Anthropic’s Claude Mythos is now available, but not for you - The New Stack

Detailed Analysis

Anthropic's Claude Mythos, the company's most powerful AI model to date and the flagship of a new "Capybara" tier above Opus, Sonnet, and Haiku, became available in April 2026 under a tightly controlled, gated preview rather than a broad public release. Access is restricted to a carefully selected group of early customers, enterprises, and organizations deemed internet-critical — such as open-source maintainers — with eligible parties contacted directly by AWS account teams through Amazon Bedrock's Project Glasswing deployment, currently limited to the US East (N. Virginia) region. The model's existence was first confirmed after an accidental leak on March 26, 2026, and it carries a premium price tag reflecting its frontier status: $25 per million input tokens and $125 per million output tokens, with no confirmed timeline for a broader public API rollout.

The model's defining characteristics center on advanced cybersecurity capabilities, sophisticated code analysis, and complex reasoning at a level Anthropic describes as a "step change" beyond prior offerings like Claude Opus 4.6. In testing using OSS-Fuzz-style methods across approximately 7,000 open-source stacks, Mythos identified exploitable vulnerabilities in roughly 600 cases, including 10 assessed as severe. Anthropic's headline claim of "thousands of zero-days" has drawn scrutiny, however, as critics note the figure is extrapolated from only 198 manual reviews in which 90% of severity assessments matched — a methodological limitation that Tom's Hardware and others argue renders the broader claim more marketing than rigorous empirical finding. A 244-page model card documents capabilities and failure scenarios in detail, reflecting Anthropic's attempts at transparency even as the hyperbolic framing invites skepticism.

The decision to restrict Mythos to a vetted subset of users reflects the dual-use dilemma that defines frontier AI development in the cybersecurity domain. Anthropic has explicitly framed the model's restricted access as a defensive posture — prioritizing vulnerability patching before threats can be weaponized — acknowledging that a tool capable of identifying crashable exploits in large codebases could equally supercharge offensive operations if broadly deployed. This calculus mirrors moves by competitors: OpenAI has similarly begun restricting advanced AI models with significant cyber utility. The tension between maximizing beneficial use and limiting catastrophic misuse has become a defining governance challenge across the industry, and Mythos represents one of the most concrete expressions of that tension to date.

Mythos's architecture within Anthropic's model hierarchy also signals a deliberate commercial and strategic segmentation. By introducing a Capybara tier above the established Opus line, Anthropic is creating a distinction between capable general-purpose models accessible to broad developer audiences and elite-tier models whose access is governed by institutional relationships and assessed trustworthiness rather than simple API subscription. This approach has implications for how AI capability is distributed and who gets to benefit first from frontier advancements — a question with significant equity, geopolitical, and competitive dimensions as nation-state actors and large enterprises gain asymmetric access to tools that smaller organizations and independent researchers cannot yet touch.

The broader industry trajectory suggests this restricted-release model will become more common, not less, as AI systems cross capability thresholds that regulators, security professionals, and the companies themselves deem too risky for open deployment. Anthropic's decision to document Mythos extensively through its model card and to route early access through cloud infrastructure partners like AWS reflects a hybrid strategy: maintaining some degree of accountability and audit capability while leveraging enterprise distribution channels that provide customer vetting by proxy. Whether this model of controlled rollout adequately balances innovation access against misuse risk will depend heavily on how transparent Anthropic remains about who is using Mythos, for what purposes, and with what outcomes — accountability mechanisms that the current gated preview structure does not yet fully guarantee.