Anthropic confirmed on Wednesday, April 22, 2026, that it is investigating reports of unauthorized access to its specialized enterprise security model, Claude Mythos Preview. The breach reportedly occurred through a compromised third-party vendor environment rather than a direct infiltration of Anthropic’s core infrastructure. According to an official company statement, there is currently no evidence that the unauthorized activity extended beyond the vendor’s systems or impacted Anthropic’s internal servers.
The incident was first brought to light by Bloomberg, which cited documentation and a live demonstration provided by a member of the group responsible for the access. The group, described as a handful of users in a private Discord forum, reportedly gained entry to the model on the same day Anthropic announced its limited release. Technical details suggest the group identified the model’s online location by analyzing naming conventions used in previous Anthropic releases, a method facilitated by data exposed in a separate breach at the AI startup Mercor earlier this month. One member of the Discord group reportedly held privileged access as a worker for an Anthropic contractor, which further enabled the unauthorized reach.
Claude Mythos, internally codenamed Capybara, is a frontier AI model designed specifically for cybersecurity research. Anthropic has previously described the tool as capable of autonomously identifying and exploiting zero-day vulnerabilities across all major operating systems and web browsers. Due to these high-risk capabilities, the model was restricted to a select group of partners under an initiative known as Project Glasswing. Participating organizations include Amazon, Apple, Cisco, JPMorgan Chase, and Nvidia. The goal of the project is to allow these entities to harden their digital defenses before such powerful AI capabilities become widely available.
The security implications are particularly significant for the Salesforce ecosystem. Cybersecurity analysts noted that the incident highlights an expanding agentic attack surface, where vulnerabilities in third-party contractors or connected AI tools can expose enterprise environments. While the unauthorized group reportedly used Mythos for non-malicious tasks, such as building simple websites to avoid detection, the ease of access has raised concerns among Salesforce architects regarding OAuth grants and external client applications.
In a related development, Mozilla announced the release of Firefox version 150 this week, which includes patches for 271 vulnerabilities identified by an early version of Claude Mythos. While Mozilla stated that elite human researchers could have found these flaws, the speed and volume of the AI-driven discovery underscore the model’s technical potency. Official advisories credited Claude with three specific high-severity CVEs: CVE-2026-6746, CVE-2026-6757, and CVE-2026-6758. Anthropic continues to coordinate with federal officials and security experts to assess the scope of the vendor compromise.