SAN FRANCISCO— Anthropic’s tightly controlled rollout of its Claude Mythos cybersecurity model has hit a concerning snag, with a small group of unauthorized users reportedly gaining access to the system shortly after the company began offering it to a select group of testers, according to The Verge, which cited earlier Bloomberg reporting.
The episode is drawing fresh scrutiny because Anthropic has repeatedly described Mythos as so powerful in cyber use cases that it was too dangerous for public release.
The Verge said the unauthorized access did not appear to involve a sophisticated hack or theft of the model itself. Instead, Bloomberg reported the group was able to make what was described as an “educated guess” about Mythos’ online location, using information exposed in a breach tied to Mercor—an AI training data company—combined with access one individual had through contract work evaluating Anthropic models.
According to The Verge, that relatively basic pathway is what makes the incident especially damaging for Anthropic’s image. The publication noted that security experts characterized the failure as “entirely imaginable,” with researcher Lukasz Olejnik telling The Verge the type of educated-guess access described is the sort of issue the cybersecurity industry has dealt with for years—raising questions about why Anthropic did not better anticipate the risk given that relevant supply-chain information had already been exposed.
The Verge further reported that Anthropic should likely have been able to detect unusual use, because experts said the company has the ability to log and track model activity. That has intensified criticism that Anthropic may not have been monitoring access closely enough, particularly because the Mythos rollout was supposed to be tightly limited and because the company has portrayed the model as a potentially major offensive and defensive cyber capability.
The publication said Bloomberg found the unauthorized users were not using Mythos for cybersecurity work, in part because they were “messing around” with the model and in part because doing so could have alerted Anthropic. The Verge said that may amount to a lucky break, given Anthropic’s own claims that Mythos represented a “watershed moment for security,” with the company saying the model found vulnerabilities in major operating systems and browsers and needed a carefully managed rollout to give defenders time to strengthen systems.
The Verge also noted this is not the first awkward security episode tied to Mythos. The publication said the model’s existence was previously revealed before launch through what it described as an “unsecured data trove” tied to website content infrastructure, making the latest unauthorized access look even more problematic for a company that has built much of its brand around AI safety and responsible deployment.
Section: Standard
Word Count: 509
Copyright Holder: CUToday.info
Copyright Year: 2026
Is Based On:
URL: https://www.cutoday.info/Fresh-Today/Anthropic-s-Too-Dangerous-To-Release-Mythos-Model-Reportedly-Breached-By-Unauthorized-Users