Anthropic's Mythos model raises global security concerns as FT sounds the alarm

An AI model that can find and exploit software vulnerabilities on its own, including one that sat undetected for 27 years, is exactly the kind of thing that keeps cybersecurity professionals up at night. Now it exists, and the Financial Times is raising alarms about what it means for global security.

Anthropic’s Claude Mythos Preview, announced on April 7, 2026, has autonomously discovered thousands of zero-day vulnerabilities. For the uninitiated, a zero-day is a software flaw that nobody knows about yet, which means nobody has patched it yet, which means anyone who finds it first has the keys to the kingdom. Mythos found thousands of them.

What Mythos actually does, and why that’s a problem

Among its discoveries was a flaw in OpenBSD, the operating system widely regarded as one of the most secure in existence, that had been hiding in plain sight for 27 years. That’s not a typo. A vulnerability older than most TikTok users was sitting there, undiscovered by human researchers, until an AI model casually flagged it.

The UK AI Safety Institute ran evaluations on April 13, 2026, and confirmed that Mythos excelled at autonomously exploiting vulnerabilities in controlled environments. In English: when placed in a simulated hacking challenge, the model performed exceptionally well without human guidance.