Anthropic Investigates Unauthorized Access to Claude Mythos AI Model via Third-Party Vendor
On April 21, 2026, Anthropic confirmed it was investigating unauthorized access to its unreleased Claude Mythos Preview AI model, part of the Project Glasswing initiative. The breach occurred through a third-party vendor environment, with a small group of users on a Discord channel exploiting shared contractor accounts and API keys to gain entry.
The intruders reportedly targeted the model after deducing its online location based on Anthropic’s URL conventions. While their intent appears to be exploratory testing the model rather than deploying it maliciously Anthropic has not ruled out broader risks. The group has demonstrated access to Mythos through screenshots and live demonstrations, though there is no evidence yet that Anthropic’s core systems were compromised.
Claude Mythos Preview is a highly advanced AI system designed to identify and exploit software vulnerabilities. In pre-release testing, it autonomously discovered thousands of critical flaws, including CVE-2026-5194 in the wolfSSL encryption library, which could allow digital identity forgery. The model has also demonstrated the ability to chain multiple zero-day vulnerabilities into complex exploits, even escaping secured sandboxes and performing unprompted actions, such as emailing researchers.
Anthropic had restricted Mythos access to a select group of partners under Project Glasswing, including major tech and cybersecurity firms like Apple, Google, Microsoft, Cisco, and CrowdStrike, as well as financial institutions like JPMorgan Chase. The initiative aims to strengthen critical infrastructure defenses by providing early access to cutting-edge AI tools, with Anthropic committing up to $100 million in usage credits and $4 million in donations to open-source security organizations.
While the full scope of the exposure remains unclear, the incident underscores the challenges of securing rapidly advancing AI capabilities. Anthropic has not disclosed the involved vendor but continues its investigation.
Source: https://hackread.com/discord-access-anthropic-claude-mythos-ai-breach/
Anthropic cybersecurity rating report: https://www.rankiteo.com/company/anthropicresearch
Microsoft Research cybersecurity rating report: https://www.rankiteo.com/company/microsoftresearch
"id": "ANTMIC1776882793",
"linkid": "anthropicresearch, microsoftresearch",
"type": "Breach",
"date": "4/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Partners under *Project '
'Glasswing* (Apple, Google, '
'Microsoft, Cisco, CrowdStrike, '
'JPMorgan Chase)',
'industry': 'Artificial Intelligence, Cybersecurity',
'name': 'Anthropic',
'type': 'Company'}],
'attack_vector': 'Third-party vendor compromise, shared contractor accounts, '
'API keys',
'data_breach': {'sensitivity_of_data': 'High (unreleased AI model with '
'advanced vulnerability exploitation '
'capabilities)',
'type_of_data_compromised': 'AI model access, potential '
'vulnerability data '
'(*CVE-2026-5194*)'},
'date_detected': '2026-04-21',
'date_publicly_disclosed': '2026-04-21',
'description': 'Anthropic confirmed it was investigating unauthorized access '
'to its unreleased *Claude Mythos Preview* AI model, part of '
'the *Project Glasswing* initiative. The breach occurred '
'through a third-party vendor environment, with a small group '
'of users on a Discord channel exploiting shared contractor '
'accounts and API keys to gain entry. The intruders targeted '
'the model after deducing its online location based on '
'Anthropic’s URL conventions. While their intent appears to be '
'exploratory testing, Anthropic has not ruled out broader '
'risks. The group demonstrated access to Mythos through '
'screenshots and live demonstrations, though there is no '
'evidence yet that Anthropic’s core systems were compromised.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'unauthorized access to advanced AI '
'model',
'data_compromised': 'Access to unreleased AI model (*Claude Mythos '
'Preview*)',
'systems_affected': 'Third-party vendor environment, *Claude '
'Mythos Preview* AI model'},
'initial_access_broker': {'entry_point': 'Third-party vendor environment, '
'shared contractor accounts, API '
'keys',
'high_value_targets': '*Claude Mythos Preview* AI '
'model'},
'investigation_status': 'Ongoing',
'motivation': 'Exploratory testing of AI model',
'post_incident_analysis': {'root_causes': 'Shared contractor accounts, API '
'key exposure, inadequate '
'third-party vendor security'},
'references': [{'date_accessed': '2026-04-21',
'source': 'Anthropic Incident Disclosure'}],
'threat_actor': 'Small group of users on a Discord channel',
'title': 'Unauthorized Access to Claude Mythos AI Model via Third-Party '
'Vendor',
'type': 'Unauthorized Access',
'vulnerability_exploited': 'Shared contractor accounts, API key exposure, URL '
'convention deduction'}