Claude Mythos: Let’s unravel the noise, focus on the risk

Since the start of April 2026, there has been a wave of concern and speculation around the risk exposure of Claude Mythos. Headlines have ranged from measured to alarming, with some commentators positioning Claude Mythos Preview as a watershed moment in offensive AI capability.

Our view is more balanced: it is significant, but not to the extent much of the coverage suggests. The real issue lies in the gap between hype and reality, precisely where organisations need clear, practical insight to respond effectively.

What the independent evidence actually shows

The UK Government's AI Security Institute (AISI) evaluated Mythos Preview and published its findings. The results are notable, but more nuanced than the media framing suggests.

On capability, the advances are real. Mythos can work through complex, multi-stage attacks on corporate systems, the kind that previously required a skilled human attacker to plan and execute step by step. It succeeded in nearly three quarters of expert-level challenges, compared to no models completing these tasks a year ago. This represents a meaningful shift in what automated systems can do and should not be dismissed.

At the same time, the limitations are equally important. Mythos could not successfully attack industrial control systems. The AISI stopped short of concluding it could breach a well-defended enterprise environment. The version tested also included safety restrictions, which materially reduce its offensive capability.

There is also a legitimate sceptical view: AI companies have historically used capability warnings as a form of marketing. Anthropic's brand is built on safety, and a model described as too dangerous to release generates attention that a quietly released model does not.

The cyber risk implications

One of the less-discussed consequences of Mythos is the uneven distribution of access to the model and its safety findings. Project Glasswing was initially structured around a defined group of US technology companies and has only recently extended to a small number of UK banks. As a result, most organisations globally have had no direct exposure to the model, its capabilities, or its documentation.

This creates a practical challenge for security teams and their advisers. Assessing exposure to a new threat requires a clear understanding of it. Many organisations in Europe and elsewhere are currently making risk judgements based on media coverage and second-hand analysis rather than direct evaluation. National cybersecurity agencies have begun to issue guidance, but its depth is inherently constrained without direct access to the systems being assessed.

A further dimension, often under-addressed, is supply chain exposure. Even where an organisation’s own systems are well-defended, Mythos capabilities can be applied to the software, infrastructure and services they depend on. Boards and CISOs should be challenging whether key suppliers are engaged in vulnerability remediation efforts, and whether contractual obligations and vendor assurance processes around patching timelines remain fit for purpose.

Regulatory deadlines add further pressure. The EU AI Act's systemic risk enforcement provisions come into force on 2 August 2026, alongside the Cyber Resilience Act's mandatory security requirements for digital products. Organisations without documented AI governance frameworks face both a security gap and a compliance gap simultaneously, although the EU’s Digital Omnibus proposal may provide some breathing room to implement controls beyond the August deadline.

What CEOs, CIOs and CISOs should be asking right now

The core leadership question is not whether AI is a “superweapon”, but whether the tempo of the threat environment has changed enough that current security postures are no longer adequate.

A more fundamental question may sit beyond Mythos itself: why so many well-run organisations already feel behind. This is not due to negligence, but because the assurance models they rely on were designed for a different pace of risk. What Mythos highlights is that time has become a governance risk in its own right—one that traditional frameworks, operating models and assurance cycles were not built to manage.

Five priorities for leadership teams now:

• Treat patching as a board-level performance metric: Over 45% of vulnerabilities in large organisations remain unpatched after 12 months. The issue is rarely awareness, but the coordination between IT, security and business teams. Boards should have clear visibility of mean time to patch, the blockers that extend it, and whether remediation controls are fit for today’s threat pace.
• Plan for zero-day exposure: AI-driven discovery will dramatically increase the rate at which zero-day vulnerabilities are identified. In these scenarios, patching speed is no longer decisive—resilience, rapid detection and containment become critical. Organisations should assess whether their security architecture can operate effectively without a patch-first model.
• Update threat models for AI-enabled adversaries. The near-term threat is not Mythos itself: access is tightly restricted. It is the capability trajectory. Comparable, publicly available models are estimated to be 3 to 22 months behind, with no access controls and no safety training. CrowdStrike's 2026 Global Threat Report already records an 89% year-on-year increase in AI-assisted attacks. Threat models that do not account for AI-enabled adversaries are already outdated.
• Review supply chain exposure. Ask whether key suppliers and managed service providers have visibility of their own exposure to Mythos-class vulnerability discovery. Review contractual patch obligations and third-party security assurance processes. The vulnerabilities most likely to be exploited first are those in shared infrastructure and widely deployed third-party software.
• Close the AI governance gap before August 2026. The EU AI Act and Cyber Resilience Act introduce near-term obligation. Organisations without documented AI governance frameworks face both a security gap and a compliance gap - this is a current risk, not a future one.

How can we help

Mythos is a prompt for internal honesty. The bar for what constitutes a credible simulated attacker has risen, and our consulting and audit practices are evolving to reflect this shift.

We are supporting clients in moving from periodic security testing to more proactive, continuous penetration testing and red teaming, with AI augmentation embedded so simulated attackers reflect today’s capabilities. Engagements are increasingly focused on testing detection and containment, as much as perimeter defences, recognising that in a zero-day scenario the key question is how quickly a breach is identified and controlled.

For organisations where manual patching cycles are creating unacceptable exposure, we are also advising on more automated patching frameworks, reducing the time between vulnerability discovery and remediation, and addressing the coordination challenges that often leave known vulnerabilities unaddressed for too long.

Final remark

Claude Mythos does not represent the arrival of an AI superweapon. Rather, it highlights that the pace of AI capability development has materially outrun the governance infrastructure around it globally, particularly within the EU. That is the assessment most coverage has overlooked, and the one that matters most for business leaders.

There is a window for organisations to act, but it will not remain open for long.

Key takeouts

• AI-enabled cyber threats are increasing in speed and sophistication
• Patching and vulnerability management require board-level oversight
• Supply chain exposure is a critical but under-addressed risk
• Organisations must adapt threat models to AI-enabled adversaries
• Regulatory timelines increase urgency for robust AI governance