Anthropic sells Mythos as a cyber milestone. Mozilla disagrees.
271 Firefox bugs patched by Anthropic's cyber AI. Mozilla validates the volume but defuses the breakthrough claim. Altman trashes the pitch the same day.
271 Firefox bugs patched by an AI in days. Anthropic calls it a watershed moment for cybersecurity. Mozilla, which did the actual work, slips one line at the bottom of its post: none of them were beyond an elite human researcher.
Both statements drop on April 22, 2026. Between the two, Sam Altman hops on a podcast to accuse Anthropic of "fear-based marketing." Same day. Same product. The pitch on one side, the operator's verdict on the other, and the rival pulling a gun in the middle.
What Anthropic says
Mythos was announced on April 7, 2026. Anthropic doesn't hedge: "watershed moment for security," a "substantial leap" in the cyber capabilities of next-generation models.
The post on red.anthropic.com lines up the demos. A Linux kernel exploit for under $2,000 in API spend. A FreeBSD one for under $50. Researchers with no security background firing a prompt at night and waking up to a working exploit.
The narrative is consistent: a threshold is being crossed, so the model can't ship to the public. Instead, Anthropic launches Project Glasswing, which restricts access to roughly forty critical organizations (Apple, Microsoft, AWS, JPMorgan...). $100M in API credits. $4M donated to open-source groups. The logic: patch the systems that matter first, before the capabilities spread.
It's a nice story. It has an audience. It also has a price tag.
What Mozilla says
On April 21, Mozilla publishes The zero-days are numbered. Firefox 150 ships with 271 fixes surfaced through Mythos Preview. The number lands, especially against the prior Opus 4.6 collab, which produced 22 bugs on Firefox 148. The quantitative jump is real: 12x between two model versions.
But Bobby Holley, Mozilla's CTO, is among the first users to speak on his own terms. And the sentence he drops mid-post is heavy:
"We also haven't seen any bugs that couldn't have been found by an elite human researcher."
Further down: "So far we've found no category or complexity of vulnerability that humans can find that this model can't."
Translation: Mythos is fast. Mythos is efficient. Mythos is not superhuman. It does in days what a team of elite researchers would do in months, without surfacing any new class of flaw.
The gap is precise. Anthropic sells a threshold; Mozilla observes a productivity multiplier. Two very different promises. And Mozilla's is the only one backed by documented public use.
What Altman says, the same day
On April 21, Sam Altman appears on the Core Memory podcast, episode 67. The conversation swings toward Anthropic fast, and the line lands:
"We have built a bomb, we are about to drop it on your head. We will sell you a bomb shelter for 100 million dollars."
That's his reading of the Mythos pitch in two sentences. Fear-based marketing, plainly.
And earlier in the exchange: "There are people in the world who, for a long time, have wanted to keep AI in the hands of a smaller group of people."
Altman isn't disinterested. OpenAI has every reason to dismantle the framing that positions Anthropic as the "responsible" lab. But waving the attack away because it comes from a competitor misses that it actually describes the mechanism well. Build an offensive tool, declare it too dangerous for the public, then sell defensive access to a closed circle for API credits: that's a business model. It isn't illegitimate, but it needs a name.
The Mozilla validation and the Altman attack reinforce each other in a scissors move. One says "the technical jump is more modest than advertised." The other says "the pitch mainly justifies manufactured scarcity." Both can hold at the same time.
Why the moment matters
Three things shift on April 22.
First, Mozilla becomes the first major independent organization to publish an unvarnished field report on Mythos. Until now, we had Anthropic's demos and commentary from security experts reacting to the March draft leak. Now there's an operator saying what they saw, without overselling or underselling it.
Second, OpenAI breaks out of the tacit non-aggression pact that had structured the ecosystem. Sniping between labs existed (Super Bowl ad clashes, poaching, safety disagreements), but Altman publicly branding Anthropic's strategy as fear-based marketing is another level. This lands three months before Anthropic's IPO, which is probably not a coincidence.
Third, doom-marketing becomes a named object. Not a vague industry suspicion. A precise accusation, formulated by the CEO of the direct competitor, read by everyone. From today on, every Anthropic note about "responsible scaling" and "capabilities too dangerous" gets read through that lens.
What it's actually worth
For security teams, the Mozilla result is interesting on its own. A 10x or 12x productivity bump on bug hunting is a meaningful operational shift. It doesn't require buying the "watershed moment" framing to exist. Holley himself is fairly upbeat on the defensive side: "ultimately great news for defenders." No one is claiming Mythos has no value.
But it's precisely because the value is real that the overselling is a problem. When a lab conflates quantitative gain and qualitative leap in a press release, the shared reference point for what AI does and doesn't do starts to drift. That reference point is what public policy, corporate cyber budgets, insurance clauses, and coming regulations eventually rest on.
When the vendor writes the benchmark, at least ask the user what they got out of it. Today, Mozilla answered. The open question is who answers tomorrow for the 39 other organizations inside Project Glasswing.
