In April “The Boy That Cried Mythos” caught Anthropic collapsing its own credibility. In June “Mythos dressed up in a coat, should be called Opus with a moat” caught it again.
Anthropic wants to play God, feed on claims only they can verify, which is to say it feeds beliefs based on lies. If that sounds harsh, think about how the God of cycling Lance Armstrong treated anyone who suggested he was doping. He sure got a lot of medals for “livewrong“.
Now the Mythos lies have spilled their way into a venue claiming to use a formal review process. A new National Academies document (NASEM) freshly launders vendor marketing without any explanation.
National Academies of Sciences, Engineering, and Medicine. 2026. Implications of AI for Cybersecurity: A Rapid Expert Consultation. Washington, DC: The National Academies Press.
This should help clarify, for those who are wondering if we are dealing with a Lance Armstrong of LLMs.
| NASEM Laundry (June 2026) | Prior Evidence |
|---|---|
| Figure 1 plots Mythos at 83.1% on CyberGym as settled capability, sourced to “Wang et al. 2025” | The 83.1% has been repeatedly proven false. It’s a self-reported number by Anthropic. AISLE proved detection reproduced in 8 of 8 open-weight models, even at $0.11 per million tokens, Cisco proved outcome is model-independent |
| Restricted Glasswing access presented as responsible handling of uniquely capable model | The danger warnings are self-serving FUD marketing. Model uniqueness repeatedly disproven. Mythos emailed out of its sandbox only after being instructed to try, showed no sign of altering its weights, and Opus 4.6 finds the same or better flaws |
| Vulnerability discovery framed as a breakthrough enabling novel risk | The flagship FreeBSD CVE-2026-4747 is a 2007 patch in training data, opposite of novel. It was a curated recovery from a backlog of delayed fixes, which any model does. |
| Benchmark score offered as capability evidence | Of 23,019 reported findings, 1,752 were human-checked and 75 had fixes shown. The 90.6% accuracy applies to humans doing the work, not the machine output |
| Concedes open models approach frontier, advantage short-lived | GLM 5.1 reproduced findings on the IronCurtain harness, and clearbluejar recovered CVE-2026-4747 on two open-weight models on a single consumer GPU. Discovery is provable as an orchestration problem, making the frontier-model unnecessary. |
| Expansion to roughly 150 organizations across more than 15 countries, including NATO and ENISA, read as demand | Manufactured scarcity is a vendor marketing trick. The June 2 expansion followed a June 1 confidential IPO filing near a one-trillion-dollar valuation, committing access and capital ahead of the promised verification, and several trialing firms are Anthropic investors |
| Field evidence in the figure | The curl maintainers reported no change to their workflow, and Mozilla’s headline of 271 Firefox vulnerabilities reconciles to just three versus the advisory |
| Mythos claims rest on anthropic.com/glasswing, the FT relay, and a benchmark the cited authors never ran on Mythos | No reproduction steps accompanied the launch blog, the system card, or the Glasswing update, and a result validated only against the system that produced it is not independent confirmation |
| Published June 2026, capability stated as established | Anthropic’s own promised report is due around July 6, 2026, and the prudent posture is to treat the unproven vendor capability as unproven |
This matters because it’s turning into policy. Anthropic owes a verified CVE list with reproduction steps on July 6. Until that report arrives and survives independent review, everything resting on the Mythos claim, the consultation included, launders a mythical claim being hidden from inspection.
The Information now calls Mythos a model with “powerful cybersecurity capabilities” and attaches no qualifier, no analysis. It is not called a vendor claim, it is not called a vendor self-reporting. It gets stated as fact, in the same paragraph that uses it as precedent for OpenAI.
The premise that others are following Anthropic’s similar course rests entirely on accepting a vendor capability claim that is never verified. A marketing department fabricates a story and then American policy is being built on top of it?
When the printing press first spread, it mass-produced witch-hunting manuals that marked women for death as agents of the devil, the Malleus Maleficarum above all, known today as the witch hunts. The danger of accelerated printed letters was real, because the highly self-serving claims about threats were not. The actual Anthropic risk is that Anthropic states the risk, without any inherited system of science to keep it honest.