Bruce Schneier, a longtime cybersecurity expert, is pushing back on claims that Claude Mythos Preview marks a breakthrough in offensive cyber capabilities. He argues recent results may overstate how close AI is to real-world attacks.
“This is very much a PR play by Anthropic—and it worked. Lots of reporters are breathlessly repeating Anthropic’s talking points without engaging with them critically,” Schneier wrote Monday.
He said AI systems are already “superhumanly good at finding, exploiting, and patching vulnerabilities,” but questioned both Anthropic’s motives and the novelty of Mythos Preview.
By declining to release the model over its “scary” capabilities, Schneier argues, Anthropic generated widespread media coverage. He noted rival OpenAI quickly followed with its own “just as scary” unreleased model.
His implication: Both companies may be using safety concerns, in part, to boost prestige in the AI race.
Still, Mythos-class models are widely seen as force multipliers for offensive workflows. On social media, policy analyst Robert Wiblin and AI researcher Joshua Fonseca called recent AISI results a potential “step change,” especially in chaining vulnerabilities and automating exploit paths.
Schneier does not dispute progress. He argues the capabilities are not yet unique.
He cited security firm Aisle, which replicated similar vulnerabilities using older, cheaper public models. For now, defenders retain the advantage because AI is better at identifying and patching flaws than turning them into working attacks. That edge may shrink as more powerful models become widely available.
The debate comes as new attention builds around benchmark results and Anthropic’s Project Glasswing. Research published Monday by the U.K. AI Security Institute found Mythos Preview solved 73% of capture-the-flag challenges—multi-step exercises designed to simulate real-world exploits.
“On expert-level tasks—which no model could complete before April 2025—Mythos Preview succeeds 73% of the time,” AISI wrote.
He agrees that the “sea change” in AI offensive capabilities is inevitable and that we are moving toward an age of instant software where exploits will be “dime-a-dozen.”
“Everyone who is panicking … is correct about the problem,” he wrote. “Maybe the sea change just happened. Maybe it happened six months ago. Maybe it’ll happen in six months. It will happen—and sooner than we are ready for.”
