Buried near the end of an update from Anthropic on Project Glasswing, its effort to help vendors secure critical software from AI models capable of autonomously exploiting security vulnerabilities, is a statement that customer experience leaders should take seriously.
“[I]n the near future, once we’ve developed the far stronger safeguards we need, we look forward to making Mythos-class models available through a general release.”
Claude Mythos Preview is Anthropic’s unreleased frontier AI model, which it announced on April 7. Unlike general-purpose AI assistants, the startup says the model can perform complex multi-step tasks at a level beyond publicly available AI systems. That includes autonomously analyzing large codebases, identifying exploitable software vulnerabilities that have not been uncovered for decades and constructing potential exploits, which is why access has so far been limited to a small group of trusted partners through the Project Glasswing initiative.
Anthropic had previously stated that given the security implications, “[w]e do not plan to make Claude Mythos Preview generally available, but our eventual goal is to enable our users to safely deploy Mythos-class models at scale.”
The fact that in the following month the timeline appears to have accelerated from “eventual” to “near future” should concern customer experience leaders.
Anthropic is signaling that frontier AI models with highly advanced cyber capabilities are already operational internally and may eventually become broadly accessible.
It took vulnerability researchers at Calif just five days to build the first working public macOS kernel memory corruption exploit on Apple M5 using Mythos Preview. Apple had spent five years building its hardware-assisted memory safety system Memory Integrity Enforcement (MIE). Calif stated in a blog post:
“Mythos Preview is powerful: once it has learned how to attack a class of problems, it generalizes to nearly any problem in that class… This work is a glimpse of what is coming. Apple built MIE in a world before Mythos Preview. We’re about to learn how the best mitigation technology on Earth holds up during the first AI bugmageddon.”
Mythos Raises Fears of Uneven AI Cybersecurity Divide
Even though Anthropic said that safeguards are not yet strong enough for public release, it is clearly pushing in that direction. The transition period between limited access and wider availability may become one of the most dangerous phases for enterprise security teams, especially those responsible for customer-facing systems.
The unreleased model has already caused alarm, with the Japanese finance ministry and major commercial banks reportedly considering actively shutting down financial systems as an option to respond to possible AI-enabled cyberattacks. The government and the three major banks, MUFG Bank, Sumitomo Mitsui Banking and Mizuho Bank, are working to gain access to Mythos to prepare their cybersecurity defenses.
The IMF has warned that Mythos and other advanced AI models “could destabilize the financial system” and noted that: “Emerging and developing countries, which often have more severe resource constraints, may be disproportionately exposed to attackers targeting regions with weaker defences.”
Anthropic revealed that the unreleased Claude Mythos Preview has helped its 50 partners identify more than 10,000 high- or critical-severity vulnerabilities across critical software systems in the past month.
“Progress on software security used to be limited by how quickly we could find new vulnerabilities. Now it’s limited by how quickly we can verify, disclose, and patch the large numbers of vulnerabilities found by AI.”
Anthropic appears to be making a broader strategic argument, that the same AI systems capable of rapidly identifying vulnerabilities can also help organizations fix them faster. The company has positioned Mythos and its related security tooling as part of the solution, arguing that AI-assisted patching and remediation could harden software ecosystems. But that approach carries significant risks.
That Anthropic has restricted access to a handful of partners has raised concerns among regulators and organizations outside the U.S. The technology providers, infrastructure operators and financial institutions in Project Glasswing have the resources to quickly deploy advanced AI-assisted security tools and dedicated remediation teams. But smaller enterprises, public-sector organizations, healthcare providers and midmarket customer experience operations may not have the same capacity to absorb a sudden surge in discovered vulnerabilities or accelerate patch cycles.
If Mythos-class capabilities become more widely available before the broader ecosystem is prepared, the result could be a widening security gap.
Why Customer Experience Platforms Are Now Prime Targets
Modern customer operations rely on sprawling ecosystems of interconnected software. Contact centers, CRM platforms, customer identity systems, payment workflows, messaging channels, conversational AI tools and workforce management platforms all depend on layers of third-party and open-source software that organizations only partially control.
Anthropic’s update indicates that the capabilities to attack those systems are changing rapidly, at a time when financial crime prevention is becoming a frontline customer experience issue.
The company described how Project Glasswing partners are finding vulnerabilities at rates that would have been difficult to imagine even a year ago. Some organizations reportedly increased their bug-finding rates by more than tenfold. “Cloudflare has found 2,000 bugs (400 of which are high- or critical-severity) across their critical-path systems, with a false positive rate that Cloudflare’s team considers better than human testers.” And, “Mozilla found and fixed 271 vulnerabilities in Firefox 150 while testing Mythos Preview—over ten times more than they found in Firefox 148 with Claude Opus 4.6.”
Anthropic’s broader point is that finding vulnerabilities is no longer the hard part. Fixing them is.
But the reality that Mythos and potentially other AI models are discovering vulnerabilities faster than enterprises can patch them has significant implications for CX environments, where operational continuity often competes directly with aggressive patching schedules.
Customer operations teams are typically measured on uptime, responsiveness and seamless experiences. Security remediation can introduce friction, downtime risk or integration complications, particularly inside legacy environments supporting large-scale customer interactions. The result could be a growing backlog of exploitable weaknesses across customer-facing infrastructure.
Anthropic’s discussion of open-source software makes the challenge even more concerning. The startup said Mythos Preview uncovered thousands of vulnerabilities across more than 1,000 open-source projects, including flaws in widely used cryptographic software.
Maintainers of open-source software have already reported being deluged with low-quality, AI-generated bug reports from bounty hunters looking for rewards. Mythos is adding to that workload with legitimate reports of flaws that need to be patched.
“Indeed, several maintainers have told us they’re currently severely capacity constrained, and some have even asked us to slow down our rate of our disclosures because they need more time to design patches. (On average, a high- or critical-severity bug found by Mythos Preview takes two weeks to patch.)”
This creates exposure well beyond internally managed systems. Even enterprises with mature security operations remain dependent on vendors, software maintainers, cloud providers and infrastructure partners operating at human speed while AI accelerates vulnerability discovery.
Anthropic’s Timeline Changes the Conversation for CX Leaders
At the same time, customer operations are becoming increasingly AI-dependent. Enterprises are embedding AI copilots, automated service workflows, conversational agents, real-time personalization engines and generative knowledge systems throughout the customer journey. Those initiatives are frequently tied to efficiency mandates and cost reduction targets.
Anthropic’s update indicates that AI expansion and AI-enabled cyber risk are accelerating simultaneously.
The company’s own recommendations were notably basic: shorten patch cycles, accelerate deployment timelines, harden default configurations, strengthen multi-factor authentication, and improve detection and response practices. None of those ideas are new, but the urgency surrounding them has changed.
Cybersecurity resilience needs to extend beyond the domain of infrastructure and security teams. Customer operations increasingly represent a primary attack surface because they combine sensitive customer data, real-time communications, authentication flows and AI-driven automation in highly interconnected environments.
Anthropic cited an example of a partner bank using Mythos Preview to help “detect and prevent a fraudulent $1.5MN wire transfer after a threat actor compromised a customer’s email account and made spoof phone calls,” illustrating how customer interactions are becoming focal points for AI-assisted attacks and defenses.
The larger strategic concern is that many enterprises may still be operating on outdated assumptions about the maturity timeline of offensive AI capabilities. Anthropic’s disclosure indicates that they are already affecting disclosure workflows and vulnerability management across major technology ecosystems.
And if Anthropic releases Mythos-like models “in the near future,” as its statement indicates, this pressure is unlikely to remain confined to a small group of frontier labs and carefully selected partners for long. The window for CX leaders to prepare may already be narrower than expected.
