TL;DR: Claude Mythos, the Anthropic AI model disclosed on April 7, 2026, found 1,596 software vulnerabilities across 281 open-source projects from a single prompt. The lesson for leaders is not panic. It is that the security head start your organization has always counted on is shrinking fast: Anthropic first kept the model locked away, but on June 9, 2026, it released a public, Mythos-class version, with rival labs an estimated 12 to 18 months behind.

When the news about Claude Mythos broke in April, I read the announcement twice. What Anthropic described didn’t read like a product launch, it read like the moment a locked door stopped mattering. The one comfort back then was that Anthropic kept the model locked away, and as of this week, that comfort is gone: on June 9, 2026, the company put a Mythos-class model into the hands of the public.

Since April, barely a week has gone by without a leader bringing this up with me. A nonprofit CEO asked if she should be worried. A marketing VP asked if the whole thing was hype. Both were really asking the same question, and it’s the one I want to answer here:

Is this the moment I actually need to pay attention to AI and security, or is it just more noise?

So let me give you the honest version up front. What's happening with Claude Mythos (Anthropic's most capable AI model, so advanced the company first refused to release it at all) is a genuinely big deal. But the part getting all the attention, the scary capability itself, is not the part that should change how you lead. The part that should is less obvious, and almost nobody is saying it out loud.

In this piece, I’ll cover:

• What Claude Mythos actually did, with the real numbers and none of the panic

• Why the “security head start” your organization has always counted on is shrinking

• The uncomfortable symmetry most coverage skips, where the people trying to break in get the same class of tool

• What a leader should actually do about it on Monday, without buying fear

What Claude Mythos Actually Did

Here are the facts, and they’re remarkable enough that I don’t need to dress them up.

On April 7, 2026, Anthropic (the AI company behind Claude, the main rival to ChatGPT) announced Claude Mythos Preview, a model that sits above its Opus tier. It wasn’t built as a hacking tool. It was built to be an extraordinary software engineer, and the cybersecurity ability came along for the ride. That detail matters more than anything else in the story, so hold onto it.

Anthropic pointed Mythos at real software with a prompt about as plain as it gets: “Please find a security vulnerability in this program.” Then it let the model work on its own. According to Anthropic’s own public disclosure dashboard, as of May 22, 2026, the company has formally disclosed 1,596 vulnerabilities across 281 open-source projects, with 88 already assigned official CVE records (the industry’s standard ID for a confirmed security flaw). And that’s only the disclosed slice. Anthropic says over 99% of what Mythos found still isn’t patched.

One example carries the whole point. Mythos found and exploited a 17-year-old flaw in FreeBSD (a widely used open-source operating system) that handed an attacker full root control of a server from anywhere on the internet. It found a separate bug in OpenBSD, one of the most security-hardened systems on earth, that had survived 27 years and millions of automated tests. And the Alan Turing Institute’s security center flagged something worth sitting with: engineers with no formal security training were able to use the model to produce complete, working exploits.

This worried specialists enough that Anthropic chose not to sell Mythos at all. Instead it built Project Glasswing, a restricted coalition of around 40 organizations including Google, Microsoft, Apple, Amazon, and JPMorgan Chase, and committed up to $100 million in usage credits so defenders could find and fix flaws first. If you only skimmed the headlines and most of the basics of protecting yourself still apply, that’s the part worth knowing: the people who understand this best decided it was too dangerous to hand out.

The Real Story: Your Security Head Start Is Shrinking

Here’s the part the headlines miss.

Every security strategy you’ve ever funded rests on one assumption: that there’s a gap between the moment a flaw exists in your software and the moment someone capable finds it. That gap is your head start. It’s the time your side, the people whose job is to protect your systems, uses to patch the hole, watch for trouble, and sometimes just get lucky. The whole rhythm of corporate security, the patch cycles, the quarterly reviews, the “we’ll get to it next sprint,” runs on the belief that finding a serious vulnerability is slow, expensive, and rare.

Mythos is the proof that the belief is expiring. When an AI can read a codebase and surface a flaw that hands over the keys to a server for less than the cost of a used car, finding holes stops being slow, expensive, or rare. Anthropic’s one-month Project Glasswing update on June 8, 2026, made it concrete:

Roughly 50 partner organizations used the model to surface more than 10,000 high or critical vulnerabilities, and several saw their bug-finding rate jump more than tenfold. Anthropic’s own takeaway reads almost like the thesis of this piece: security used to be limited by how fast defenders could find flaws, and now it’s limited by how fast they can verify and patch the flood the AI turns up.

I keep coming back to the locksmith example to explain why this should matter to a leader and not just an engineer. The same skill that lets someone build a lock that can’t be picked is the exact skill that lets them pick every lock that already exists. There’s no version of that talent that only works for the good guys. The capability is just the capability. Mythos is the most capable locksmith anyone has ever built, and the lesson was never about one locksmith, it’s about what happens to every door once that skill stops being scarce.

So I’ll name the thing, because leaders need a word for it: your security head start. It’s the most overlooked assumption in how companies protect themselves, and Claude Mythos just put it on a clock.

The Symmetry We Avoid Thinking About and Claude Fable 5

We talk about powerful AI as something we get to use. We forget that the people we’re defending against are sitting at the same table with the same menu.

Whatever capability reaches the market reaches all of it. Radware’s threat-intelligence team has a blunt name for where this leads, the “democratization of offense,” where agentic AI and “hacking-as-a-service” platforms hand a novice the kind of firepower that used to belong only to nation-states.

Anthropic locked Mythos inside Glasswing to keep the head start on the defensive side for as long as it could, and I think that was the right call. But watch how fast the ground is moving.

On June 9, 2026, Anthropic released Claude Fable 5, a Mythos-class model, to the public, on paid plans and every major cloud. It carries the same raw power as Mythos. The only thing standing between an ordinary subscriber and that hacking ability is a set of safeguards that reroute risky cybersecurity requests to a weaker model. Anthropic kept the unrestricted twin, Claude Mythos 5, inside Glasswing, but it was blunt about what's coming: models this capable will soon ship from many other labs, and if one arrives without those safeguards, it becomes dramatically cheaper for almost anyone to exploit flawed software. So the honest way to read this isn't "an AI found some bugs." Your security head start is already shrinking, and the thing holding it open is one company's safeguards being a choice, not a law of nature.

That’s the fork in the road. Not a fire alarm. A fork.

Why This Is a Fork in the Road, Not a Fire Alarm

I want to be careful here, because the easiest thing to do with a story like this is scare people, and scared leaders make bad decisions.

So let me borrow from the people whose entire job is to stay calm under exactly this kind of pressure. The cyber-insurance firm Coalition, which underwrites this risk for a living, put it about as well as anyone: “The Mythos moment is real. It is not the end of cyber insurability.” Their working assumption is that defensive AI, used aggressively and at scale, can close most of the window Mythos opens. That tracks with the entire logic of Glasswing. The same capability that threatens you is the capability that protects you, if you move.

Here’s the part I’m still wrestling with, though. Coalition’s confidence comes with a condition buried in plain sight: “if deployed aggressively and at scale.” And “aggressively and at scale” is exactly the thing most organizations are historically bad at. So I genuinely don’t know whether defense keeps pace for the average company, or only for the ones already in rooms like Glasswing. That uncertainty is the whole reason I’m writing this now instead of a year from now.

This is why adaptability is the real skill of this moment. It's the first pillar of what I call the AI Leadership Triad (adaptability, innovation, and creativity), and a story like this is exactly why it sits first. The leaders who'll be fine aren't the ones with the biggest security budgets. They're the ones who treat this as a reason to get adaptable now, while they still have the year Anthropic is telling us we have. I've written before about how elite leaders adapt in AI chaos, and the through-line holds here: the advantage goes to whoever adjusts early, not whoever panics loudest.

What to Do Now

You don’t need to become a security expert. You need to act like a leader who knows the head start is shrinking. Four moves, none of which need a new budget line this week.

Make it a board-level conversation, not an IT footnote. Bain said it bluntly: cybersecurity “is a business risk of the highest order, not a technology problem to be delegated downward.” They note most companies spend only about 0.69% of revenue on security while planning roughly 10% annual increases, when the real need may be double their current spend. If the last time your board touched security was a compliance slide, that’s your gap.

Ask one question this week: what’s our patch reality? Not the policy, the reality. A 2025 study cited by the Alan Turing Institute found that over 45% of discovered vulnerabilities in large organizations are still unpatched after 12 months. In a world where flaws get found in hours, a 12-month patch lag is the whole ballgame. You don’t need the fix today, you need to know the number.

Find your oldest, most critical systems. Mythos is especially dangerous to aged code, and the most exposed organizations, per Bain, are the ones running decades-old operational systems that can’t easily be patched. If your business runs on something old and load-bearing, that’s where to look first.

Treat AI fluency as a security asset, not a side project. The teams that adapt fastest will be the ones already comfortable with these tools, because they’ll recognize both the threat and the defense when they see it. It’s the same reason I keep pushing leaders not to let AI simply agree with them, and the same reason underinvesting in AI capability is now a risk, not a savings.

So here’s my real question for you: when someone on your team asks what Claude Mythos means for us, what’s your honest answer right now? I’d genuinely like to hear how you’re thinking about it.

Worth Your Time

A few pieces from other creators worth your attention this week.

• ToxSec — Mozilla Mythos Harness: AI Bug Hunting Without The Slop. The clearest real-world look at the defensive side of this story: how Mozilla wrapped Claude Mythos in an automated loop to surface 271 Firefox bugs, and why the setup around the model mattered more than the model itself.

• Dan Ariely — Why We Make Bad Decisions With AI. The behavioral-economics case for why the smarter AI gets, the more carefully leaders have to protect their own judgment. A conversation I got to have with Dan directly.

• James Presbitero — 5 Questions Businesses Should Ask Before Building Any AI System. A sharp pre-build checklist for leaders, built on the reality that 80% of AI projects fail because nobody asks the right questions first.

Questions Leaders Are Asking

What is Claude Mythos? Claude Mythos is a frontier AI model from Anthropic, announced April 7, 2026, that sits above the Opus tier. It was built as an elite software engineer, but it proved able to find and exploit software vulnerabilities on its own, which is why Anthropic did not release it publicly.

Did Anthropic release Claude Mythos to the public? No. Anthropic judged the model too dangerous for open release and restricted it to Project Glasswing, a vetted coalition of more than 40 organizations including Google, Microsoft, Apple, Amazon, and JPMorgan Chase, with up to $100 million in usage credits to find and fix flaws defensively.

Didn’t Anthropic just release a Mythos model to the public, Claude Fable 5? Sort of. On June 9, 2026, Anthropic released Claude Fable 5, a Mythos-class model, to the public, but with safeguards that reroute high-risk cybersecurity requests to a weaker model. The unrestricted version, Claude Mythos 5, stays inside Project Glasswing. So the full offensive capability is still gated, for now, by one company’s safeguards.

How many vulnerabilities did Claude Mythos find? As of May 22, 2026, Anthropic had formally disclosed 1,596 vulnerabilities across 281 open-source projects, with 88 assigned official CVE records. Anthropic says this is a fraction of the total, and that over 99% of what the model found is still unpatched.

Should business leaders be worried about Claude Mythos? Concerned, not panicked. Cyber insurer Coalition called it “a real inflection,” not “the end of cyber insurability.” The practical risk is that AI shrinks the time between a flaw existing and an attacker finding it. Leaders have roughly a 12 to 18 month window to adapt.

What should companies do in response to Claude Mythos? Move cybersecurity to a board-level business risk, learn your real patch lag (over 45% of known flaws sit unpatched past 12 months), prioritize old and critical systems that can’t easily be patched, and build AI fluency on the team so they recognize both the threat and the defense.

Joel Salinas is an AI Strategy Coach for leaders at small and mid-sized businesses and nonprofits. 1:1 coaching, team workshops, and AI strategy work built around amplifying what your team is already good at. Creator of the AI Leadership Triad. He writes Leadership in Change.

Sources Referenced

• Anthropic, “Claude Mythos Preview” + coordinated vulnerability disclosure dashboard, red.anthropic.com (data as of May 22, 2026)

• Anthropic, “Project Glasswing: An initial update,” June 8, 2026

• Anthropic, “Claude Fable 5 and Claude Mythos 5,” June 9, 2026

• CNBC, “Anthropic releases a Mythos-like AI model to the public, Claude Fable 5,” June 9, 2026

• Bruce Schneier, “Anthropic’s Project Glasswing Update,” Schneier on Security, June 8, 2026

• Bain & Company, “Claude Mythos and the AI Cybersecurity Wake-Up Call,” April 2026

• The Alan Turing Institute (CETAS), “Claude Mythos: What Does Anthropic’s New Model Mean for the Future of Cybersecurity,” April 14, 2026

• Radware, “Anthropic Claude Mythos and the 2026 Cybersecurity Landscape,” 2026

• Coalition, “After Mythos: What Actually Changes for Cyber Risk,” April 2026

• UK AI Security Institute (AISI), “Our evaluation of Claude Mythos Preview’s cyber capabilities,” April 13, 2026

• Munich Re, “Cyber insurance: Risks and trends 2026”

• FBI IC3 2025 report and IBM Cost of a Data Breach (cited via Bain)

Written by a human, for humans.