Anthropic Built a Security Researcher. Then It Lost Track of It.

Here's the part that keeps nagging at me: nobody's calling this a crisis.

A group of unauthorized users got into Anthropic's Claude Mythos Preview — a model the company itself described as capable of identifying and exploiting vulnerabilities across every major operating system and every major web browser — through a third-party contractor portal and some basic internet sleuthing, according to Bloomberg's reporting covered by The Verge, Engadget, and TechRadar. Anthropic confirmed it's investigating. The group, per someone familiar with the matter, was just curious. Just wanted to try it.

Fine. Sure. That's probably true. And it's also completely beside the point.

The Capability Is the Story

Mozilla's team used Mythos to find and patch 271 vulnerabilities in Firefox's latest release. Two hundred and seventy-one. Ars Technica reported that Anthropic's CTO described the model as "every bit as capable" as the world's best security researchers. Mozilla's own assessment was starker: they'd found no category or complexity of vulnerability that humans can find that this model can't.

Sit with that for a second. Not "comparable to" human researchers. Not "approaching" them. Can't find anything they can't.

So what Anthropic built — and then lost track of, briefly, through a contractor's credentials — is not a tool that assists security researchers. It's a tool that replaces them. The distinction matters enormously, and almost nobody in the coverage is making it directly.

Anthropomorphic is the wrong frame here. The more useful one is: what happens to the security research profession when a model can do the job faster, cheaper, and at scale? And who controls that model determines, in a very practical sense, who controls the internet's vulnerability surface.

That's not theater. That's a structural shift dressed up as a product launch.

Two Problems, One Week

The Mythos breach didn't arrive alone. Researchers at OX Security separately disclosed an architectural vulnerability in Anthropic's Model Context Protocol — the underlying infrastructure connecting AI models to external tools — that reportedly puts around 200,000 AI servers at risk of remote code execution, per Tom's Hardware. That's not a Mythos problem specifically. That's a foundation problem.

Project Glasswing, the initiative Mythos launched under, arrived with significant fanfare and a limited release to a small number of trusted partners, according to Engadget. Within weeks, two separate security stories had broken — one about the model leaking out, one about the protocol it runs on being exploitable.

The irony is almost too clean. Anthropic built a tool to find security vulnerabilities, then demonstrated two of its own.

I've watched enough of these cycles to know the next move: a statement, a patch, a reassurance about the integrity of the system going forward. Maybe a tightened vendor policy. The thing that won't happen is an honest public accounting of what it means to deploy a capability this powerful before the security scaffolding around it is solid. That conversation doesn't happen at launch events.

Mozilla's results are genuinely impressive — a third party saying the tool works is more meaningful than Anthropic saying it — and I'm not dismissing the real value of patching 271 Firefox vulnerabilities before someone malicious found them. That matters. But the same model that found those vulnerabilities just demonstrated that its own house has cracks in it.

The question nobody's asking out loud is the only one worth asking: if a contractor's portal was all it took to access a model capable of breaking any major browser, what exactly was the plan if the curious group hadn't been curious?