Expanding Project Glasswing

6/2/2026 at 2:43:23 PM

In case the topic of memory safety is interesting to anyone I've been experimenting with using AI agents to port common web infra projects to safe/ performant Rust. Somewhat inspired by the Bun port - was thinking that at some point memory safety might be such a big deal that people just need drop in replacements.

- Valkey/ Redis port here https://github.com/ianm199/valdr (passes ~99% of single node test suite, real prod features like replication/ clustering/ HA early or not implemented) - Further along port of Lua 5.1-5.5 https://github.com/ianm199/lua-rs-port/tree/main - I have a less developed nginx version that would be the north star - These projects are very alpha at the moment

If anyone is interested in getting involved in this or has done similar experiments I'd love to collaborate! There is so much variation in how you can run these large scale agent fleets I don't think anyone has a perfect system yet.

by ianm218

6/2/2026 at 5:25:50 PM

Respectfully, as an OSS maintainer (not to the scale of nginx or valkey, of course)... if a third-party used an AI agent to rewrite my software in a different language, that gives me absolutely no reason to support that new project.

It is in all respects foreign code in a language I may or may not be familiar with, and worse yet, if I were to take over, I'd be responsible for maintaining the whole black box forever more?

Thank you but no thanks.

by julianlam

6/2/2026 at 5:32:49 PM

I don’t think anyone expects you to TBH. If you show interest, great. If not, the robot will translate your work into a different form of expression anyway. If you’re releasing open source software under BSD-like licenses, it’s still better than some company taking your work and selling it with zero value contributed back.

by baq

6/2/2026 at 5:42:23 PM

This kind of nihilistic argument worked in 2000 when open source software was a counter movement.

by rxhampton

6/2/2026 at 5:45:44 PM

I don't understand how it's nihilistic and how it doesn't work in 2026.

by patates

6/2/2026 at 5:33:02 PM

Yes I hope this can be separated from people who are inundating OSS maintainers with slop PRs - these are fully separate projects with zero expectation of involvement from maintainers. Valkey itself is forked off the original Redis.

There might be a world where people soon just find unsafe C code exposed to the web (i.e. nginx) an untenable situation and I hope it can be a helpful resource.

Anyway, I see open source code as positive sum. Maybe in the end only a small community who cares about cross compilation finds this helpful and thats a win!

by ianm218

6/2/2026 at 5:32:24 PM

Why would you have to take it over? Wouldn’t it just be a fork/different project entirely.

by dyauspitr

6/2/2026 at 5:29:31 PM

I love Rust, but porting others software to Rust (or any language) is a mixed bag. I'm a strong believer that good software requires deep domain knowledge to build and maintain. Porting code you don't understand by hand already risks still not understanding it afterwards, doing it in an automated fashion all but guarantees it.

All that to say I think these automated ports are interesting experiments. However if you want to build something people can trust, the people need to be able to trust that you fully understand what is built, and why it's built the way it is.

by notnullorvoid

6/2/2026 at 4:57:18 PM

[dead]

by dingnuts

6/2/2026 at 5:08:35 PM

If someone is porting such disparate projects as Valkey and Lua it is just for show and will be pre-alpha forever.

No one wants Bun in Rust, no one wants the rsync vibe code additions. This is just the only pro-AI comment, so the AI people voted it to the top.

by rxhampton

6/2/2026 at 5:23:17 PM

Hmm my reasoning was that in order to have Nginx work in Rust you want to expose scripting so having a decent Lua in Rust is key to not call out to C for that. And then Valkey/ Redis is a lot simpler than nginx so it was a good way to learn how some of this works.

And I'd disagree on no one wants - Lua is quite helpful since it is easily used in WASM. There has been some interest from people in the Bevy community - a game engine in Rust - since you can't have Lua scripting in browser games easily with the C version.

But anyway if people want it or not memory safety might become much more important so I think it is a good area to explore. Some people think large C codebases are inherently unsecurable https://alexgaynor.net/2020/may/27/science-on-memory-unsafet...

by ianm218

6/2/2026 at 5:29:17 PM

I don’t care if bun is written in zig, rust, go, f# or sql. If it works, it works.

I also don’t care if it’s written by humans or LLMs or robot overlords from Alpha Centauri. Again, if it works, it works.

The operative word here is ‘works’. Code is now cheap, QA still isn’t. Since people don’t really like doing the same thing twice, specs for working code have never been written. Nowadays there is no reason to not create a spec detailed enough for robots to make no mistakes (pun intended) when filling in the gaps when converting from spec space to code space. As long as this remains true, I don’t care who or what does the boring parts.

by baq

6/2/2026 at 2:52:28 PM

It’s clear that Anthropic has run out of the compute capacity needed to serve Mythos publicly.

They’re using security concerns to mask their inability to deliver the model at scale, while still trying to maintain their lead over OpenAI. As a result, they’ve chosen to release it privately under the banner of an “ethical” rollout.

by mekpro

6/2/2026 at 5:52:35 PM

Why do you think that? All these rumors about compute constraint just seem like speculation and not based on any data or information. All they would need to do is increase their prices to free up compute capacity.

by atleastoptimal

6/2/2026 at 4:58:03 PM

I find this line of reasoning highly dubious.

Yes, Anthropic is compute constrained, even after the SpaceX Colossus deal.

But supply constraints are the normal operating mode of any market. Anthropic could choose to serve whatever models it pleases at whatever price points it chooses and let the market decide where the value is.

If Mythos at $X overwhelms their capacity, they could just charge $X+1. If still overwhelmed, there are larger prices as well.

by NiloCK

6/2/2026 at 5:13:28 PM

Sort of, but valuation models depend on X being in a certain range. If it > this range, revenue and therefore valuation are impacted.

by tiahura

6/2/2026 at 5:04:33 PM

And then the bubble would collapse. Corps are already putting limits on token usage across the board because of costs. Increasing costs would significantly contract the hype bubble.

by malfist

6/2/2026 at 5:37:25 PM

I had to patch my Linux boxes daily at some point in the past couple months. I don’t want Mythos to be publicly released for as long as it is economically feasible for Anthropic. I hope they have a gentleman’s agreement with OpenAI and DeepMind about this, too.

Chinese labs will force their hands, until then let’s hope maximum number of projects get patched at a reasonable pace.

by baq

6/2/2026 at 3:00:17 PM

It is not "clear", as your comment suggests, it's hidden. Which is semantically the opposite of clear. Regarding your theory, might be true, might be false. But it's highly speculative.

by jb_briant

6/2/2026 at 4:54:37 PM

All of us, including you, know that he is not saying "they are being transparent." When someone says "it's clear that..." in this way they're saying "It's clear to us what is really happening here.

by Forgeties79

6/2/2026 at 5:10:15 PM

It's not clear, there is no tangible proof that Mythos is not released because they don't have compute power to serve it. Saying that would imply that the "too dangerous" is a lie. Nobody has proof. It can feel "clear" for you, but it's not. Hence, I correct it.

by jb_briant

6/2/2026 at 5:16:38 PM

Yes I got how they used the phrase. And it was wrong, so I wanted to react. Thanks for your addition, it dissipates any doubt on the intention of OP: he thinks Anthropic is hiding the lack of power by pretending it's too dangerous. But he is wrong to assume that without proof, hence my reaction.

by jb_briant

6/2/2026 at 5:11:11 PM

Agreed, but I'm talking about how they are, very clearly, using the phrase.

by Forgeties79

6/2/2026 at 5:03:38 PM

The not clear comment is valid by either interpretation.

To a lot of us it’s not clear that’s what’s happening. It’s speculation and one possibility.

It may also be a secondary consideration and not the primary gating factor.

Anthropic has had their missteps but it’s still plausible to take what they say at face value.

by WhitneyLand

6/2/2026 at 5:12:27 PM

I agree, saying "it's clear" when at best, "it's plausible" doesn't let the conversation happen. And pretending to know what is going on behind the scene, anon on HN is not credible

by jb_briant

6/2/2026 at 2:54:21 PM

They started Glasswing before they struck that $1.25B/month deal with xAI/SpaceX for their (notoriously dirty) Memphis data centers.

So they have a whole lot more compute now than they did last month.

by simonw

6/2/2026 at 3:30:33 PM

Yes, 300 MW from SpaceX helps a lot, but I think that’s mainly to support Opus demand, which has grown faster than expected. If Mythos is roughly 5× more expensive to serve than Opus, as the pricing suggests, then 300 MW is nowhere near enough to enable large-scale deployment of Mythos.

As an ordinary developer who relies on a $20–$200/month subscription, I feel disappointed by the release of a paper describing a model that I can’t actually use.

by mekpro

6/2/2026 at 3:41:34 PM

Ok but they can easily upsell this to enterprise customers at a market price reflective of their capacity constraints. Big corps would pay it, this is clearly a major update.

by aspenmartin

6/2/2026 at 2:56:47 PM

But that compute might not be available to then long term. Hard to make big moves with a contract like that.

by nickthegreek

6/2/2026 at 3:42:03 PM

I don't know if any of the big AI labs have confidence in planning for the long term.

For all they know they'll find a new optimization that lets them serve Opus class models for half the computing cost next month. Or someone will invent the next OpenClaw and demand will 10x over night.

by simonw

6/2/2026 at 5:28:36 PM

I bet Huawei and co would be happy to sell them some cheapo chips for inference!

by pshirshov

6/2/2026 at 2:56:24 PM

So why is OpenAI also releasing 5.5-Cyber in a private manner? Are they also out of compute?

by cobolcomesback

6/2/2026 at 5:03:41 PM

OpenAI has been pulling this marketing trick for years. Remember how GPT-3 was too dangerous to release? It's also probably bad PR if script kiddies have access to GPT model with no guardrails even if it doesn't enable any significant attacks.

by LiamPowell

6/2/2026 at 5:13:40 PM

I suppose you meant GPT-2, but for years? Did they say the same about subsequent models?

by signatoremo

6/2/2026 at 5:25:40 PM

They did it for 2 and 3, however it looks like they didn't for 4 and 5.

GPT-2: https://slate.com/technology/2019/02/openai-gpt2-text-genera...

GPT-3: https://www.itpro.com/technology/artificial-intelligence-ai/...

by LiamPowell

6/2/2026 at 3:36:10 PM

The security concerns argument would have worked better if a forum full of people hadn't promptly obtained access by the extremely sophisticated tactic of guessing its URL...

by notahacker

6/2/2026 at 5:08:21 PM

Also, they just want to jack up the price by creating sensation.

by cute_boi

6/2/2026 at 3:13:20 PM

Probably. This is an 8-12 trillion-parameter model, which is why it costs so much, that is also a major reason, besides RL and synthetic data, why it suddenly gained these new capabilities. They claim it was not fine-tuned or trained specifically for cybersecurity, but is instead a general purpose model.

by lossolo

6/2/2026 at 3:05:02 PM

[dead]

by benashford

6/2/2026 at 1:53:54 PM

Here's my big fear: Even IF (and that's a BIG if) we get all critical vulnerabilities fixed in tech (before adversarial/state-actors turn up with open attack models) - we still have (in at least a year) models that will be so good in social engineering that they can still (given enough tokens) gain access to whatever system they want.

If society can't trust banks and other institutions to safely control their data, what follows ?

Do we we collectivelly switch off the internet?

by mentalgear

6/2/2026 at 2:02:19 PM

Social engineering as a problem goes away when anybody can get a model to do it for them for $5. It stops being possible, it's really the bank's problem when they can't have a minimum wage call center or a robot responsible for people's data.

by colechristensen

6/2/2026 at 2:05:55 PM

Yes. There will be a few high-profile incidents, and then institutions will be forced to stop performing administrative actions based on people’s word.

by p-e-w

6/2/2026 at 2:19:47 PM

This outcome is massively detrimental to humanity at large. By eliminating the human factor from support, you make it impossible to get support in edge cases that fall outside of the pre-planned bureacratic process. Everyone already hates that Google can arbitrarily ban anybody they please with no way to get in contact with a human, and you want to extend that to banks in control of people's life savings?

by applfanboysbgon

6/2/2026 at 2:40:17 PM

I don't think anyone is saying that. You will just need to be authenticated before giving any commands to the bank. Maybe some type of TOTP that you can use over the phone or in person.

by hallway_monitor

6/2/2026 at 2:47:09 PM

That is the exact problem. You have identification tied to your device. Your device is lost or stolen. Now you can't access your bank account. Human support can help you out by finding flexible ways to ascertain your identity. This is the angle social engineers exploit, tricking employees trying to be helpful to abuse that area of flexibility. You can take away human judgment and all flexibility in the system, and that will make the system more secure, but it also results in a deeply uncaring system that makes life harder for people. Rigid bureacracy doesn't do a good job of accounting for a house fire destroying everything you own or your e-mail provider shutting down; these are fringe cases but they do happen and there are positive resolutions available as long as human discretion is involved.

by applfanboysbgon

6/2/2026 at 4:01:30 PM

No.

You don’t tie it to “your device”.

You tie it to your security key.

Which is treated like a credit card.

and your extended family, friends, or volunteers can act as social proof to allow you back into your accounts,

if your key burns up, it breaks and you were too cool to provision a backup, etc.

by DANmode

6/2/2026 at 5:07:17 PM

Credit cards are lost and stole all the time, and it isn't really a big deal when it happens, since charges can usually be easily reversed. This does not sound like the same scenario. It also doesn't account for people who lack friends/family nearby or at all.

> it breaks and you were too cool to provision a backup

If we're relying on the average person to back things up properly, this idea is doomed from the start.

by pesus

6/2/2026 at 5:28:58 PM

> If we're relying on the average person to back things up properly, this idea is doomed from the start.

The average person is relying on the average person, for everything, and I agree, they are doomed from the start.

Tech-related items inclusive.

by DANmode

6/2/2026 at 5:28:11 PM

Yes, you wouldn’t offer your private key to a random food truck.

Just new banks.

Same as people being unafraid of their car key being cloned - because they don’t hand it around the general public.

by DANmode

6/2/2026 at 2:37:53 PM

> Everyone already hates that Google can arbitrarily ban people

Yet they’re still the predominate search engine, sadly the concerns of the few don’t interest monopolistic profit seekers without forced regulations, think how airlines are legally required to give refunds for delayed flights, there’s a reason it required legislation

by repeekad

6/2/2026 at 3:32:48 PM

The government should be in charge of ID Provider infrastructure and has local offices (postal) that can establish physical identity (and already do for people who need to travel abroad), but the religiously affiliated NWO conspiracy theorists have made this politically infeasible in the US, so we have unsavory private sector providers like World ID stepping in.

by lern_too_spel

6/2/2026 at 1:54:06 PM

GPT-5.5-Cyber has already at least hit if not surpassed Mythos capability in cyber tasks. The only reason they're holding back is because once its out everyone would realize that its capabilities were a step change in March, but are not anymore, yet it costs significantly more and is much slower.

by 827a

6/2/2026 at 2:08:51 PM

how did you go about assessing this?

by john_strinlai

6/2/2026 at 2:12:12 PM

So you believe one marketing department more than the other?

by jansan

6/2/2026 at 2:20:41 PM

The brits have a step-based benchmark that they use for this - https://www.aisi.gov.uk/blog/our-evaluation-of-openais-gpt-5...

They seem pretty close, in both average and "best run" scores. And, in a highly verifiable domain, "best run" or pass@n is what you're looking for.

by NitpickLawyer

6/2/2026 at 3:09:33 PM

Worth looking at the followup post that evaluates the current version of Mythos, which solves one of the main tasks that GPT-5.5-Cyber does not. https://www.aisi.gov.uk/blog/how-fast-is-autonomous-ai-cyber...

by aesthesia

6/2/2026 at 4:37:41 PM

I believe the correct way to interpret AISI’s findings is that both Mythos and 5.5-Cyber are capable of solving their full benchmark (the only two models that can); Mythos does it with fewer tokens and more consistently.

Two things of note: 5.5-Cyber is likely to be substantially cheaper than Mythos, given it is priced around Opus. Additionally: AISI has never tested OpenAI’s best public model and actual Mythos competitor: 5.5-Pro.

by 827a

6/2/2026 at 2:05:25 PM

i think anthropic is being performative here, creating a hype for mythos and not releasing. i guess this is all a marketing thing to sell a security specialized AI to enterprise and startups at a way larger cost coz security market is deep in money.

by aspectop

6/2/2026 at 4:01:27 PM

This is just cover for being sore that you don’t have access yet <- see what I did there?

People and organizations can have mixed motivations. It’s often not “just” one thing.

by skybrian

6/2/2026 at 5:47:17 PM

Mythos gives BIG Tesla FSD energy, I’m over it

by testfrequency

6/2/2026 at 5:51:32 PM

What does that even mean?

by atleastoptimal

6/2/2026 at 2:15:16 PM

They should share it with Meta.

https://www.0xsid.com/blog/meta-account-takeover-fiasco

by tantalor

6/2/2026 at 1:46:44 PM

This feels more and more like a marketing/scarcity play for the largest global corps.

Will likely give them time to expand capacity as well. And make them harder to dislodge in these orgs.

by bushido

6/2/2026 at 3:39:16 PM

To me this makes little sense — I can’t imagine the orgs they have limited this rollout to don’t already have Claude subscriptions and integrations. And sure this may play nicely into branding a build a mystique around the model but ultimately they are missing out on a ton of revenue and risking being totally front-run now that model performance parameters are out and people have firsthand experience. Feels more like a fairly genuine attempt to be responsible. They could have easily rolled out an update and done some PR to absolve themselves of responsibility

by aspenmartin

6/2/2026 at 2:43:22 PM

Urgency x scarcity, unbeatable marketing move.

by jb_briant

6/2/2026 at 2:51:10 PM

It is really good. Will also cut through the common procurement, legal and change management processes seen at these orgs.

by bushido

6/2/2026 at 2:54:04 PM

Genius^2

by jb_briant

6/2/2026 at 2:18:39 PM

Is there any evidence Mythos is qualitatively better than the Opus 4.x?

I'm afraid that the usual mantra that "we just need more scale" that worked well for attracting investments, is not working anymore - bigger models provide marginal improvements while naturally get much more expensive to run.

Is this why both Anthropic and OpenAI are rushing for IPOs this year?

by yanis_t

6/2/2026 at 2:26:22 PM

From what I've read so far it's less about Mythos being much better at tasks in isolation.

Security wise, it's about being able to find and chain multiple vulnerabilities to actually create viable exploits.

So I would imagine that if you were using it for regular software development you may not feel that it's that different unless used in a particular way?

by alasano

6/2/2026 at 2:11:31 PM

How "altruistic" of them. If only Anthropic extended this level of care to the environment or the economy.

by aplthrowaway67

6/2/2026 at 2:50:05 PM

Whats currently an open source project which comes closest to Mythos capabilities?

by iamniels

6/2/2026 at 2:58:47 PM

No single open weights model comes close to either Mythos or GPT 5.5.

Nonetheless, running many of the open weights models over a codebase, with an appropriate harness, can provide about the same vulnerability coverage (i.e. each of the open weights models would find a subset of what Mythos or GPT 5.5 could find, but the subsets are not the same).

Despite needing more runs and more time, this may be significantly cheaper, especially if the models are self hosted.

Based on what Anthropic said about Mythos, they also use a quite elaborate harness for finding bugs and vulnerabilities, i.e. not a simple prompt like "find the bugs".

They run repeatedly Mythos on each file of the codebase, many times. They start with more generic prompts, used to determine whether a more thorough analysis of that file is worthwhile. Then they use more specific prompts, to detect various classes of bugs. After it becomes probable that a certain bug exists, they do a final run where the prompt requests a confirmation of the already known bug, perhaps together with a proposed patch or a PoC exploit.

Therefore the efficiency of finding vulnerabilities depends a lot on the harness, not only on the LLM. Also, searching vulnerabilities in a big codebase when paying per token is very expensive, because it requires many runs of the LLM.

by adrian_b

6/2/2026 at 5:28:06 PM

I still find it funny that GPT-5.5 is just as good as Mythos and yet Anthropic likes to make things worse than they actually are.

by catigula

6/2/2026 at 4:19:25 PM

Anthropic has the marketing of a weight loss product.

- They still claim 10000 issues, but they found only one in curl.

- They did not find rsync issues but Claude rather introduced rsync issues.

- Facebook is a member of this cult program but Mythos did not find the account takeover flaw.

- Mythos did not find the issues in Anthropic's own Bun rewrite.

They will not release Mythos because it would be exposed as a fraud before the IPO.

by 3sk_ask8

6/2/2026 at 2:37:08 PM

They keep writing like they stand to profit from this or something. Too many “coulds” in there for me too, this could be an amazing advancement and it could be nothing… normally we look at data and last headline I saw was 25 “high” vulnerabilities at the cost of $1 million in tokens.

No comparison to human teams, and I’m sure that $1 million in tokens was used by humans, in a team. So like most AI, they’ve developed a tool that capable people can use to be better, but unlike most tools, they’re claiming this to be outright magic. The magic is the hype train.

by andrewjneumann

6/2/2026 at 2:32:32 PM

Step 1: claim you created a tool so dangerous you can't release it

Step2: offer to test it, but only for the biggest companies in the world

Step 3: onboard those big players on your tooling and product

Step 4: profit

This is genius.

by jb_briant

6/2/2026 at 2:47:26 PM

And all you have to do is demonstrate unique value during the pilot phase!

Err... wait... that was already the hard part... hmm

by estearum

6/2/2026 at 2:52:14 PM

Genius marketing move doesn't mean there is no value.

It means than even if the value you offer is similar as your competitors, you are the one conquering the market.

That's the only way to not becoming a commodity.

by jb_briant

6/2/2026 at 3:52:55 PM

It’s true that providing security services to so many organizations will likely put them in a position to earn lots of money. It makes them an essential service, sort of like what happened with Cloudflare and denial-of-service attacks. (There are competitors, but they’re the first company people think of.)

But I think that downplays the importance of having a good product. If the product didn’t work, this would be a good way to lose trust with a lot of organizations in a hurry.

by skybrian

6/2/2026 at 4:33:32 PM

This is a circular economy that makes everyone look good. Almost all of these enterprise companies are sitting on top of so much of tech debt that in any realistic scenario they cant really patch vulnerabilities if they are even in double digits. A lot of these companies would not even let their valuable enough code to be ingested by LLM's.

At this phase no company would risk their brand by calling the product as ineffective. The big players are in it together and small ones have no option but to play along.

Nevertheless collecting the historical wisdom and running it at machine scale does have a lot of benefits for sure. The only question is the signal to noise ratio, machine is doing what humans did, just at a multiplier speed and with a lot more context than what a normal human can hold.

by sandeepkd

6/2/2026 at 5:05:16 PM

Yeah and apparently, Mythos is pretty effective at finding critical issues. So it seams to be a good product served with a genius offer. Anthropic founding engineers are already comfortable, they will end rich.

They did produce great value, claude code and opus 4.5 are a singularity in software engineering.

The job we practiced for decades simply doesn't exist anymore.

by jb_briant

6/2/2026 at 2:50:40 PM

With trillion dollars at stake they can hire best of best in sales and marketing. And unlike some hardcore hackers who may have ethics that does not always move in direction of more money. Sales and marketing people are highly motivated for opportunities to make more money.

by geodel

6/2/2026 at 2:53:39 PM

Our game is to craft shit, their game is to sell shit. You gotta respect the different tastes in the nature!

by jb_briant

6/2/2026 at 2:59:29 PM

Yeah, Companies to buy shit and their employees to eat shit. Lion king would say it is great circle of life.

by geodel

6/2/2026 at 3:01:14 PM

Here spoke the wise man!

by jb_briant

6/2/2026 at 3:43:14 PM

Don't you understand, if they really did do the <ai magic> they don't need to hire anyone, IT SELLS ITSELF

by cyanydeez

6/2/2026 at 3:14:05 PM

These companies are surely already onboarded…? They claim like 10k verified and high severity CVEs. Would you have preferred they just rolled it out like another opus update? You wouldn’t be insinuating in that situation that they were careless and reckless? They risk missing a boatload of revenue if openAI front runs them for a public launch. In what world is this some sort of scam??

by aspenmartin

6/2/2026 at 3:22:02 PM

Where did I use the word scam?

Marketing move doesn't mean scam. It describe the ability to sell people over a narrative and surpassing your competitor in market share. And that's exactly what is happening.

My post is a "tribute" to the efficiency of Anthropic's communication. I never complained about anything, nor calling it a scam, nor saying they should have released mythos to the public instead of rolling it out to a selected cohort.

You tried to expand my words to make me say something I didn't, because my post wasn't giving you a clear conclusion of my opinion regarding their private release.

by jb_briant

6/2/2026 at 3:34:14 PM

Ok you’re totally right, I read this as a cynical “this is all marketing” post ==> a scammy connotation. Without that read, your points are fairly valid, but are you still implying this is all a pure marketing tactic? If so I would still argue against that as a necessity but surely marketing could be heavily involved. But still: this could easily be a footgun. OpenAI will easily release the same model and now that Anthropic has taken the initiative to do a slower more contained rollout they wouldn’t need to do any of that. So from a business perspective I would still argue this whole glasswing initiative would make their sales and marketing department pretty nervous. I mean in a second-order branding sense sure this plays into the “we are ethical” ethos but it hardly seems worth the risk

by aspenmartin

6/2/2026 at 5:00:53 PM

I don't have enough elements to conclude if the world would collapse if Mythos was released publicly without Glasswing.

Nor publicly or in my internal reasoning. I rarely conclude without proof or very intense and clear intuition.

From a strategic PoV it makes sense to check if their model is dangerous, I wouldn't want to have my brand name associated with "NK hacker team find zero day in all linux servers of the web and ..."

by jb_briant

6/2/2026 at 4:57:35 PM

Seems like they're not even close to step 4.

by baggachipz

6/2/2026 at 4:36:09 PM

And put Chris Olah, Anthropic co-founder, sitting next to Pope Leo XIV presenting his first encyclical, Magnifica Humanitas, at the Vatican.

by wslh

6/2/2026 at 3:42:11 PM

>can't release it

can't release it the plebs

by cyanydeez

6/2/2026 at 5:07:03 PM

Unsure about that, opus was already insanely good and we got it for a fractional cost via subscriptions.

They want the plebs, they want the mass.

by jb_briant

6/2/2026 at 2:18:28 PM

“Mythos Preview continues a long-term trend that we’ve been warning about for some time: within 6 to 12 months […]”

The only trend Mythos continues is Anthropic’s trend of warning that disaster is always 6 to 12 months away.

by fontain

6/2/2026 at 2:08:28 PM

> The organizations in this new group are based in more than 15 countries

I mean most nasdaq tech companies would be in 13+ countries, why are they writing this like it's a big number, is hilariously small?

by jofzar

6/2/2026 at 2:25:34 PM

I assume they're using a more candid definition where they're not counting all the countries a company may be based, but rather the primary country they're based in.

I don't think they're trying to flex this as a large number. They don't want to give an exact number, as that may change etc / is fuzzy, but also want to give you an idea of the scale.

They say "In the future, we intend to expand our geographical reach much further". I imagine this commentary is somewhat related to the concerns that AI will create an even worse "global underclass". AI developments are first accessible to Americans, then allies, and then later the whole world.

by newtonsmethod

6/2/2026 at 2:40:59 PM

They're writing it in contrast to the previous scope, which doesn't seem to have been available to any organizations based outside the US. (There was news a few weeks ago about how Japanese banks were going to gain access, but based on the timing I think this announcement is that access.)

by SpicyLemonZest

6/2/2026 at 2:04:19 PM

That’s fine as long as I can identify and reject any Mythos derived patch as being irreproducible.

by cmxch

6/2/2026 at 2:18:46 PM

Why would it not be reproducible?

by IanCal

6/2/2026 at 3:50:04 PM

How can a patch be "reproducible"? The testcases are reproducible.

by astrange

6/2/2026 at 1:45:08 PM

It would have been nice to have a list of the 150, but I guess it would make them a hacking target?

by philipwhiuk

6/2/2026 at 3:41:31 PM

Expanding Project Glasswing (IPO)

by cyanydeez

6/2/2026 at 5:53:08 PM

[dead]

by andai

6/2/2026 at 1:46:29 PM

[flagged]

by frays

6/2/2026 at 2:02:04 PM

Thanks for your input Claude.

by Jtarii

6/2/2026 at 2:16:46 PM

I see that as not just a spam post, but a generated addition to the dead internet - a real win for us algorithms.

by devmor

6/2/2026 at 2:24:06 PM

Ragebait god

by jwpapi

6/2/2026 at 2:54:51 PM

Maybe it is just me: I feel Anthropic most recent product announcements resemble more and more like what IBM tactic was at its high. For instance, the Watson AI hype after it defeated Kasparov. The difference is IBM actually wanted and let businesses buy and use Watson as opposed to time released like what Anthropic does to even boost the hype higher.

by mrbonner

6/2/2026 at 4:23:06 PM

Big Blue defeated Kasparov. The Watson hype was about winning Jeopardy, which is still kind of the only use case for current AI.

by 3sk_ask8