Anthropic's Project Glasswing finds 10,000+ vulnerabilities with Claude Mythos
Original: Project Glasswing: An Initial Update
Why This Matters
Demonstrates AI's potential to dramatically accelerate cybersecurity vulnerability discovery
Anthropic's Project Glasswing collaboration with 50 partners discovered over 10,000 high-severity vulnerabilities using Claude Mythos Preview AI model. Partners report bug-finding rates increased by 10x, with Cloudflare finding 2,000 bugs including 400 critical ones.
Anthropic launched Project Glasswing last month to secure critical software before AI models can exploit vulnerabilities. Using Claude Mythos Preview, the 50-partner collaboration has identified over 10,000 high or critical-severity vulnerabilities in systemically important software. Cloudflare found 2,000 bugs with 400 high/critical-severity ones, achieving better false positive rates than human testers. Mozilla discovered 271 vulnerabilities in Firefox 150, over ten times more than found in Firefox 148 with Claude Opus 4.6. The UK's AI Security Institute reports Mythos Preview is the first model to solve both their cyber ranges end-to-end. Progress is now limited by verification, disclosure, and patching speed rather than vulnerability discovery. Full details will be released after patches are deployed following the industry's 90-day disclosure convention.