German cybersecurity agency BSI warns of paradigm shift: Anthropic's AI model Mythos finds thousands of unknown security vulnerabilities - government convenes National Security Council
What it really says
The German government has convened the National Security Council to assess AI model Claude Mythos Preview by US company Anthropic and its potential consequences. A spokesperson for the Interior Ministry confirmed: 'The federal government is currently in contact with manufacturer Anthropic.' The Federal Office for Information Security (BSI) expects 'upheavals in how security vulnerabilities are handled and in the vulnerability landscape as a whole'. BSI President Claudia Plattner stated her agency is in contact with Anthropic and gained insights into the model's functionality through personal discussions with the developers, but has not yet been able to test the tool itself. The director of the Federal Criminal Police Office (BKA) also sees significant risks - while it is positive that vulnerabilities can be found and closed faster, cybercriminals' strategies will also adapt quickly. Background: Anthropic unveiled Claude Mythos Preview and the Project Glasswing initiative on April 7, 2026. According to Anthropic, the model identified thousands of previously unknown zero-day vulnerabilities in every major operating system and web browser - including critical flaws that remained undetected for decades. A particularly notable discovery: CVE-2026-4747, a 17-year-old remote code execution vulnerability in FreeBSD that allows an attacker from anywhere on the internet to gain complete control over a server. In the Linux kernel, the model identified vulnerabilities and autonomously chained them into working exploit chains. Anthropic is not making Mythos publicly available but offers access to 40 selected partners through Project Glasswing - including AWS, Apple, Cisco, Google, JPMorgan Chase, the Linux Foundation, Microsoft, and NVIDIA. Anthropic is committing up to $100 million in usage credits and $4 million in direct donations to open-source security organizations. However, according to Bloomberg and Fortune, the model was accessed by unauthorized users through an online forum as early as April 21.
Our assessment
The concern is legitimate, but context matters. First, what is alarming: an AI model that finds thousands of critical vulnerabilities missed by human security researchers for decades fundamentally changes the threat landscape. The BSI puts it succinctly: in the medium term, there could be no unknown classical software vulnerabilities left - leading to a shift in attack vectors and a paradigm shift in cybersecurity. The unauthorized leak of the model compounds the problem, as the defensive side loses its head start. Now, what is reassuring: Anthropic deliberately chose not to release the model publicly and is investing $100 million in defensive use. The model does not only find vulnerabilities - it also enables faster patching. The 40 Glasswing partners include the world's most important software manufacturers and security firms. However, the fundamental problem is systemic: once AI models with these capabilities exist, other providers will follow, and not all will handle access as restrictively. The real question is not whether Mythos is dangerous, but how the world deals with a future where software vulnerabilities can be found faster than they can be fixed.
Relevance for Germany
Directly relevant for Germany. The National Security Council - the federal government's highest security policy body - has explicitly addressed Mythos. The BSI, Germany's central cybersecurity authority, expects far-reaching consequences for the threat landscape. For German companies, this means concretely: the era when one could rely on critical vulnerabilities in widely used software remaining undiscovered is ending. Patch management and security updates become even more urgent. For critical infrastructure - energy providers, hospitals, government agencies - the situation is particularly acute, as outdated software is widespread in these sectors. On the positive side: BSI President Plattner is in direct contact with Anthropic, showing that Germany is actively seeking access to the findings. Anthropic's decision to make the model available only to controlled partners is a responsible approach - though the question arises why European security agencies are not yet among the 40 Glasswing partners.
Fact check
The convening of the National Security Council and the Interior Ministry spokesperson's statement are consistently reported by Handelsblatt and ZDF. The BSI assessment - 'upheavals in the vulnerability landscape' - comes from an official BSI statement cited by Handelsblatt, Heise, and Wirtschaftswoche. Technical details about Mythos - thousands of zero-day vulnerabilities, CVE-2026-4747, Linux kernel exploits - are documented through Anthropic's own publications on red.anthropic.com and the Glasswing project page. The 40 partners and $100 million investment come from Anthropic's official Glasswing page. The unauthorized model leak was independently reported by Bloomberg on April 21 and Fortune on April 23. Caveat: The BSI has not yet been able to independently test Mythos; its assessment is based on conversations with Anthropic and publicly available information.
Source
- • Handelsblatt (handelsblatt.com/technik/ki/kuenstliche-intelligenz-ki-findet-schwachstellen-bsi-erwartet-weitreichende-folgen/100215713.html)
- • Heise 02.05.2026 (heise.de/news/Mythos-von-Anthropic-Schwachstellen-KI-wirft-neue-Sicherheitsfragen-auf-11270831.html)
- • ZDF heute (zdfheute.de/politik/deutschland/ki-anthropic-claude-mythos-schwachstellen-software-bsi-100.html)
- • Wirtschaftswoche (wiwo.de/technologie/digitale-welt/anthropic-ki-claude-mythos-findet-schwachstellen-bsi-warnt-vor-weitreichenden-folgen/100215799.html)
- • Anthropic Project Glasswing (anthropic.com/glasswing)
- • Anthropic Red Team Report (red.anthropic.com/2026/mythos-preview/)
- • Bloomberg 21.04.2026 - Unauthorized Mythos access (bloomberg.com/news/articles/2026-04-21/anthropic-s-mythos-model-is-being-accessed-by-unauthorized-users)