Mythos is being talked about as the AI model that’s too dangerous to release, and if you haven’t heard about it, you soon will.
Mythos is Anthropic‘s latest AI model, and it’s unlike anything released publicly before. It’s so powerful at identifying software vulnerabilities that Anthropic made the unusual decision not to release it at all. Instead, it’s being made available only to a vetted group of organisations through a programme called ‘Project Glasswing’, with Apple, Microsoft, Google, CrowdStrike and Palo Alto Networks among the initial partners.
Why the concern? In tests, Mythos found critical flaws in every widely used operating system and web browser, and 99% of those vulnerabilities have not yet been patched. The UK’s AI Security Institute was given early access and found the model succeeded in expert-level hacking tasks 73% of the time. Prior to April 2025, no AI model could complete those tasks at all.
That’s not a small step forward. That’s a huge step change!
AI-powered cyberattacks are no longer theoretical
The threat to businesses isn’t Mythos itself. Anthropic isn’t going to hand it to criminals. The launch of Mythos is a signal, not the threat itself. Multiple frontier AI models already enable sophisticated cyberattacks, and the era of AI-powered attacks at scale has arrived. AI-enabled attacks increased by 89% in 2025, and AI agents can now find and exploit vulnerabilities better than most humans, arming even unskilled criminal actors with the means to target organisations more easily and cheaply than before.
For most businesses, the risk isn’t that someone has Mythos. It’s that they’re running unpatched systems, weak foundations and no real resilience plan, at a moment when attackers are becoming dramatically more capable.
Cyber resilience must become a board-level priority
Cybersecurity must have consistent, active ownership at CEO and board level. This is a business risk of the highest order, not a technology problem to be delegated downward.
Looking ahead, the threat won’t plateau. AI capabilities are advancing, quantum computing is approaching, and the attack surface keeps growing. The organisations that will succeed are the ones investing now in genuine cyber resilience, not just buying another tool and hoping for the best.
The big question isn’t whether your business could survive a sophisticated AI-enabled attack. The question is whether you’ve ever properly tested that assumption.
At ramsac, we’re helping businesses navigate both sides of this shift, strengthening cyber defences and using AI to work smarter and safer. If you want a practical conversation about where your organisation stands, get in touch today.
Understand your cybersecurity posture
Download our cybersecurity brochure to see how ramsac supports your organisation across the six core elements of cyber resilience: Govern, Identify, Protect, Detect, Respond and Recover. Discover how our services work together to reduce risk, strengthen security and help your business stay resilient.
Mythos FAQs
Mythos is an advanced AI model reportedly developed by Anthropic that demonstrated extremely high capability in identifying software vulnerabilities and completing expert-level cybersecurity tasks.
Mythos is considered dangerous because of its ability to discover critical vulnerabilities across operating systems and web browsers at a level beyond previous AI models, raising concerns about how AI could accelerate cyberattacks.
No. Anthropic has reportedly restricted access to Mythos through a limited programme involving selected organisations and security partners rather than releasing it publicly.
Mythos highlights how quickly AI-powered cyber threats are evolving. Businesses need stronger cybersecurity foundations, patch management, resilience planning and active leadership involvement to reduce risk.
Organisations can prepare by improving cyber resilience, maintaining up-to-date systems, regularly testing security controls, training staff and ensuring cybersecurity is treated as a business-wide priority rather than just an IT issue.
