I’ll be honest: when I first heard whispers about a 10-trillion-parameter Claude model, I assumed it was hype. Then the leak happened. Anthropic’s internal documents about Claude Mythos 5 ended up in a publicly accessible data store, and suddenly every AI researcher, security team, and CTO was paying attention. This isn’t just another model bump — it’s the first time a frontier lab has shipped a model at this scale, and the way Anthropic is rolling it out tells you everything about where the industry is heading.
Here’s the short version: Mythos 5 is a 10-trillion-parameter MoE model that introduced a new tier above Opus called Capybara. It crushed cybersecurity benchmarks, autonomously discovered a 17-year-old root exploit in FreeBSD, and is currently locked behind a controlled preview called Project Glasswing. You and I cannot use it yet. About 40 critical-infrastructure orgs can — and that gap is the whole story.
Quick Verdict on Claude Mythos 5
What it is: Anthropic’s first 10-trillion-parameter model, sitting in a new “Capybara” tier above Opus. Built on a refined Mixture-of-Experts (MoE) architecture with roughly 800B–1.2T active parameters per forward pass.
Who can use it: Approximately 40 organizations including AWS, Apple, Cisco, Google, JPMorgan, Microsoft, Nvidia, and CrowdStrike — strictly for defensive cybersecurity work.
Why it matters: It’s the first credible signal that scaling laws still have legs at the trillion-parameter level — and the first frontier model that’s not getting a public launch.
What Exactly Is Claude Mythos 5?
Mythos 5 is Anthropic’s most powerful model to date, and it represents what the company internally calls a “step change” in capabilities. The model was meant to stay quiet — it leaked on March 26, 2026, when an Anthropic engineer accidentally pushed an internal draft blog post to a publicly accessible data store. Within hours, screenshots were everywhere on Twitter and Hacker News.
The leaked materials confirmed three things that matter:
- 10 trillion total parameters. That’s 10x larger than what most people assumed Claude Opus 4.6 was running under the hood.
- A new tier called Capybara. Anthropic’s lineup used to top out at Opus. Capybara now sits above it, reserved for the most demanding workloads.
- Significantly higher benchmark scores. Coding, academic reasoning, and especially cybersecurity all jumped meaningfully over Opus 4.6.
To put the size in context: GPT-4 was rumored to be around 1.7 trillion parameters. Mythos 5 is roughly 6x that. We’ve never had a publicly confirmed model at this scale before. The fact that Anthropic shipped it ahead of OpenAI and Google says something about where the frontier really is right now.
The Architecture That Makes 10 Trillion Parameters Affordable
You might be wondering how anyone can run a 10T model in production. The trick is Mixture of Experts (MoE). Instead of activating every parameter for every token, Mythos 5 routes each token through a small subset of “expert” sub-networks.
Independent researchers, working backward from Anthropic’s pricing and inference latency, estimate that only 800 billion to 1.2 trillion parameters are active per forward pass. The model has the knowledge capacity of a 10T dense model, but the compute cost of a roughly 1T dense model. That’s the entire point of MoE — you get the breadth of a giant model without the inference bill.
What this means in practice: Mythos 5 should be able to specialize aggressively. Different experts can handle code generation, formal proofs, multilingual reasoning, and security analysis without the parameters competing for capacity. That’s exactly the pattern we’re seeing in the cybersecurity benchmarks.
The Cybersecurity Demo That Got Everyone’s Attention
The most striking claim from the leak — and Anthropic later confirmed it on red.anthropic.com — is that Mythos 5, given an open-ended request to find a bug, autonomously discovered and exploited a 17-year-old remote code execution vulnerability in FreeBSD’s NFS implementation.
The vulnerability, now triaged as CVE-2026-4747, lets an unauthenticated attacker anywhere on the internet gain root on a vulnerable server. No human pointed Mythos at the bug. No human wrote the exploit. The model went from “find me a vulnerability” to “here is a working root exploit” entirely on its own.
I’ve been writing about AI tools for a while, and this is the first time I’ve read a security demo and felt genuinely uneasy. Not because the model is “scary AI” in some sci-fi sense — but because this is the kind of capability that, in the wrong hands, would change the threat landscape overnight. A defender with Mythos 5 finds the bug first. An attacker with it weaponizes it before the patch ships. Anthropic clearly understood this, which is why they’re not selling it to anyone with a credit card.
Project Glasswing: Why You Can’t Use It
This is the part of the story that will define the next 12 months of AI policy. Mythos 5 is not generally available. Anthropic is running it through a controlled preview called Project Glasswing, and the access list is short and very deliberate:
| Category | Confirmed Glasswing Participants |
|---|---|
| Cloud & Compute | AWS, Google, Microsoft, Nvidia |
| Consumer Tech | Apple, Cisco |
| Financial Infrastructure | JPMorgan Chase |
| Cybersecurity Vendors | CrowdStrike (and ~30 others undisclosed) |
| Use Case | Defensive cybersecurity work only |
Notice what’s not on the list: marketing teams, content creators, indie developers, the average ChatGPT power user. That’s intentional. Anthropic has effectively decided that 10-trillion-parameter capability is too dangerous to ship via a credit card and an API key. Whether or not you agree with that framing, it sets a precedent — and OpenAI and Google will have to decide whether their next-tier models follow the same playbook.
How Mythos 5 Compares to Today’s Frontier Models
| Model | Estimated Total Params | Public Access | Specialty |
|---|---|---|---|
| Claude Mythos 5 | ~10T (MoE) | No (Glasswing only) | Cybersecurity, complex coding |
| Claude Opus 4.7 | ~1T (MoE est.) | Yes | Reasoning, agentic workflows |
| GPT-5.5 | Undisclosed | Yes | Agentic tasks, multi-modal |
| Gemini 3.1 Ultra | Undisclosed | Yes | Long context, multimodal |
| DeepSeek V4 | 1.6T | Yes (open source) | Cost-efficient reasoning |
Notice the asymmetry: the most capable model is also the only one you can’t touch. That’s a first.
What This Means for Developers and Businesses
If you’re building products on Anthropic’s API, here’s the practical takeaway: nothing changes today. Opus 4.7 is still your top tier, Sonnet 4.6 is still the workhorse, and Haiku 4.5 is still the cheap-and-fast option. Mythos won’t show up in your dashboard anytime soon.
What’s likely to change over the next 6 to 12 months:
- A “diluted” Mythos will probably ship publicly. Anthropic has historically distilled lessons from frontier models into mainstream releases. Expect Opus 5 to inherit a lot of Mythos’s reasoning gains.
- Tiered access becomes the norm. Other labs will start gating their most capable models behind enterprise contracts and KYC. The “any developer can call SOTA” era is ending.
- Cybersecurity tooling will leap. If Glasswing partners deliver on Mythos’s promise, expect a wave of next-gen vulnerability scanners, red-team automation, and patch generators.
- Regulatory attention intensifies. A model that autonomously finds and exploits root vulnerabilities is exactly what the AI Safety Institute, NIST, and the EU AI Office have been writing rules about.
The Bigger Picture: Scaling Isn’t Dead
For most of 2025, the conventional wisdom was that scaling had hit a wall. Better data, better post-training, and better tools were going to do the heavy lifting going forward. Mythos 5 quietly contradicts that narrative.
By going from roughly 1T to 10T total parameters and seeing real, benchmark-confirmed gains — not just on chatbot evals but on the kind of long-horizon, agentic tasks that matter — Anthropic is making the case that the scaling law isn’t broken; the bottleneck just moved. The new bottleneck is power, chips, training data quality, and safety evaluation, not “do bigger models help?”
That’s why Nvidia is shipping Rubin, why Google split its TPU into 8T and 8I variants, and why hyperscaler capex is hitting new records every quarter. The race to 100T isn’t a meme. It’s the roadmap.
FAQ
Is Claude Mythos 5 available on the Anthropic API?
No. Mythos 5 is currently restricted to Project Glasswing, a controlled preview limited to roughly 40 organizations including AWS, Apple, Google, JPMorgan, Microsoft, Nvidia, and CrowdStrike. There’s no public timeline for general availability.
What does the “Capybara” tier mean?
Capybara is a new model tier Anthropic created above Opus. The lineup, from largest to smallest, is now Capybara → Opus → Sonnet → Haiku. Mythos 5 is the only Capybara-tier model so far.
How is Mythos 5 different from Claude Opus 4.7?
Opus 4.7 is the best publicly available Claude — fast, capable, and ~1T parameters in MoE form. Mythos 5 is roughly 10x larger, considerably stronger on cybersecurity and complex reasoning, and reserved for defensive security work at vetted partners.
Is a 10-trillion-parameter model actually safe to deploy?
That’s exactly the question Project Glasswing exists to answer. Anthropic chose tightly scoped access and defensive-only use cases precisely because the model demonstrated dual-use capabilities (like autonomous vulnerability discovery) that aren’t safe for unrestricted deployment.
Will OpenAI and Google ship 10T-parameter models too?
Almost certainly. Google’s TPU 8T architecture and Nvidia’s Vera Rubin platform are explicitly designed for trillion-parameter MoE training. Expect comparable announcements from OpenAI and DeepMind within 12 months — and expect them to face the same access-vs-capability dilemma Anthropic is navigating now.
The Bottom Line
Mythos 5 is the most important AI announcement of 2026 so far, and the average reader cannot use it. That tension — between the rate of capability gains and the willingness of frontier labs to ship them broadly — is going to define the next year of this industry. If you’re building anything that touches AI, watch what happens with Glasswing. The lessons from how Anthropic gates, audits, and eventually distills Mythos will tell you exactly what the next frontier model from any lab will look like.
