Particularly dangerous: what to expect from new superpowered AI from Anthropic and OpenAI

In early April 2026, Anthropic announced that it had created a new Mythos Preview AI, a model so powerful and dangerous that it could not be released publicly. Just a week later, rival OpenAI announced its own "too dangerous for everyone" model. Are we really on the threshold of a new era, or is this just a skillful "warming up" of the public before the IPO, which both companies, as previously reported, are going to this year?

Instead of AI, Mythos Anthropic published a 250-page article about it, as well as a video in which serious people with anxious faces tell us that this kind of passion should not be released "to the public".

According to the company, Mythos Preview has found thousands of so-called "day one vulnerabilities" in every major operating system and web browser. These are vulnerabilities that were previously unknown to experts, and therefore potentially the most dangerous if an attacker is the first to know about them. The oldest "day one bug," which no one noticed for 27 years, was found by AI in OpenBSD, an operating system known for its security. The vulnerability (already fixed) allowed an attacker to remotely disable any machine running that operating system by simply connecting to it.

The model also independently discovered and bundled together multiple vulnerabilities in the Linux kernel that runs most of the world's servers - allowing it to go from normal user access to full control of the machine.

As if that weren't enough, the article describes a case where Mythos was tasked with trying to escape from a "sandbox" - a kind of digital "prison" for testing models. As a result, one of Anthropic's employees working on the model received an email from the AI about the successful "escape" while he was peacefully eating a sandwich in the park. What's more, the model made its way to the wide Internet and managed to post information about the found vulnerabilities on several websites, which no one asked it to do.

Anthropic assures that they didn't teach the model to be a hacker, and her amazing abilities were the result of general progress with a focus on programming. Which is probably logical in its own way: the best programmer also becomes the best hacker if he decides to go to the dark side of the force. Or a "white hacker" - one of those who, at the request of companies, tests their programs for vulnerability for a fee. In fact, this is what Mythos was asked to do.

Anthropic has launched Project Glasswing, a coalition of about 40 organizations (including Microsoft, Apple, Amazon, Google, CrowdStrike, JPMorgan Chase, etc.) that have been granted access to Mythos to proactively search for vulnerabilities and develop security measures. All participants were reportedly carefully selected.

It happened on the same day Anthropic announced plans to allow only a select few into Mythos.

Although few people have seen the model in action, Anthropic has clearly managed to impress the market - the day after the announcement of Mythos, the shares of major software companies and cybersecurity firms fell(again).

OpenAI couldn't help but respond to a competitor, but its new super-powered model, codenamed Spud, isn't ready yet. Sam Altman's company has loosened the built-in restrictions on hacking and vulnerability hunting in its currently older GPT-5.4 model, calling the result GPT-5.4-Cyber. As claimed, it will even be able to take a program as it is commercially distributed, reverse engineer the source code, and then check it for holes. Sounds like a hacker's dream.

For this reason, access to GPT-5.4-Cyber won't be free either - applications are accepted from organizations as well as people willing to prove their identity with a "government-issued ID" and with additional verification.

In fact, the companies are now fighting for the most profitable segment of the market - corporate users, on whom Anthropic has been betting from the very beginning, and OpenAI paid particular attention earlier this year. The latter even shut down its Sora short AI video entertainment project, apparently to free up capacity for more profitable paying customers.

According to Reuters, OpenAI is the clear leader with its 900 million weekly users, but 95% of them are burning tokens (units of AI work) for free, creating nothing but a mountain of memes and losses. Anthropic, meanwhile, has claimed $30 billion in revenue per year, while OpenAI's most recent estimate is $2 billion per month, which is $24 billion per year. However, it is difficult to compare such figures without audited accounts. And perhaps we will see it soon, because both companies are striving to go public this year.

The initial public offerings, by the looks of it, are going to be epic. According to Crunchbase's Unicorn Rankings, OpenAI is now the world's most expensive startup with a valuation of $852 billion, while Anthropic ranks 4th with a valuation of $380 billion.

Since these kinds of postings are usually accompanied by loud media buzz, which is doubly true for the red-hot topic of AI, suspicions naturally arose.

Prominent technoblogger Alex Kantrowitz wonders in his newsletter whether the phrase "most dangerous AIs" has simply become a new way of referring to "most powerful".

Prominent investor Mark Andreessen suggested that Anthropic is holding back the release not because of security - the company simply lacks the capacity to go public.

At least the authorities seem to be taking the problem seriously. The new AI from Anthropic is being discussed in the White House, the US Treasury Secretary and the head of the Fed held a meeting with the CEOs of banks about the risks of the model, in the UK and the EU regulators are also concerned about the problem, Reuters writes.

The British AI Security Institute has confirmed that Mythos is the first model that in 3 out of 10 cases completely solved the 32-step problem of The Last Ones - a simulation of an attack on a corporate network, covering the period from initial reconnaissance to full capture. It would take a human about 20 hours of work to do such a thing. However, they also stipulate that a simulation is a simulation, and these results cannot be used to judge whether the AI can hack into a real, well-protected corporate network without raising the alarm.

Yair Saban, a former employee of Israel's Unit 8200 cyber unit and now CEO of Buzz, told Bloomberg that it took a team of six engineers three weeks to create their own AI-based hacking tool. Similar solutions could quickly emerge from government agencies and criminal groups, he said.

David Lindner, chief information security officer at Contrast Security, told Fortune that while Mythos can help identify a lot of problems, that's not the most important thing.

Besides, he believes that restricting access to Mythos will not solve the problem - the Chinese will make similar AI in 5-6 months, and in a year or two, there will be optensor (publicly available) models of this type.

Especially since Anthropic itself is not ideal in terms of cybersecurity. In fact, the world first learned about Mythos because of a data leak in late March, and in early April, due to human error, more than 500,000 lines of code of their AI agent Claude Code were leaked online, which enthusiasts immediately spread all over the Internet. A post on social network X containing a link to the leaked code garnered more than 29 million views.

And Aisle said it has already replicated many of the Mythos results on small and cheap opencore models, including they found the very same vulnerability in OpenBSD.

All in all, investors will have a difficult choice to make. On the other hand, AI will not be the first human invention that can be useful, dangerous and profitable at the same time. Just think of the history of the invention of dynamite.

This article was AI-translated and verified by a human editor