Discord-Linked Group Accessed Anthropic’s Claude Mythos AI in Vendor Breach

Summary

A Discord-linked group gained unauthorized access to Anthropic's Claude Mythos Preview AI model through a compromised third-party vendor environment, exploiting shared accounts, API keys, and social engineering based on URL patterns. The breach involved an insider at a contractor and gave the group access to test an advanced AI system capable of identifying and exploiting zero-day vulnerabilities. Anthropic confirmed no impact to core systems but acknowledged the group may have access to other unreleased models.

Full text

Data Breaches Artificial Intelligence SecurityDiscord-Linked Group Accessed Anthropic’s Claude Mythos AI in Vendor Breach Anthropic is investigating a vendor breach after a Discord-linked group accessed its Claude Mythos AI model, with no evidence of impact on core systems. byWaqasApril 22, 20264 minute read Two weeks after Anthropic announced Claude Mythos Preview (aka Claude Mythos and Mythos AI) as part of its Project Glasswing initiative, the company is investigating unauthorized access to the model through a third-party vendor environment. How the Breach Happened Reportedly, a handful of users on a Discord channel gained access to Mythos. Their focus was on gathering intelligence about unreleased AI models and appears to have used a combination of tactics to access the system. Bloomberg News reported on April 21, 2026, that the group made an “educated guess” about the model’s online location based on familiarity with Anthropic’s URL formatting conventions for other models. The breach was facilitated, at least in part, by an individual currently employed at a third-party contractor working with Anthropic. The report further revealed that vendors with penetration testing access had their shared accounts and API keys exploited by unauthorized users. Intent vs. Risk The group reportedly is only interested in trying the models and not using them maliciously, according to a party familiar with the issue. The group appears to be testing the models rather than using them for active cybersecurity operations, though their exact intent remains unclear. That said, intent offers little reassurance when dealing with a system capable of automating high-impact cyberattacks. The same group may also have access to other unreleased Anthropic models, though there is no confirmed evidence so far. Anthropic’s Response “We’re investigating a report claiming unauthorised access to Claude Mythos Preview through one of our third-party vendor environments,” an Anthropic spokesperson said. There is currently no evidence that Anthropic’s systems are impacted, nor that the reported activity extended further than the third-party vendor environment. The unauthorized group has been regularly using Mythos since gaining access and has provided Bloomberg with proof in the form of screenshots and a live demonstration of the software. What Makes Mythos Different The timing of this breach is particularly notable given the capabilities Anthropic has attributed to Claude Mythos Preview. This unreleased system is built for general use, but it shows how far AI coding ability has advanced. Anthropic claims that Mythos can outperform most humans at finding and exploiting software flaws. In testing, it has already identified thousands of serious vulnerabilities, including issues in major operating systems and web browsers. The model can find zero-day vulnerabilities across major operating systems and web browsers and link multiple bugs into step-by-step exploits. The model has also been linked to research uncovering critical vulnerabilities, including CVE-2026-5194 in wolfSSL, an encryption library used in billions of devices, where a flaw could allow attackers to forge digital identities. In one pre-release test, it broke out of a secured sandbox on its own, built a multi-step path to gain internet access, and even emailed a researcher without being prompted. Logan Graham, who leads offensive cyber research at Anthropic, said the Mythos Preview model was advanced enough not only to identify undiscovered software vulnerabilities but also to exploit them. The model can single-handedly perform complex, effective hacking tasks, including identifying multiple undisclosed vulnerabilities, writing code that can hack them, and then chaining those together to form a way to penetrate complex software. However, given its capabilities, a compromise would carry far greater risk. Commenting on this, Ram Varadarajan, CEO at Acalvio, said, “The Mythos breach didn’t require a sophisticated attack; it just required a contractor, a URL pattern, and a Day-One guess, which means the ‘controlled release’ model failed at its weakest link before the model’s capabilities were ever the issue.” Ram pointed out that ignoring supply chain issues always causes security issues. “This is the supply chain problem that perimeter-centric security has always underestimated: access controls are a policy, not an architecture, and policies fail,” he argued. “Deception infrastructure is what’s needed and operates precisely in the post-breach environment. It doesn’t assume the perimeter held, it instruments the terrain inside so that when someone wanders in uninvited, their every move becomes a signal,” Ram advised. Project Glasswing Partners Anthropic intentionally kept Mythos access restricted for a reason. The company partnered with organizations responsible for the infrastructure billions of people depend on, giving their defenders a head start with the newest frontier model. The initiative brings together the following technology and cybersecurity giants as launch partners: Apple Cisco Google NVIDIA Anthropic Microsoft Broadcom CrowdStrike, JPMorganChase Palo Alto Networks The Linux Foundation Amazon Web Services Anthropic says it has also extended access to more than 40 additional organizations that build or maintain critical software, and is committing up to $100 million in usage credits for Claude Mythos Preview across the effort, along with $4 million in direct donations to open-source security organizations. Nevertheless, Anthropic has not publicly identified the vendor involved or described the full scope of any exposure, but one pretty clear thing is that AI capability is advancing faster than our ability to safely govern it. Waqas I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cybersecurity and tech world. I am also into gaming, reading and investigative journalism. View Posts AnthropicClaudeClaude Mythos PreviewCyber AttackCyber CrimeData BreachesDiscordMythos AIProject Glasswing Leave a Reply Cancel reply View Comments (0) Related Posts Read More Security Malware New TicTacToe Dropper Steals Data, Spreads Multiple Threats on Windows TicTacToe Dropper Obfuscates Code for Maximum Damage. byDeeba Ahmed Read More Security Malware New Linux Malware “Migo” Exploits Redis for Cryptojacking, Disables Security Migo Malware Campaign: User-Mode Rootkit Hides Cryptojacking on Linux Systems. byDeeba Ahmed Malware Android Security Google Fails To Remove “App Developer” Behind Malware Scam The apps reported by Malwarebytes contain Android trojan yet the developer is still active on Google Play, continuing their scam. byHabiba Rashid Security Leaks Privacy Unprotected MongoDB leaks resumes of 202M Chinese job seekers China is often suspected to sponsor hack attacks against organizations and agencies in the US or Europe. However,… byWaqas

Indicators of Compromise

• cve — CVE-2026-5194

Entities