manslaughter over 2009 Rio-Paris crash