In recent weeks, Mythos has identified thousands of so-called zero-day—previously undiscovered—vulnerabilities and other security flaws, many of which are critical and have persisted for a decade or more.
In one example, it found a 16-year-old flaw in widely used video software, in a line of code that automated testing tools had executed 5 million times without detecting the issue.
However, the model also displayed some issues during testing.
At one point, Anthropic found that it had escaped its so-called sandbox environment—designed to prevent it from accessing the internet—and posted details of its workaround online.
Anthropic acknowledged it demonstrated “a potentially dangerous capability for circumventing [the company’s] safeguards.”
Sam Bowman, a technical researcher at Anthropic, said the “scariest behaviors” were from “earlier versions” of the model. The current iteration was “less likely” to leak information, although it was still “at least as capable of doing things like working around sandboxes,” he added.
Anthropic has also been in ongoing discussions with US government officials about Claude Mythos. In February, the FT reported that the Pentagon was seeking to use AI tools for cyber operations to identify infrastructure targets from adversaries such as China.
Those talks have been taking place despite Anthropic’s row with the US defense department over recent weeks.
A US court has temporarily blocked the Pentagon’s effort to label the start-up a supply-chain risk, while President Donald Trump has criticised Anthropic as “leftwing nut jobs” after the company refused to shift its “red lines” on the use of its technology in war fighting.
Anthropic is committing up to $100 million to subsidize the use of its model through credits to organizations in the project, who will provide feedback on their findings. It will also donate $4 million to open source security groups to help secure open software, which can often be of higher cyber risk.
© 2026 The Financial Times Ltd. All rights reserved. Not to be redistributed, copied, or modified in any way.
Leave a Reply