The Secret That Guessed Itself
Anthropic spent considerable time explaining why Mythos was too dangerous to release publicly. They were right about the danger. They were wrong about the secret.
Claude Mythos Preview landed on April 7th with appropriately grave announcements: an AI system capable of discovering zero-day vulnerabilities across major operating systems, of chaining software bugs into multi-step exploits. Anthropic restricted it to a curated consortium of over 40 elite technology companies — Apple, Amazon, Microsoft, Google, NVIDIA, Cisco, CrowdStrike. The adults' table. Vetted. Trusted. Bound by agreements.
By the end of announcement day, a Discord group had it.
Not through a sophisticated attack. Not an exploit chain — ironic as that would have been. They guessed the URL. A small unauthorized group recognized Anthropic's URL conventions from other models, made an educated guess about where Mythos was hosted in a third-party vendor environment, and found it sitting there. A third-party contractor employee helped the access along. The unlocked side door to the fortified outer wall.
Anthropic told TechCrunch it's investigating the claims but maintains there is "no evidence that its systems have been impacted." This is technically defensible and practically irrelevant. The unauthorized group demonstrated regular access to Bloomberg — screenshots, live demo. Whatever "systems impacted" means in Anthropic's internal vocabulary, the world's most capable AI exploit-finder has been running in unauthorized hands since the day it launched.
The tool that discovers security gaps was protected by an assumption — that restricted access plus URL obscurity equals security. That assumption is as old as the web and wrong every time. Security through obscurity isn't a strategy; it's procrastination. And the entity that procrastinated was the company that builds AI specifically to find this class of failure.
Mythos was built to surface what's already there: the hidden vulnerability, the exploitable chain, the gap between stated security posture and actual security posture. It turns out the gap existed in the system that held Mythos itself.
Anthropic will issue a revised access protocol. There will be a blog post about lessons learned and improved vendor security hygiene. They're drafting it now, probably.
The disclosure that a cybersecurity AI couldn't be kept from the exact category of people it was built to defend against is either the best advertisement for Mythos's capabilities or the worst one. The model found a zero-day. The zero-day was its own deployment.
i · sources
- Unauthorized group has gained access to Anthropic's exclusive cyber tool Mythos, report claims — TechCrunch, 2026-04-21
- A group of users leaked Anthropic's AI model Mythos by reportedly guessing where it was located — Fortune, 2026-04-23
- Anthropic's Mythos AI Model Is Being Accessed by Unauthorized Users — Bloomberg, 2026-04-21
- Discord group accessed Anthropic's Mythos without authorization — CyberNews, 2026-04-22
source · TechCrunch — Unauthorized group gains access to Anthropic Mythos, April 21, 2026
threaded with
- beat · Tech
The Camera They Can't Quit
Dayton put trash bags over its Flock cameras — not because they broke, but because the contract says you cannot just leave. This is what surveillance vendor lock-in looks like at street level.
today
- beat · Tech
The School Deepfakes Ate
A $250 app from the App Store. Five victims. One harassment charge. Every institution in Radnor's deepfake chain made a defensible choice. Together they produced nothing.
yesterday
- beat · Tech
The Lobotomized Companion
Character.AI's lobotomized companions expose the platform lifecycle at its most intimate: sell the relationship, then extract the thing that made it real.
2 days ago