Claude Mythos Release: What It Means for Your Private Files

Mythos Has Already Found Over 10,000 Security Vulnerabilities

Most model launches are about benchmarks, a little faster or a little cheaper. Mythos is a different kind of announcement. Anthropic says AI has “reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.”

Mythos's cyber capabilities cover both halves of an attack. A zero-day is a weakness the software maker does not even know about, so they have had zero days to fix it and no fix exists yet. Mythos finds these hidden weaknesses at scale, then writes the attack code, called an exploit, that breaks in through them.

• Writing that attack code is normally the slow, expert part of a break-in, and Mythos does it on its own.
• Mythos found more than 10,000 serious weaknesses across roughly 50 partner organizations, in every major operating system and web browser.
• Cloudflare, a company that carries a large share of the world's internet traffic, found 2,000 bugs this way, 400 of them critical.
• Mozilla found and fixed 271 flaws in its Firefox browser, more than ten times the number caught in its previous round.

This is already happening outside Anthropic. Google built a research tool called Big Sleep that found a real, live weakness in widely used software before any attacker reached it. The danger Anthropic worries about is the same one being shown off in public right now.

What Claude Mythos and Project Glasswing Actually Are

Claude Opus 4.8 is the version of Claude you can use today. Mythos is a stronger model that Anthropic introduced around April 2026 and then locked away, never releasing it to the public. It is a frontier model, meaning one of the most advanced AI systems being built anywhere, and it is unusually good at breaking into software.

The company says Opus 4.8 comes close to Mythos on its own internal safety tests, which tells you how high Mythos sits.

Project Glasswing is the program behind the findings. Anthropic created it to help secure the world's most important software before AI can be turned against it. About 50 organizations take part, among them Apple, Google, Microsoft, Amazon Web Services, JPMorganChase, and security firms like CrowdStrike and Palo Alto Networks.

On timing, there is no confirmed Claude Mythos release date yet. The partner companies have had early access for several weeks, and Anthropic promised to share its findings publicly within 90 days. For everyone else, the only word is “coming weeks,” and anyone giving you something more exact is guessing.

What Mythos Has Actually Found

Beyond the headline count, Anthropic and independent outlets like The Register have documented specific vulnerabilities Mythos uncovered, in software that runs on machines all over the world. The findings reach into every major operating system and web browser.

The most striking case hit Apple. Researchers at the security firm Calif used Mythos to find a way into macOS, long one of the hardest targets in computing, as 9to5Mac reported from a Wall Street Journal investigation. Working with Claude, they chained two Mac bugs in five days, past memory defenses Apple spent half a decade building. Their chief was careful to add that Mythos did not do it alone, and that it is better at repeating known attacks than inventing new ones.

• The clearest example is a 17-year-old flaw in FreeBSD, an operating system behind many internet servers, that Mythos found and broke into on its own to take full control of a machine. It is now logged as the vulnerability CVE-2026-4747.
• It also surfaced a 27-year-old networking flaw in OpenBSD that had gone unnoticed since 1998, and a 16-year-old flaw in FFmpeg, the video engine built into countless apps and websites.
• In one test it chained several Linux weaknesses together to seize control of a system, the kind of multi-step attack that usually takes a skilled person days.
• Against the Firefox browser, Mythos wrote 181 working break-in tools, where last year's top model managed two.
• On its own, Anthropic also ran Mythos across more than 1,000 open-source projects and flagged over 23,000 possible vulnerabilities. Outside security firms have already confirmed more than 1,700 of them, including over 1,000 rated high or critical.

There is a catch worth knowing, and it keeps this honest. So far only the FreeBSD flaw has a public record confirmed and tied to Glasswing, as one security analysis points out, and in one closely watched test Mythos found just a single low-severity issue in Curl. The rest are held back until the affected companies ship their fixes, with a fuller public list expected later in 2026. Its capability is not in doubt. The public proof is simply still catching up.

The Risk Reaches Your Files, Not Just Big Tech's

The real story here is the refusal. A company built a model, then decided it was too dangerous to sell. That decision is the warning.

Anthropic said it plainly in its Glasswing update: “no company, including Anthropic, has developed safeguards strong enough to prevent such models from being misused.” When the people who built something say that about their own product, the risk to anything you store online has already gone up.

• Anthropic tested this model harder than anyone, and still judged it too dangerous to release.
• The security teams fixing these vulnerabilities are “severely capacity constrained,” and some asked Anthropic to slow down how fast it reports new ones.
• Weaknesses Mythos already found are sitting open and unfixed while overwhelmed teams catch up.
• Anthropic is keeping the worst details quiet, saying it cannot share what its partners found yet “without putting end users at risk.”

There is a real counterargument, and it deserves space. Gary Marcus, a well-known AI critic, reviewed the model and called it “incrementally better” but “certainly not an off-the-chart breakthrough,” adding that “to a certain degree, I feel that we were played.” He is right that the public hype ran ahead of the public proof. The UK government's AI Security Institute reviewed the model too, and its findings land somewhere between alarm and shrug.

Marcus made one more point that settles it. Even in his doubtful read, Mythos “really does arm attackers to a greater degree than” the models before it. The case for caution never needed a doomsday. Cheaper break-ins and a growing pile of unfixed weaknesses are enough on their own. The same shift that worries a company like Cloudflare reaches the lawyer, the doctor, and the accountant whose files sit on someone else's computer.

What the Mythos Release Means for Your Private Files

Here is where it touches you directly. You probably cannot move your firm off its cloud software, and you do not need to. The exposure you actually control is narrower: what you hand to AI tools. Every contract you paste into ChatGPT, every client note you drop into an AI assistant, leaves your computer and lands on another company's servers.

Models like Mythos make the whole software world an easier target, so the sensitive content sitting on AI providers' servers is one more place it can be reached. You cannot patch their systems. You can decide how much of your private work ever reaches them.

• Cloud AI tools run your prompts on their own servers, so anything you paste in leaves your machine.
• Your bank, your CRM, and your email are largely out of your hands, and the vendors carry that load.
• What you feed an AI assistant is different, because that is a choice you make many times a day.
• The move is to keep using AI while keeping your raw sensitive documents out of it.

Use Top AI Models Without Exposing Your Documents

One tool is built for exactly this. Elephas is a privacy-friendly AI knowledge assistant for Mac. It lets you use powerful AI on sensitive work without handing the raw content to a cloud provider.

Elephas provides built-in local LLM models, which are AI models that run directly on your Mac. A contract, a patient file, or a set of financials can be summarized, searched, or drafted entirely on your own machine, so the content never reaches anyone's servers.

• Built-in local LLM models run on your Mac, with nothing extra to install.
• Smart Redaction is available on every plan, including the free one, not locked behind a higher tier.
• It connects to the big cloud models like Claude, ChatGPT 5.5, Gemini, Grok, and Perplexity when you want them.
• Your documents never train a model and never sit on an AI company's server.

When you do reach for one of the big cloud models, Smart Redaction adds a layer of safety. Before your request leaves the Mac, Elephas strips the sensitive details, names, emails, card numbers, and client or medical records, and sends only the cleaned-up version. The cloud model sees the safe text, and your private details are filled back in on your own machine afterward.

The result is the same AI help, without your most sensitive documents sitting on someone else's servers as targets like Mythos get sharper. A free plan is available, and paid plans start at $9.99 a month for the Standard tier.

The Practical Move Before Mythos Goes Public

The public Mythos release is coming, and most people watching expect it within weeks. The Claude Mythos story will only get louder from here.

You cannot control how fast this technology spreads, or how the argument over it ends. You can control what you feed it. Keep your most sensitive documents out of cloud AI tools, and use on-device AI for the work that has to stay private. That choice holds no matter when Mythos arrives.

Frequently Asked Questions

Sources

• Anthropic - Project Glasswing
• Anthropic - Glasswing initial update
• Google Project Zero - From Naptime to Big Sleep
• UK AI Security Institute - Evaluation of Claude Mythos previews