Anthropic chooses to withhold public release of its highly capable 'Claude Mythos' AI model after it autonomously discovers a 27-year-old security flaw in OpenBSD.

// 2h agoMODEL RELEASE

Anthropic chooses to withhold public release of its highly capable 'Claude Mythos' AI model after it autonomously discovers a 27-year-old security flaw in OpenBSD.

In April 2026, Anthropic announced Claude Mythos, a frontier-class AI model showcasing advanced capabilities in autonomous cybersecurity research. During red-teaming exercises, Mythos autonomously identified a critical, 27-year-old remote crash vulnerability in OpenBSD's TCP Selective Acknowledgement (SACK) implementation, which had gone unnoticed by human code auditors since 1998. Due to the high risk of malicious exploitation and the model's offensive cybersecurity proficiency, Anthropic withheld a general public release of Mythos. Instead, they launched Project Glasswing, establishing a gated and monitored coalition of over 40 technology and security organizations allowed to leverage the model for defensive patching of critical infrastructure.

// ANALYSIS

This is a watershed moment proving AI's asymmetric offensive capabilities in software security, forcing companies to move from manual auditing to continuous AI-driven defensive patching.

–Hardened systems like OpenBSD, celebrated for security-first design, are no longer safe from automated exploitation by frontier AI models.
–Anthropic's gated deployment model (Project Glasswing) highlights a growing trend of hoarding high-capability defensive/offensive models behind vendor firewalls, raising concerns over transparency and equitable access to security tools.
–The speed and autonomy of Mythos mean security teams will soon be forced to use AI defenders simply to match the speed of AI attackers.

// TAGS

anthropicclaude-mythosopenbsdcybersecurityproject-glasswingvulnerability

DISCOVERED

2h ago

2026-06-09

PUBLISHED

2h ago

2026-06-09

RELEVANCE

8/ 10

AUTHOR

VoicuDragomir

// KEEP READING

More AI developer news from the feed

EXPLORE FULL FEED

UPDATE1h ago

CodeRabbit Slack agent generates developer visuals

CodeRabbit announced an update to its Agent for Slack, which is now capable of generating visual charts and graphs directly within the chat platform. The bot can pull data and create visualizations from services like GitHub traffic, BigQuery, and Datadog, providing teams with immediate visual context on their infrastructure and analytics without leaving Slack.

UPDATE1h ago

Factory integrates Claude Fable 5 into Droid

Factory has integrated Anthropic's new Claude Fable 5 model into its Droid autonomous software development agents to handle ambiguous, long-running engineering workflows. Early testing shows the integration improves Droid's autonomy, ability to recover from dead ends, and performance on complex debugging tasks.

NEWS1h ago

Claude Fable 5 guardrails block vulnerability audits

Users report that Anthropic's recently launched Claude Fable 5 model is flagging benign requests to check code for vulnerabilities. When strict classifiers for sensitive domains are triggered, requests route to the lower-capacity Claude Opus 4.8 fallback model, causing friction for developers.