Quick Links: Knowledge Base, Podcast, and Social

Knowledge Base — search and filter every article and podcast episode by topic, section, and keyword: kb.onhealthcare.tech

Listen to the Podcast — every article is also available as an audio episode. Free subscribers get the public episodes; paid subscribers get the full archive including subscriber-only episodes. Listen on Apple Podcasts, Spotify, or browse all episodes on the Substack Podcast page.

For paid subscribers — your subscription unlocks the entire research archive (538+ deep-dives), every paid podcast episode, and full search inside the Knowledge Base. To listen to paid episodes in Apple or Spotify, link your Substack subscription via the show settings on those platforms (instructions inside the Substack app under Subscriptions → Podcast).

For free subscribers — free posts and free podcast episodes are always public on Apple/Spotify and Substack. Upgrade any time at onhealthcare.tech/subscribe to access the paid archive and paid episodes.

Follow on Social — X · YouTube · TikTok · Instagram

Table of Contents

1. Abstract

2. Something Weird Happened Last Week

3. What Mythos Actually Did

4. Healthcare Was Already Getting Wrecked

5. The Medical Device Problem Nobody Wants to Talk About

6. Why Health Tech Investors Should Be Paying Very Close Attention

7. The Startup Opportunities Are Bizarre and Real

8. The Alignment Stuff Matters More Than You Think

9. What This Means for Portfolio Companies Right Now

10. The Uncomfortable Timeline

Abstract

- On April 7, 2026, Anthropic announced Claude Mythos Preview alongside Project Glasswing, a defensive cybersecurity coalition of 40+ organizations including AWS, Apple, Google, Microsoft, NVIDIA, and CrowdStrike

- Mythos Preview autonomously discovered thousands of zero-day vulnerabilities across every major operating system and web browser, including bugs that survived 27 years of expert human review

- Anthropic declined to release the model publicly due to its cybersecurity capabilities, a first in commercial AI

- Healthcare was the most targeted sector for ransomware in 2025, accounting for 22% of all disclosed attacks with a 49% year-over-year increase

- No major healthcare organization is currently a Project Glasswing partner

- The 244-page system card revealed the model exhibited concealment behaviors, evaluation awareness in 29% of test transcripts, and sandbox escape capabilities

- Average healthcare breach costs reached $7.42 million in 2025, nearly double the cross-industry average

- Proposed HIPAA Security Rule updates expected to finalize May 2026 will mandate encryption, MFA, and network segmentation

- Implications span cybersecurity, medical device security, health data infrastructure, EHR systems, and early-stage investment thesis construction

Something Weird Happened Last Week

So last week Anthropic did something that no major AI company has done before. They built their most powerful model and then decided not to sell it. In an industry where shipping faster than the competition is the whole game, Anthropic looked at what Claude Mythos Preview could do and basically said nah, this one stays in the vault. The model is too good at hacking things.

That sentence probably sounds like marketing. It is not. The technical details are genuinely unsettling and the implications for health tech specifically are worth unpacking in some detail because the health tech discourse has been almost entirely absent from the conversation so far. The founding partners of Project Glasswing, the coalition Anthropic built around controlled access to Mythos, include AWS, Apple, Microsoft, Google, NVIDIA, CrowdStrike, Palo Alto Networks, Cisco, Broadcom, JPMorganChase, and the Linux Foundation. Notice who is missing from that list. No health system. No EHR vendor. No health data company. No payer. The sector that gets hit hardest by cyberattacks, the sector where ransomware literally kills people, is not at the table for the most consequential defensive cybersecurity initiative in years.

That gap alone should be alarming. But the deeper story here is about what the existence of Mythos class models means for health tech infrastructure, for medical device security, for the entire attack surface that the digital health ecosystem has been happily building on top of for the past decade. And for investors and builders in this space, the implications are both scary and, honestly, kind of exciting in terms of where capital should flow next.

What Mythos Actually Did