One company's conscience is not a governance framework
This week on LinkedIn, I wrote about Anthropic's Claude Mythos Preview, the unreleased model that found decades-old vulnerabilities in every major operating system
What I’m Watching
1. The precedent no one is naming
Anthropic built a model capable of finding thousands of zero-day vulnerabilities across every major operating system and browser. A 27-year-old bug in OpenBSD. A 16-year-old bug in FFmpeg that automated testing tools hit five million times without catching. A 17-year-old exploit in FreeBSD that gives any unauthenticated attacker root access from anywhere on the internet.
Then they decided not to release it.
That decision, made by one company, voluntarily — is the most significant AI governance moment of 2026 so far. And almost no one is framing it that way.
There is no international framework that required Anthropic to withhold Mythos. No regulator reviewed it. No treaty governs it. One company’s leadership made a judgment call that this capability was too dangerous for open access. Instead they formed Project Glasswing — a consortium of AWS, Apple, Google, Microsoft, NVIDIA, CrowdStrike, JPMorganChase, and others — to let defenders patch before similar capabilities reach bad actors. Anthropic committed $100 million in usage credits and $4 million in direct donations to open source security organizations.
That is responsible. It is also unrepeatable at scale.
When the next company — or the next country’s military research lab — reaches Mythos-level capability, what compels them to make the same choice? Nothing. We are relying on corporate conscience as our primary governance mechanism for the most powerful cyber capability ever built. That should concern everyone, but especially those of us in regions with the least leverage to influence these decisions and the most to lose when the next actor is less principled.
2. The compression paradox
This same week, Refiant AI raised $5 million to compress frontier AI models to run on local machines. That is genuinely exciting for access — African enterprises deploying advanced AI without depending on expensive cloud compute. In my LinkedIn post a few weeks ago, I called this the leapfrog opportunity: skipping the infrastructure race entirely by making models small enough to run on what we already have.
But follow the thread. If you can compress a frontier model to fit on a laptop, eventually you can compress offensive capability too. The same technical breakthrough that democratizes access democratizes risk. Model compression for deployment and model compression for attack are the same engineering problem. The companies solving one are inadvertently solving the other.
This is not hypothetical. Mythos Preview found vulnerabilities that purpose-built security tools missed for decades. Now imagine a compressed version of that capability — not locked inside a consortium of twelve carefully vetted companies, but running locally, offline, in the hands of anyone with a modern laptop and motivation. The barriers to that reality are shrinking faster than the governance frameworks needed to manage it.
For Africa, this creates a double bind. We need model compression to participate in the AI economy. But model compression also lowers the barrier for attacks on the infrastructure we are trying to build. The same door opens both ways.
3. Inherited security is inherited fragility
The counterargument to African exclusion from Glasswing sounds reasonable: these are the platforms we use. If AWS patches AWS, African banks on AWS benefit. If Microsoft secures Windows, every Windows deployment in Lagos benefits.
This is true for the platform layer. It is dangerously incomplete for everything else.
African institutions do not run vanilla cloud services. They run custom middleware connecting cloud platforms to core banking systems — integration layers that are nobody’s product and nobody’s responsibility to audit. They run local configurations that vary wildly from global defaults. They run sovereign systems — central banks, national ID platforms, mobile money infrastructure — that sit entirely outside any consortium’s scope.
And inherited security cuts both ways. In July 2024, a single faulty CrowdStrike update crashed 8.5 million Windows machines worldwide. Airlines grounded. Hospitals offline. Emergency services disrupted. That was not an attack. That was routine maintenance by the company you trusted with your security. When your protection is entirely inherited, someone else’s mistake becomes your national emergency.
Project Glasswing will patch the floor. No one is auditing the house we built on top of it. And when models with Mythos-level capability proliferate — which Anthropic themselves acknowledge is a matter of when, not if — the attackers will not target the floor. They will target the house.
One Question
Anthropic chose not to release Mythos. That decision protected everyone, including us. But it was voluntary — one company, one leadership team, one judgment call. When the next model with these capabilities emerges — and it will — who makes that call? And do they make the same one?
Hit reply if you’re thinking about this too.
Great insight. Point number three hits home.
And given we are in the dark about full capabilities of mythos, the next open model will be key to giving us the full picture of what we are truly dealing with.