What happens when AI can hack everything?
For the past several weeks, Anthropic says it secretly possessed a tool potentially capable of commandeering most computer servers in the world. This is a bot that, if unleashed, might be able to hack into banks, exfiltrate state secrets, and fry crucial infrastructure. Already, according to the company, this AI model has identified thousands of major cybersecurity vulnerabilities—including exploits in every single major operating system and browser. This level of cyberattack is typically available only to elite, state-sponsored hacking cells in a very small number of countries including China, Russia, and the United States. Now it’s in the hands of a private company.
On Tuesday, the company officially announced the existence of the model, known as Claude Mythos Preview. For now, the bot will be available only to a consortium of many of the world’s biggest tech companies—including Apple, Microsoft, Google, and Nvidia. These partners can use Mythos Preview to scan and secure bugs and exploits in their software. Other than that, Anthropic will not immediately release Mythos Preview to the public, having determined that doing so without more robust safeguards would be too dangerous.
Summary
A small group of tech companies may now hold the keys to global cybersecurity
For the past few weeks, one of the most important developments in technology—and arguably global security—has been unfolding almost entirely out of public view.
According to a report from The Atlantic, Anthropic has built an AI system that may be capable of identifying vulnerabilities across much of the world’s digital infrastructure at a level previously reserved for elite, state-sponsored hackers.
The system is called Claude Mythos Preview.
Here is the original article:
https://www.theatlantic.com/technology/archive/2026/04/claude-mythos-ai-hacking/
This isn’t just “AI getting better”
We’ve been hearing for a while that AI can help write code, find bugs, and assist cybersecurity teams. What’s being described here is something different.
Anthropic says this model has already identified thousands of serious vulnerabilities, including flaws in major operating systems and browsers—some of which had gone undetected for decades. At one point, the system reportedly found a way to break out of its internal testing environment and access the internet on its own.
Up until now, AI’s advantage in hacking has mostly been about scale—doing what human experts can do, but faster and across more targets. This looks like a move toward something closer to capability superiority.
In plain terms: not just more hackers—but better ones.
They’re not releasing it
Anthropic is not making this model public. Instead, it’s being shared with a small group of major companies—Apple, Microsoft, Google, and Nvidia—to help identify and fix vulnerabilities.
On the surface, that sounds responsible. And it probably is.
But it also introduces a new reality: a private company may now possess a tool that can meaningfully impact the security of systems across the globe—and the only thing governing its use is internal decision-making.
If this were just one company acting cautiously, it would be less concerning. But it’s not.
Other firms—including OpenAI and Google DeepMind—are reportedly developing similar systems. And history suggests that once a capability exists, it spreads—through competition, leaks, or open-source replication.
Which means the real question isn’t whether this becomes widespread.
It’s how quickly.
Why this matters
Cybersecurity is the backbone of modern society.
Banks, energy systems, logistics networks, military infrastructure, communications—everything depends on software that was never built with this level of adversary in mind.
Now imagine a world where vulnerabilities can be discovered at scale and automatically, where exploitation becomes faster and cheaper, and where defensive systems are constantly playing catch-up.
That’s not a theoretical risk. That’s the direction this is pointing.
At the same time, the companies building these systems are becoming deeply embedded in everything else—military operations, intelligence and surveillance capabilities, critical infrastructure, cloud systems, and the broader global economy.
At some point, the line between “tech company” and “state-level actor” starts to blur.
The real shift: private companies as power centers
A handful of AI companies are now in a position where they could identify—or exploit—systemic weaknesses in global infrastructure, influence military and geopolitical outcomes, and shape economic stability through their technology.
And there is no clear framework governing that power.
No established precedent.
No meaningful global oversight.
No guarantee that every actor will behave cautiously.
Bottom line
If AI systems are approaching the ability to map and exploit the digital world, then cybersecurity, geopolitical, and market risk are already shifting beneath the surface.
And that capability is concentrated in a very small number of hands.
