Anthropic's Claude Mythos Preview recorded a 73 percent success rate in an expert-level cybersecurity assessment and was rated the first artificial intelligence (AI) model to complete a simulated corporate network attack.

On April 14 (local time), blockchain outlet BeInCrypto reported that the UK government's AI Security Institute (AISI), part of the Department for Science, Innovation and Technology, said in an assessment released recently that the model showed meaningful performance on expert-level hacking tasks that existing AI could not solve.

The assessment came shortly after Anthropic announced Claude Mythos Preview on April 7. Anthropic has not yet released the model to the general public and is providing it on a limited basis only to some security research firms. In a statement, the company said the model performed particularly well on computer security tasks and said it launched Project Glasswing to make the world's most important software safer and prepare the responses needed by industry.

The assessment was conducted in two stages. First, in a capture-the-flag (CTF) evaluation that involves finding vulnerabilities and securing hidden flags, Claude Mythos Preview posted a 73 percent success rate on expert-level tasks. AISI said no model had passed the evaluation before April 2025.

Another evaluation was a 32-step enterprise network attack simulation known as the "Terminal Level Operator" (TLO). It is a task that takes human security experts about 20 hours. Claude Mythos Preview completed the full procedure in 3 of 10 attempts and averaged 22 steps out of 32. By comparison, Claude Opus 4.6 averaged 16 steps.

Researchers cautioned against generalising the results as a real-world threat. They said success in a specific cyber range means the model already has network access rights and has the minimum capability to autonomously attack small-business systems with weak defences. They added that the test environment differs because it was designed to be an easier target than reality.

Anthropic also released results from its own internal checks. The company said that, if users explicitly instructed it, Claude Mythos Preview could detect and exploit zero-day vulnerabilities across major operating systems and leading web browsers. It added that disclosing details would be irresponsible because more than 99 percent of the vulnerabilities it found have not yet been patched.

The model is still available only on a limited basis, but it is already drawing attention in the technology industry and in policy circles. Reuters, citing multiple sources, reported that U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell held an emergency meeting with chief executives of major banks and warned of risks related to the model.

AISI also presented priority response steps for companies. It said firms should first strengthen basic security measures such as regular patching, strict access controls, tighter security settings and comprehensive logging. How quickly AI models' attack capabilities will affect real-world settings, and how fast companies will tighten defences during a limited release phase, are expected to be key points to watch.