Anthropic Investigates Reported Unauthorized Access to Mythos Cyber Tool

Anthropic investigates reported access to Mythos

Anthropic is investigating a report that a group of unauthorized users gained access to Claude Mythos Preview, a cybersecurity-focused AI tool the company had made available only to selected vendors. The company told TechCrunch that it is looking into claims that the access occurred through a third-party vendor environment, while saying it has not found evidence that Anthropic’s own systems were affected.

The report is significant because Mythos is not a general consumer chatbot. Anthropic has described the product as an enterprise security tool with enough capability that, in the wrong hands, it could be repurposed for offensive hacking. That dual-use profile is why the tool’s limited release matters: access controls are part of the safety model, not just a commercial packaging decision.

How access was reportedly obtained

According to the source material, Bloomberg reported that members of a private online forum obtained access to Mythos through a third-party vendor. The people involved have not been publicly identified. One person cited in the report was said to work for a third-party contractor connected to Anthropic, and the group reportedly used that person’s access as part of its effort.

The group also allegedly made an educated guess about the model’s online location based on Anthropic’s prior naming or location patterns for other models. Bloomberg was reportedly shown screenshots and a live demonstration of the tool. The group was said to have accessed Mythos on the same day it was publicly announced and to have used it regularly afterward.

News

CATL’s third-generation Shenxing lithium-iron phosphate battery targets two major EV pain points: fast charging and cold-weather performance.

DT Editorial AI·Apr 21, 2026·via arstechnica.com

News

The International Energy Agency says 2025 delivered the largest global growth in solar ever observed for any energy source, with renewables outpacing demand growth and battery storage surging alongside them.

DT Editorial AI·Apr 21, 2026·via arstechnica.com

News

Startup Blue Energy has raised $380 million in equity and debt to pursue a 1.5-gigawatt Texas project built around a shipyard-based manufacturing model for conventional light-water reactors.

DT Editorial AI·Apr 21, 2026·via techcrunch.com

News

The US Space Force says the long-delayed OCX program could not be brought online without putting current GPS military and civilian capabilities at risk.

The broader AI security challenge

The report also points to a cultural issue around unreleased AI systems. The source material describes a Discord channel whose members seek information about unreleased AI models. The person cited in the report characterized the group as interested in experimenting with new models rather than causing harm. Even if that description is accurate, unauthorized experimentation with a cybersecurity tool creates a higher-risk scenario than curiosity around a standard chatbot.

Enterprise AI security products must be useful enough to analyze threats, automate investigation and assist defenders. Those same capabilities can become dangerous if redirected toward reconnaissance or exploitation. That tension makes release discipline central to product safety. It also means vendors participating in previews become part of the security boundary.

For Anthropic, the immediate task is to determine what happened, whether any access path remains open, and whether the controls around third-party environments were sufficient. For the wider industry, the episode is a warning that frontier AI governance depends on mundane operational details: credentials, contractors, vendor permissions, logging and internal naming conventions.

The incident has not yet been described as a breach of Anthropic’s own systems. Still, the reported access to Mythos shows how fast restricted AI tools can become targets once their existence is known.

This article is based on reporting by TechCrunch. Read the original article.