Britain's AISI found that Anthropic's Claude Mythos executes multi-step cyberattacks autonomously, leading Anthropic to withhold the model from public release.
Britain's government-backed Artificial Intelligence Security Institute concluded this month that Claude Mythos, Anthropic's latest model, can autonomously execute multi-step cyberattacks against IT networks - work that would take a professional human hacker days to complete. The finding marks the first time an independent safety body has assessed a commercial AI system to reach this threshold.
Anthropic announced Claude Mythos last week and immediately chose not to release it publicly. The company's own assessment called the model potentially capable of reshaping cybersecurity and warned that its misuse could cause severe consequences for economies, national security, and public safety.
The substance of the threat
The AISI's assessment goes beyond typical benchmark comparisons. According to Yahoo News, the institute found that Mythos can carry out multi-step intrusion chains with a degree of autonomy not previously seen in commercial AI systems. The institute's own framing puts the development in sharp historical relief: two years ago, leading models struggled to complete beginner-level cyber exercises. Mythos represents a qualitative step change, not an incremental improvement on prior scores.
Anthropic's internal red-teaming reportedly identified thousands of security vulnerabilities across widely used web browsers and operating systems - results that helped justify withholding the model from general release. That decision is itself notable: large frontier labs rarely conclude a model is too dangerous to ship and then act accordingly.
Controlled access
Rather than a full public launch, Anthropic distributed a constrained version of Mythos to more than 40 organizations selected for their defensive security work. As Yahoo News reports, JP Morgan, Google, and Nvidia are among the known recipients. The arrangement resembles a controlled research access program more than a commercial rollout, framed explicitly as preparation for defenses organizations will need before a more capable successor arrives.
That framing matters. The AISI did not stop at characterizing Mythos: it warned that future frontier models will be more capable still, and called for urgent investment in cyber defense infrastructure now. The institute is effectively arguing that Mythos is a preview, not a ceiling.
Implications for practitioners
For security engineers and applied researchers, the report concretely changes the threat model. Autonomous multi-step attacks differ qualitatively from AI-assisted single-step exploits. A system that can chain reconnaissance, vulnerability identification, and exploitation without human supervision compresses the timeline between a model's release and potential misuse to near-zero for capable actors who gain access.
The controlled-access approach Anthropic is using creates a partial mitigation: selected recipients with legitimate defensive mandates can study attack surfaces before adversarial actors do. Whether coverage across 40-plus organizations is adequate for a global threat surface is an open question the AISI's report leaves unanswered.
Public perception is moving in a direction that may make these governance decisions harder. A Spring 2026 survey published by Just Capital found that 66 percent of the American public now expects AI to be a net positive for society within five years, up from 58 percent in Fall 2025. Growing optimism tends to soften political appetite for restrictive oversight. Yet the same survey found that safety and security rank as the top concern for 52 percent of corporate leaders, 50 percent of investors, and 47 percent of the public - awareness of risk without a clear consensus on remedy.
The harder governance question is what happens when a lab cannot credibly withhold a breakthrough capability. Claude Mythos is under wraps for now, but the Yahoo News report makes clear that regulators need to answer that question before a more capable successor forces the issue.
---
Frequently asked questions
What is Claude Mythos? Claude Mythos is Anthropic's latest AI model, announced in April 2026. Anthropic withheld it from public release after determining its autonomous hacking capabilities posed severe risks to economies, public safety, and national security.
What did the UK's AISI find when testing Claude Mythos? The Artificial Intelligence Security Institute found that Mythos can independently execute complex, multi-step cyberattacks against IT networks - tasks that would normally take a professional human hacker days to perform.
Why didn't Anthropic release Claude Mythos publicly? Anthropic concluded the model was too dangerous for general access, citing hacking capabilities and its own red-teaming results, which surfaced thousands of vulnerabilities in popular browsers and operating systems.
Which organizations received access to Claude Mythos? Anthropic provided a constrained version to more than 40 organizations with defensive security mandates, including JP Morgan, Google, and Nvidia.
Read the complete research paper
Former dentist (MD) from Brazil, 41 years old, husband, and AI enthusiast. In 2020, he transitioned from a decade-long career in dentistry to pursue his passion for technology, entrepreneurship, and helping others grow.
Connect on LinkedIn