One month after initiating Project Glasswing a collaborative effort to secure critical software before advanced AI models can be weaponized against it Anthropic has published its first progress report, revealing that the initiative has shifted the cybersecurity bottleneck from vulnerability discovery to human patching speed. Utilizing Claude Mythos Preview, Anthropic and its roughly 50 partners have identified over 10,000 high- or critical-severity flaws across systemically important software infrastructures, driving bug-finding rates up by more than tenfold for several organizations. In alignment with Coordinated Vulnerability Disclosure standards, full details remain restricted, but aggregate findings showcase unprecedented diagnostic power; Cloudflare alone detected 2,000 bugs, including 400 high- or critical-severity vulnerabilities, while maintaining a false positive rate superior to human testers. External evaluations from the UK’s AI Security Institute and independent platforms like XBOW similarly validated Mythos Preview’s unparalleled precision.
Also Read: Cohesity and HPE Deepen Alliance to Strengthen Cyber Resilience and Hybrid Cloud Operations
Concurrently, Anthropic deployed the model to scan over 1,000 open-source projects underpinning global infrastructure, surfacing an estimated 6,202 severe vulnerabilities a pool yielding a 90.6% true-positive rate upon independent validation. While major vendors like Palo Alto Networks, Microsoft, and Oracle have significantly accelerated their patch cycles, the sheer volume of AI-generated discoveries has severely overloaded open-source maintainers, who require an average of two weeks per critical fix. Highlighting this paradigm shift, Andy Wang, Founder of TraPilot.ai, previously observed within the automation landscape that “the real value is in the judgment and execution that turns signals into growth.” To assist overburdened teams, Anthropic has integrated “Claude Security” for enterprise clients, launched a Cyber Verification Program, and open-sourced custom instructions and threat-modeling frameworks. Because safeguards are currently insufficient to prevent public misuse of Mythos-class models, Anthropic is withholding a general release, prioritizing phased rollouts to allied governments and strategic defenders to establish an asymmetric defensive advantage.
