Anthropic has developed a model called Mythos that the company says found thousands of critical vulnerabilities — including in every major operating system and web browser — and is delaying its public release because of those capabilities, according to Rhiannon Williams writing in MIT Technology Review. The article, published April 21, 2026, also reports that Anthropic has established a consortium of technology companies called Project Glasswing to apply those same capabilities defensively, and frames both developments within a broader account of AI tools lowering the cost of cybercrime.
The article reports that AI has expanded criminal use to composing phishing emails, generating deepfake clips, tweaking malware to evade detection, automating vulnerability discovery, generating ransom notes, and analyzing stolen data. The article characterizes AI as making attacks faster, cheaper, and easier to run at volume rather than necessarily more sophisticated on an individual basis.
Scale in practice
The article reports that Interpol has warned that scam centers across Southeast Asia are using inexpensive AI tools to target more potential victims and to relocate operations quickly when pressure increases. The United Arab Emirates recently claimed to have “foiled a series of shadowy AI-backed attacks on its vital sectors,” the article states. The article states that Anthropic says the vulnerabilities Mythos found have all been patched.
The article describes AI’s effect on active hacking itself as “not so clear-cut,” meaning the evidence there is less settled than for social engineering and phishing.
The defensive side
Microsoft is cited in the article as an example of defensive use at scale: the company processes more than 100 trillion signals per day flagged by its AI systems as potentially malicious or suspicious. Between April 2024 and April 2025, Microsoft says it blocked $4 billion worth of scams and fraudulent transactions, the article states.
Cybersecurity researchers quoted in the article are described as optimistic that high-volume attacks can be blocked through basic defenses — keeping software updated and adhering to network security protocols. The article leaves open the question of how well positioned defenders will be against more sophisticated future attacks.