Claude Mythos Preview: Anthropic's new model built for cybersecurity

On April 8, 2026, Anthropic released two things simultaneously: a new model called Claude Mythos Preview, and a security initiative called Project Glasswing. By mid-morning it had three separate threads near the top of Hacker News with a combined score above 2,000 points. That is unusual even for Anthropic, and it is worth understanding why.

What Claude Mythos Preview is

Claude Mythos is a specialized Claude model built with cybersecurity capabilities at its core. Most Claude releases are general-purpose improvements - better reasoning, longer context, faster output. Mythos is different. Anthropic built it specifically for security-sensitive tasks: vulnerability research, code auditing, threat analysis, and defensive security work.

The release came with a full System Card documenting its capabilities and limitations, and a separate red team assessment from Anthropic's safety team evaluating Mythos's cybersecurity capabilities specifically. That level of documentation at launch is not standard practice - Anthropic is signaling that this model is being taken seriously for professional security use.

As of the preview release, Mythos is available to try via the Anthropic API. It sits alongside the existing Claude model family rather than replacing it.

What Project Glasswing is

Project Glasswing is Anthropic's broader initiative to apply AI to securing critical software infrastructure. The name refers to the glasswing butterfly - transparent wings, hard to spot, precise. The project is focused on using AI to find vulnerabilities in widely-used software before attackers do.

Glasswing is both a research program and a signal about where Anthropic thinks AI's most important near-term applications lie. Critical software vulnerabilities - the kind that sit undetected for years in infrastructure used by millions of systems - represent one of the clearest cases where AI's ability to read and reason over large codebases translates into direct, measurable safety improvements.

This is not a new idea. In early 2026, a developer using Claude Code found a Linux kernel vulnerability that had been sitting undetected for 23 years. Glasswing is Anthropic formalizing that approach and applying it at scale.

Why cybersecurity specifically

Anthropic's choice to build a model specialized for security work makes sense for a few reasons.

First, the stakes are asymmetric. A missed vulnerability in widely-used software can be catastrophic. A false positive wastes a security researcher's time. The cost of being wrong in security is much higher on one side, which makes AI assistance genuinely valuable even if it is not perfect.

Second, security work is a strong match for what large language models do well. Finding vulnerabilities requires reading large amounts of code and holding multiple things in mind simultaneously - understanding data flow across functions, tracking how untrusted input moves through a system, recognizing patterns that match known vulnerability classes. These are cognitive tasks that exhaust human reviewers on large codebases and that AI handles without degradation over time or attention.

Third, Anthropic has a direct commercial incentive to be trusted in enterprise security contexts. Enterprise buyers - banks, healthcare systems, defense contractors - have security as a primary concern. A model with documented, red-teamed security capabilities that can be used for defensive purposes is a significantly stronger enterprise offering than a general-purpose model.

What this means for developers

For most developers, Claude Mythos Preview is not an immediate workflow change. The existing Claude models - Sonnet, Opus - remain the right choice for the vast majority of coding and writing tasks.

Mythos is relevant if you are in a role where security is a primary concern: security engineer, penetration tester, DevSecOps, or a developer at a company where security review is a formal part of the development process. In those contexts, a model purpose-built and publicly evaluated for security work is a meaningful upgrade over using a general model and hoping it spots vulnerabilities.

If you are already using Cursor or Claude Code for daily development, you should pay attention to whether Mythos gets integrated into those tools. A code editor backed by a security-specialized model for audit tasks - while using a faster general model for autocomplete - would be a compelling workflow.

The bigger picture

Claude Mythos and Project Glasswing together represent something important about where AI development is heading. The era of single general-purpose models that do everything is giving way to specialized models built for specific high-stakes domains - and security is an obvious first candidate.

Medical diagnosis, legal document review, and financial fraud detection are likely to follow the same pattern: specialized models, rigorous evaluation, documented capabilities and limitations. Mythos is an early example of what that looks like when done well.

The System Card and red team assessment released alongside Mythos set a documentation standard that other specialized model releases should match. Whether they will is a different question.

You can access Claude Mythos Preview through the Anthropic API. The model is in preview, which means pricing, availability, and capabilities may change before a full release.