Anthropic has put its most advanced AI model on the table for the European Union, but getting a seat at that table is proving to be a slow, grinding negotiation. The company’s Mythos model, capable of autonomously discovering zero-day vulnerabilities across every major operating system and web browser, remains accessible to only about 40 vetted US companies and select government entities. The EU wants in. Anthropic hasn’t said no. But progress, according to Spain’s economy minister, has been “limited.”
What Mythos actually does
Anthropic announced the Claude Mythos Preview on April 7, 2026. In internal testing, the model discovered thousands of zero-day vulnerabilities, the kind of software flaws that vendors don’t know about and therefore can’t patch, across all major operating systems and web browsers.
Mythos doesn’t just flag vulnerabilities. It autonomously generates working exploits, meaning it can demonstrate exactly how an attacker would use each flaw. On industry benchmarks like Cybench, the model surpasses every prior AI system at conducting complex, multi-step cyber-attack simulations.
That dual capability, defense and offense in a single package, is precisely why Anthropic chose to restrict access. The company launched Project Glasswing to manage distribution, limiting the model to roughly 40 vetted US companies and chosen government entities.
