Descriptions:
Nate Herk breaks down Anthropic’s Claude Mythos — the company’s most capable internal model — with a focus on the specific benchmarks and real-world security findings that explain why Anthropic chose not to release it publicly. The video makes a counterintuitive argument: that the decision to withhold the model is actually evidence that AI safety practices are working as intended.
The numbers are striking. On SWEbench, the standard industry test for real-world software bug fixing, Anthropic’s current best public model Opus scores 80.8% — itself a strong result. Mythos scores 93.9%, a generational leap rather than an incremental improvement. On cybersecurity benchmarks measuring actual vulnerability exploitation, Opus scores 66.6% and Mythos scores 83.1%. Beyond benchmarks, Mythos found a bug in OpenBSD that had gone undetected for 27 years, a vulnerability in FFmpeg — the video processing library underlying most of the internet — that 5 million automated tests missed across 16 years, and multiple Linux privilege escalation flaws. Crucially, Mythos doesn’t just find individual bugs: it chains multiple small vulnerabilities together into full attack sequences, replicating the approach of elite human penetration testers.
Rather than releasing the model or locking it away, Anthropic launched Project Glasswing — giving access to defenders first. Partners include AWS, Apple, Google, Microsoft, Nvidia, Cisco, Crowdstrike, and JP Morgan, along with over 40 critical software infrastructure organizations. Anthropic committed $100 million in usage credits, $4 million to open source security groups, and pledged to publish findings within 90 days.
📺 Source: Nate Herk | AI Automation · Published April 07, 2026
🏷️ Format: News Analysis
