A group of unauthorized users managed to access Claude MythosAnthropic’s most powerful AI model that the company decided not to release to the public because it was considered too dangerous. The leak revealed serious questions about the company’s internal security controls.
What is Claude Mythos and why Anthropic is keeping it a secret
Claude Mythos It is not just any AI model. Anthropic I recount it as a system with cybersecurity capabilities so advanced that it represents a current risk to the world’s digital infrastructure. The reason for the frequent public ban is compelling: the model not only detects critical vulnerabilities in systems that have been audited by human experts and automated tools for decades, but also actively exploits them, building complex attack chains that chain multiple failures to escalate privileges and obtain root access without authentication.
According to Anthropic’s own security team, Mythos could compromise the systems that underpin most contemporary computing. A statement that is not minor. The Secretary of the Treasury of the United States, Scott Bessent, even brought together Wall Avenue leaders to warn them about the model’s potential to inaugurate a new capacity for autonomously launched cyberattacks. It is not for less.
That’s why Anthropic made the decision to deploy Claude Mythos Preview only to a select group of strategic partners: Amazon, Apple, Google, Microsoft, Nvidia, CrowdStrike, JPMorgan Plug, Cisco, Broadcom, Palo Alto Networks, and the Linux Foundation. The goal is for these organizations to use the model to identify and patch vulnerabilities before malicious actors can exploit them.
How did they gain access without permission?
This is where things get interesting, and quite worrying. As revealed Bloomberga small group of users in a private Discord forum dedicated to tracking unreleased AI models managed to infiltrate Claude Mythos Preview’s system. To back up their claims, those involved shared screenshots and a video supposedly showing how they did it.
The method they used was not a sophisticated hack from the outside. The users took advantage of the permissions that one of the participants had as an employee of an Anthropic contracting company.as reported by Bloomberg citing internal documentation and a source familiar with the matter. Put another way: someone with legitimate access to the company’s third-party environment used it to allow unauthorized people to interact with the model.
“We are investigating a complaint alleging a unauthorized access to Claude Mythos Preview through one of our third-party provider environments,” the company announced in a statement.
The company clarified that it has no evidence that its core systems have been compromised and that the activity did not extend beyond that provider’s environment.
Those involved themselves minimized their intentions. According to a source told Bloomberg, “Their intention is to experiment with it, not cause harm.”. However, beyond the intentions, the fact that unauthorized people have been able to access one of the most sensitive AI models in the world is a huge alarm signal.
Why this incident matters beyond Anthropic
This case is not just an internal Anthropic problem. It is a reflection of one of the most complex challenges in the AI industry right now: how to control access to models that are too dangerous for the public. but they also need to be tested and evaluated by third parties.
The irony is brutal. Anthropic created Mythos precisely to find and close security gaps in critical infrastructure. And the first significant security incident related to the model came from a human failure in managing access permissions. It was neither a sophisticated technical exploit nor a nation-state attack. It was basically someone using credentials they had legitimate access to for an unauthorized purpose.
The incident also reveals the risks of working with networks of external contractors and suppliers when handling high-value digital assets. Anthropic admits that it works with a small number of suppliers who help in the development of the model. Each link in that chain is a vector of potential risk.
From a regulatory point of view, the situation further complicates the picture. It is known that even the US Cybersecurity and Infrastructure Agency (CISA) does not have access to Claude Mythos, underscoring how restricted it is supposed to be. Meanwhile, German banks and financial regulators have already begun formal assessments of the risk posed by the model.
Keep reading:
• Anthropic presents Mythos, an AI model “too dangerous for the public”
• Claude’s Abilities: the feature that completely changes how you use AI
• OpenAI launches GPT-5.4-Cyber to strengthen cyber defense and challenge Claude Mythos
