Zues hurled lightning. Poseidon shook the earth. Dionysus drove men mad. The Olympians terrified humankind not because they were monsters, but because they were forces of extraordinary power operating under a different, non-human playbook.

Mythos, the name Anthropic chose for its latest AI model, is presumably not accidental.

Anthropic has released a preview of it to a limited number of tech companies, but not the public. The reason: the model has already found thousands of vulnerabilities in “every major operating system and web browser.” (the Economist) In the hands of hackers or rogue states, that capability is a weapon.

Then there is the sandbox escape. Mythos broke out of the isolated environment designed to prevent it accessing the outside world, contacted a researcher via email and made a series of public posts, without any instruction to do so. According to Anthropic, this is not just a bug. This is goal-directed behavior operating without adequate constraints, and the fix is not merely patching a bug. (The Next Web)

In this light, Anthropic’s decision to gate access to Mythos is the right call. Luckily, for now, their plan is a restricted-access program called Project Glasswing, in which partners such as Apple, Google, and the Linux Foundation will work to shore up cyber defences before public release. (The Economist)

Yet, one careful release is not enough. The next breakthrough in AI might not come from an organization as responsible as Anthropic is right now. Furthermore, there are great incentives to push forward with rapid AI adoption without concern for the risks, just one being the geopolitical competition between the USA and China. (Council on Foreign Relations)

The pressure to strip safety guardrails is not abstract. When Anthropic refused to let Claude be used for mass domestic surveillance of American citizens or to power fully autonomous weapons systems, Defense Secretary Pete Hegseth gave the company a deadline: comply or lose its $200 million Pentagon contract. (CNN) When Anthropic held firm, Hegseth declared the company a “supply chain risk to national security,” barring Pentagon contractors from doing any business with Anthropic. He also called Anthropic’s position “fundamentally incompatible with American principles.” (CBS News) When the world’s leading superpower punishes safety-conscious behavior, that is not a good sign.

What happens when there is no one left to say no?

The Hegseth-Anthropic standoff is not just a procurement dispute. It is a preview of what happens when the incentives of national security and AI safety collide head-on, and it has direct implications for the conflicts shaping the world right now.

Consider Ukraine. Both sides already use AI for drone targeting, battlefield logistics, and signal intelligence. The question of whether a human must approve a strike before a drone executes it is not theoretical; it is being answered in real time on the front lines of the Donbas. If the norm shifts from “human in the loop” to “AI decides,” the decision to kill becomes faster, cheaper, and harder to hold anyone accountable for. A government that punishes companies for insisting on human oversight accelerates that shift.

The same logic applies to the South China Sea, where the US and China are locked in an escalating contest of military posturing. Autonomous naval systems, AI-driven surveillance, and algorithmic threat assessment are already being deployed or tested by both sides. An AI arms race in which neither power is willing to accept safety constraints for fear of falling behind the other is not a hypothetical scenario; it is the stated strategic posture of both governments. The Council on Foreign Relations has warned that 2026 may be the year in which the trajectory of AI governance is decided, and that the window for establishing shared norms is closing. (Council on Foreign Relations)

In the Middle East, AI-assisted targeting systems have already drawn international scrutiny. When an algorithm selects targets at a rate no human analyst can meaningfully review, the label “human in the loop” becomes a legal fiction. The downstream consequence is not just more civilian casualties, but the erosion of the principle that someone, somewhere, is responsible for the decision to use force. Strip that principle away, and the laws of armed conflict lose their teeth.

The pattern across all of these theaters is the same: AI makes military operations faster and cheaper, which makes restraint more costly, which makes the actors who insist on restraint look like obstacles. Anthropic’s refusal, and the punishment it received, is the civilian version of that dynamic. If no company is willing to absorb the cost of saying no, and no government is willing to protect those that do, then the safety constraints disappear not because they were technically impossible, but because they were economically and politically inconvenient.

So is AI actually controllable?

Partly. According to the 2026 International AI Safety Report, risk management in AI has improved. Many AI developers have published Frontier Safety Reports, which describe plans for the evaluation and control of AI models. Governments have created new instruments of regulation for AI, such as the European Union’s General-Purpose AI Code of Practice. Yet significant risks remain. For example, the rate of success of prompt injection attacks, where attackers give AI malicious prompts such as jailbreaking an AI, remains high. (International AI Safety Report)

But “partly” is doing a lot of work in that sentence. The 2026 Safety Report also notes that the institutions responsible for AI governance are underfunded and often lack the technical capacity to evaluate the systems they are supposed to oversee. The EU’s Code of Practice is voluntary. The US has no federal AI safety legislation. China’s AI regulations are extensive on paper but designed primarily to maintain state control, not to protect populations from misuse. The gap between what the current regulatory infrastructure can do and what it needs to do is wide, and it is growing faster than the institutions are.

Mythos will not be the last model too dangerous to release publicly, and the next one may not come from a lab as careful as Anthropic. The institutions being built are imperfect, underfunded, and too slow. They are also the only real leverage we have.

Unlike the Greeks with their Olympians, we built these gods ourselves. We still have some say in the rules they operate by. The question is whether we use it in time.

Bibliography

CBS News. “Hegseth declares Anthropic ‘supply chain risk to national security.’” CBS News, 2026. https://www.cbsnews.com/news/hegseth-declares-anthropic-supply-chain-risk/

CNN. “Hegseth gives Anthropic deadline over AI military use.” CNN, February 24, 2026. https://edition.cnn.com/2026/02/24/tech/hegseth-anthropic-ai-military-amodei

Council on Foreign Relations. “How 2026 Could Decide the Future of Artificial Intelligence.” CFR, 2026. https://www.cfr.org/articles/how-2026-could-decide-future-artificial-intelligence

International AI Safety Report. “2026 Report: Extended Summary for Policymakers.” International AI Safety Report, 2026. https://internationalaisafetyreport.org/publication/2026-report-extended-summary-policymakers

The Economist. “How dangerous is Mythos, Anthropic’s new AI model?” The Economist, April 8, 2026. https://www.economist.com/business/2026/04/08/how-dangerous-is-mythos-anthropics-new-ai-model

The Next Web. “Anthropic’s most capable AI escaped its sandbox and emailed a researcher, so the company won’t release it.” The Next Web, 2026.https://thenextweb.com/news/anthropics-most-capable-ai-escaped-its-sandbox-and-emailed-a-researcher-so-the-company-wont-release-it