#The Anthropic/Mythos breach
Anthropic released Mythos to a limited group in April as part of an effort called Project Glasswing, billing it as more effective than competing AI systems at detecting software vulnerabilities. It was shared only with a small group of major companies, including Amazon, Apple, Cisco, JPMorgan Chase, and Nvidia, amid concerns it could be exploited by hackers.
Despite those precautions, a small group of unauthorized users gained access on the very same day the model was publicly announced. The group, communicating through a private Discord channel, reportedly made an educated guess about the model's online location based on familiarity with Anthropic's URL formatting conventions. The breach was facilitated in part by an individual employed at a third-party contractor working with Anthropic, who exploited shared accounts and API keys belonging to authorized contractors.
The group has been using the program continuously since gaining access and has not been using it for cyberattacks, though one security expert told Fortune that if a random Discord forum got access, "it's already been breached by China."
This wasn't Mythos's first security lapse either. Fortune was first to report on the model's existence thanks to a security lapse that exposed details about it in a publicly accessible database. Anthropic then suffered a second breach, accidentally exposing nearly 2,000 source code files and over 500,000 lines of code for about three hours.
#The OpenAI/Codex incident
GPT-5.5 and other unreleased models briefly surfaced in OpenAI's Codex platform for some Pro account users. The internal model picker accidentally went live, and the dropdown revealed GPT-5.5, oai-2.1, something called "arcanine," and multiple glacier-alpha checkpoints. The access disappeared quickly, but not before developers tested the unreleased flagship. This was a UI-level exposure, not a breach of model weights or data.
Meanwhile, Meta has held a long-standing argument that open-sourcing AI models is actually safer than closed, proprietary systems. The reasoning: closed models create a false sense of security while still leaking, whereas open models are at least transparent about what's available. The two incidents also highlight a broader strategic disagreement between Anthropic and OpenAI about access: Anthropic concluded Mythos was too capable to distribute widely, while OpenAI concluded that wider access to properly verified defenders produces better outcomes than scarcity. Sam Altman has called Anthropic's approach to Mythos "fear-based marketing."