Claude Mythos: Breakthrough in Cyberattack Simulations

Revision of AISI Forecasts

The British Institute for AI Security (AISI) has recently adjusted its forecasts regarding the evolution of the cyber capabilities of artificial intelligence models. Initially, AISI had predicted a doubling of capabilities every eight months. However, this estimate has been revised to 4.7 months, reflecting a significant acceleration in technological progress. This revision is partly due to the remarkable performances of models like Claude Mythos Preview from Anthropic and GPT-5.5 from OpenAI, which have already surpassed these new forecasts.

In November 2025, the agency estimated that cyber capabilities doubled every eight months. But by February 2026, this figure was revised to 4.7 months. Claude Mythos Preview and GPT-5.5 have now "substantially exceeded" even this accelerated timeline. It remains to be seen whether this represents a new trend or a one-time leap.

Performance of Claude Mythos Preview

In simulations conducted by AISI, Claude Mythos Preview demonstrated an impressive ability to execute complex attacks. In a 32-step attack simulation on a corporate network, the model succeeded in six out of ten attempts. This performance is particularly noteworthy given that human experts would take about 20 hours to accomplish such a task. Additionally, Claude Mythos Preview was the first model to successfully complete a simulation of an industrial control system, achieving three successes out of ten attempts.

The most significant advancements were observed in AISI's cybersecurity ranges, which are complex attack simulations designed to test hacking capabilities in the real world. One range simulates a 32-step attack on a corporate network that human experts would take about 20 hours to complete, according to AISI. The latest checkpoint of Mythos Preview completed the full attack in 6 out of 10 attempts. This checkpoint has also been deployed with partners. The previously tested Mythos version only succeeded in 3 out of 10 attempts.

Advances in Cybersecurity Simulations

The model also solved "Cooling Tower," a simulation of an industrial control system, in 3 out of 10 attempts. No other model had ever succeeded in this simulation, including the previous version of Mythos. AISI stated, "The direction is clear: cyber capabilities are advancing rapidly, and recent models represent a significant leap over their predecessors." The agency is already building more challenging assessments with active defenses to keep pace with technology.

Evaluation by XBOW

The offensive security company XBOW independently tested Mythos Preview with a team of ten experts. The model represents "a major breakthrough" and shows "unprecedented accuracy" in detecting vulnerabilities, the company stated. Compared to Opus 4.6 from Anthropic, Mythos Preview reduced false negatives by 42%. With additional access to the source code, this reduction reached 55%.

According to XBOW, Mythos Preview's greatest strength lies in source code analysis. "This was the first instance of a theme that would reappear again and again: Mythos Preview is impressive at writing code, but even more impressive at reading it," the report states. The model even found vulnerabilities in Chromium's V8 sandbox, an area where previous models had only produced false positives.

However, XBOW's evaluation also highlighted the limits of this strength. Access to a functioning system is often more important than access to the source code, as many vulnerabilities only emerge from configuration, dependencies, or interaction between individually secured components.

Even on benchmarks where the vulnerability existed solely in the code, the removal of access to the live system hindered performance more than the removal of access to the source code. Mythos Preview reads code exceptionally well but still relies on interaction with live systems to reach its full potential.

Cost and Efficiency

The high cost of Claude Mythos Preview, five times that of an Opus model, raises questions about the balance between performance and cost. XBOW suggests that while Mythos Preview is effective for specific tasks, other solutions, such as GPT-5.5, could offer comparable results at a lower cost. When normalized against estimated operating costs, Mythos Preview "is not terribly inefficient, at least if you desire high accuracy, but it is not the best in its class on our benchmarks," writes XBOW. The alternative would be to give more time to a GPT-5.5-powered agent. Often, this yields equivalent or better results at a lower cost.

"The best option depends on the use case; often, it's the latter," writes XBOW. The company recommends deploying a "model framework" rather than betting on a single one. Mythos Preview delivers excellent results on pure vulnerability detection tasks (e.g., web, V8 sandbox) but shows weaknesses on more complex judgment tasks, where it only scores "Mediocre" or "Passable" in certain categories.

Perspectives and Policy Implications

Logan Graham, who leads the red-teaming around the Glasswing project at Anthropic, put the results into perspective: Glasswing partners used Mythos Preview to find "thousands of estimated high + critical severity vulnerabilities" in just a few weeks, "sometimes double what they would normally find in a year."

But Graham emphasized that this is not about promoting a single model. "In a year, Mythos will probably look quite foolish (compared to other new models)." The real message, he said, is to prepare for a world where models are "better, faster, cheaper, and more creative than some of the best human experts in dual-use capabilities." Other providers may release accessible or unsecured models with performance equivalent to that of Mythos.

Anthropic introduced Claude Mythos in early April and restricted access to about 50 companies, officially for security reasons. Some critics have labeled these restrictions as exaggerated or dismissed them as a publicity stunt. The truth likely lies somewhere in between: Claude Mythos may not be an unprecedented exceptional case, but it is the first publicly announced model of its kind with significantly advanced cyber capabilities that go well beyond what was previously known.

This creates pressure to act across the software industry and in politics. The U.S. government is closely examining Claude Mythos and is already testing the model, while Anthropic is blocking access for China and apparently for the EU as well. OpenAI has at least contacted the EU to discuss early access to GPT-5.5-Cyber. In any case, the situation highlights how much the European Union depends on the goodwill of major American tech companies, primarily because comparable European products do not exist.