The AI That Could Hack the World — and Why That Should Terrify You

There is a moment in every technological revolution when the people building the future quietly admit they didn't expect it to arrive this fast. Anthropic just had that moment — and it should give all of us pause.

On April 7, 2026, Anthropic announced Claude Mythos Preview, the most powerful AI model it has ever built. It will not be available to you or me. Instead, it has been quietly handed over to a small consortium of around 40 companies — Apple, Microsoft, Amazon, Google, Nvidia, JPMorganChase, and others — under an initiative called Project Glasswing. The reason for the secrecy isn't corporate strategy. It's fear.

In just a few weeks of testing, Mythos identified thousands of serious vulnerabilities across every major operating system and web browser on the planet. Some of these bugs had been hiding undetected for decades — one in OpenBSD for 27 years, another in FFmpeg for 16 years, buried in a line of code that automated tools had scanned five million times without catching it. These aren't obscure edge cases. They are the kind of flaws that, in the wrong hands, could take down power grids, hospital systems, banking networks, and military infrastructure.

That is exactly the problem. Because right now, only Anthropic's trusted partners have this tool. But the laws of technology do not respect exclusivity. These capabilities will spread. They always do.

What makes this different from previous AI announcements is the asymmetry it creates. Defending a system takes time, coordination, and resources. Attacking one — if you have a tool like Mythos — takes minutes. Anthropic's own researchers have warned that a single AI agent could scan for vulnerabilities and exploit them faster and more persistently than hundreds of skilled human hackers working together. The arms race doesn't just tilt slightly; it could flip completely.

Think about what that means in practical terms. Cyberattacks of serious scale have historically been the domain of nation-states and well-funded criminal organizations — entities with deep expertise and large budgets. What Mythos represents, according to the people studying it closely, is the potential democratization of that capability. Sophisticated cyberattack infrastructure, once the exclusive province of intelligence agencies, edging toward the reach of small actors who simply know how to use a prompt.

Project Glasswing is Anthropic's attempt to get ahead of this. Give the defenders a head start. Let the major software companies find and patch their own vulnerabilities before the bad actors stumble onto the same capability. It's a reasonable strategy. It is also a race against time, and races against time have a way of being closer than they appear.

What this moment calls for isn't panic. But it does demand an honest reckoning with something that AI optimists have preferred not to say loudly: progress in artificial intelligence is not inherently safe just because the people building it have good intentions. Mythos was not designed as a cyberweapon. It became one as a byproduct of being very good at understanding code. That's the part that should make you stop and think.

The NYT columnist Thomas Friedman compared this to the emergence of mutually assured destruction in the nuclear age — a new kind of threat so symmetrical that even rival superpowers have a shared interest in containment. He's not wrong. The US and China compete fiercely on AI, but a world where Mythos-class tools fall into the hands of criminal networks or rogue states is a world neither benefits from. The case for international cooperation on AI cybersecurity is no longer theoretical. It is urgent.

For now, the world's most dangerous AI model sits inside a carefully managed consortium, patching holes that most of us didn't know existed. Whether that head start is enough is a question nobody can honestly answer yet.