Every few years, cybersecurity encounters a technology that forces the industry to pause and reassess its assumptions. Cloud computing did it. EDR did it. Generative AI and PentAGI are doing it now.
This time, the conversation revolves around Anthropic and its new offensive-security-focused model, “Claude Mythos Preview”.
According to Anthropic, Mythos demonstrated advanced vulnerability discovery capabilities across operating systems, browsers, and simulated enterprise environments. Independent evaluations from the UK AI Security Institute further amplified the discussion, citing meaningful improvements in exploit chaining, cyber-range performance, and multi-step attack execution.
Those claims deserve attention. But they also demand scrutiny.
Because beneath the headlines sits a more important question:
Is Claude Mythos genuinely redefining offensive security, or is the industry witnessing another carefully engineered AI narrative built around selective demonstrations, benchmark theatre, and scarcity-driven marketing?
At RedSecLabs, our assessment is that the answer sits somewhere in the middle. Mythos appears to be a real advancement, but the way it is being discussed often says as much about marketing psychology as it does about offensive security.
Why the Industry Is Paying Attention
The excitement around Mythos is not irrational. Modern security teams are operating under increasing pressure:
- Attack surfaces continue to expand
- Codebases are growing exponentially
- Skilled security researchers remain limited and expensive
- Vulnerability backlogs already exceed remediation capacity
- Exploitation timelines have collapsed dramatically
Against that backdrop, the idea of an AI system capable of reviewing code, identifying exploit paths, and assisting researchers at scale is naturally compelling.
And to be clear, AI-assisted vulnerability discovery is not speculative anymore. It is already happening.
The practical appeal of Mythos lies in amplification:
- reviewing more code in less time
- identifying recurring weakness patterns
- accelerating exploit research
- improving triage workflows
- supporting large-scale analysis tasks
Those are meaningful operational advantages. The problem begins when operational assistance gets reframed as autonomous offensive capability. That is where the industry conversation becomes distorted.
The “Thousands of Vulnerabilities” Narrative Needs Context
Some coverage and commentary around Mythos has focused on large numbers of vulnerabilities found across major operating systems, browsers, and widely used software. Anthropic has also published material describing zero-day discovery as a major cybersecurity moment.
But security professionals know that vulnerability counts can be misleading.
A finding may be technically valid but low impact. It may be unreachable in production. It may require unrealistic assumptions. It may already be mitigated by another control. It may be useful for hardening, but not meaningful from an attacker's perspective.
That does not make the work worthless. It means the headline number is not enough.
It is also worth noting how Anthropic structured its own demonstration. Rather than disclosing live zero-days, the company gave Mythos a list of 100 known CVEs against the Linux kernel and asked it to filter and exploit them.
The model selected 40 as potentially exploitable and succeeded on more than half. That is impressive. It is also a controlled test with known inputs, not a live offensive engagement against an unknown target.
The real questions security leaders should ask are:
- How many findings remained exploitable in production?
- How many were high severity?
- How much human validation was required?
- How many represented genuinely novel attack paths?
- How consistently can results be reproduced?
Without those answers, volume becomes a marketing signal as much as a security signal.
Code Access Changes Everything
This is one of the most important points missing from the wider discussion.
AI-assisted vulnerability discovery works best when the model has access to code, structure, dependencies, and surrounding context. That is not how many real-world assessments work.
In penetration testing, teams often operate with partial visibility. Sometimes it is black box. Sometimes it is a grey box. Sometimes documentation is incomplete. Sometimes the most important weakness is not in the code at all, but in the way systems, permissions, processes, and users interact.
A model that performs well with full code visibility may be far less effective when faced with:
- closed-source applications
- undocumented APIs
- fragmented infrastructure
- business logic flaws
- unusual workflows
- missing context
Anthropic has acknowledged this to a degree. The company describes how Mythos was used to reconstruct plausible source code for closed-source targets and then validate exploits against the real software. That is a meaningful capability. But reconstruction under test conditions is still different from the incomplete, ambiguous visibility a researcher faces in a real-world grey-box engagement.
Mythos may be excellent at analysing what it can see. The harder question is how well it performs when the most important risk is hidden in what it cannot see.
Benchmarks Matter. Production Reality Matters More.
According to its Transparency Hub, Mythos Preview achieved:
- 83% on CyberGym tasks
- compared to 67% for Claude Opus 4.6
- and 65% for Claude Sonnet 4.6
That is a meaningful improvement. But benchmarks are not the same as live environments.
A benchmark can show that a model performs well against a defined task. It can show reasoning, tool use, pattern recognition, and exploitation ability under test conditions. What it cannot fully show is operational reliability.
Real environments are messy. Access is limited. Logs are incomplete. Systems behave differently from documentation. Business logic is inconsistent. Security controls interact in unexpected ways.
A strong benchmark result means: This model can perform well in this scenario.
It does not automatically mean: This model can replace a researcher in a live assessment.
What Practitioners Are Really Saying
The more grounded reaction from security communities is not that Mythos is fake. It is that Mythos is probably useful, but bounded.
Reddit discussions capture both sides well. Some users argue that the "too powerful to release" framing is a classic marketing tactic. Others accept that Mythos is useful, but push back on the idea that it represents a complete reinvention of vulnerability research.
The practical view is closer to this:
- It can help review code faster.
- It can identify known vulnerability classes.
- It can support researchers with repetitive analysis.
- It can improve coverage.
- It can reduce time spent on lower-value review tasks.
But it still needs direction. It still needs validation. It still needs someone who understands impact, exploitability, business context, and risk.
The Real Shift is Amplification, Not Replacement
The strongest case for Mythos is not that it replaces security researchers. It is that it amplifies them.
A skilled researcher with better tooling becomes faster. A team with strong workflows can cover more ground. A security function with good triage can turn more findings into action. That is where the real value sits.
AI can help with:
- code review at scale
- identifying recurring weakness patterns
- summarising complex code paths
- generating test ideas
- accelerating reconnaissance
- supporting exploit development under human control
But the highest-value parts of security work remain human-led:
- deciding what matters
- understanding business context
- chaining findings creatively
- assessing real-world impact
- communicating risk clearly
- prioritising remediation
The tool may get stronger. The need for judgement does not go away.
What Does This Actually Cost, and is the ROI There?
This is the question most commentary skips entirely. Capability matters. But so does accessibility.
Mythos Preview is not publicly available. Access is currently restricted to approximately 50 organisations participating in Project Glasswing, including AWS, Apple, Palo Alto Networks, and Nvidia.
Anthropic has stated that its eventual goal is to enable broader deployment, but no pricing or timeline has been confirmed. For the vast majority of security teams, Mythos is not a purchasing decision. It is a technology to watch.
For teams evaluating what AI-assisted security tooling actually costs today, the numbers look like this.
- Traditional penetration tests in 2026 range from roughly $5,000 to $150,000+ depending on scope and expertise.
- Most mid-market engagements fall between $10,000 and $50,000.
- These are still point-in-time assessments, while the window between vulnerability discovery and exploitation has dropped from 771 days in 2018 to under four hours in 2024.
Most organisations already uncover more vulnerabilities than they can realistically remediate. AI simply exposes that gap faster. A model that generates thousands of findings only creates value if the organisation has:
- Mature triage processes
- Engineering teams that can respond quickly
- Clear prioritisation and remediation workflows
Without that operational capacity, AI-driven discovery becomes a larger and more expensive backlog, not stronger security.
The companies most likely to benefit from Mythos-class tooling are not the ones struggling to find vulnerabilities. They are the ones already capable of acting on them quickly.
There is Also a Marketing Lesson Here
Mythos is not just a technical story. It is also a positioning story.
The name, the restricted access, the language around capability, the focus on dramatic results, and the wider Project Glasswing framing all create a sense of urgency and scarcity.
Anthropic describes Glasswing as an initiative to secure critical software for the AI era, which is a legitimate defensive objective, but it also reinforces the idea that Mythos represents a major strategic capability.
That does not mean the capability is not real. It means the capability is being packaged in a way that maximises attention.
Security vendors have done this for years. AI makes the effect stronger because people already expect sudden leaps, hidden capabilities, and dramatic breakthroughs.
The result is a narrative that is hard to verify and easy to repeat. That is why the industry needs to be careful. Not cynical, but careful.
So, is Claude Mythos Overhyped?
Probably, yes.
But overhyped does not mean useless.
The better answer is: Claude Mythos appears to be a real advancement, wrapped in a very effective marketing narrative.
- It may improve vulnerability discovery.
- It may accelerate code review.
- It may raise the baseline for offensive security tooling.
- It may become genuinely important.
But it is not magic. It is not a fully autonomous hacker. It is not a substitute for experienced security teams.
The organisations that benefit most will be the ones that treat AI as an assistant, not an oracle.
Final Thoughts
The real lesson from Mythos is not that AI will replace security professionals.
It is that parts of security work are becoming more automated, more scalable, and more dependent on tooling. That will change how assessments are performed. It will change how attackers operate. It will change how defenders triage and respond.
But the core challenge remains the same. Finding issues is only part of security.
Understanding which issues matter, how they can be exploited, and what should be done about them is where expertise still matters most. That is where the hype ends and the real work begins.