https://www.anthropic.com/research/glasswing-initial-update
Anthropic has published an initial update on Project Glasswing, a collaborative security initiative launched last month in which the company and approximately 50 partner organisations have used Anthropic’s most capable AI model, Claude Mythos Preview, to systematically scan the world’s most widely deployed software for security vulnerabilities.
The results to date are significant in scale: in the first month of operation, partners collectively identified more than ten thousand high- or critical-severity vulnerabilities across critical-path systems, with several organisations reporting that their rate of vulnerability discovery has increased by a factor of ten or more. Cloudflare, one of the participating partners, found 2,000 vulnerabilities across its critical systems, 400 of which were rated high or critical-severity, at a false positive rate its security team considered superior to human testers. Mozilla found and fixed 271 vulnerabilities in Firefox 150 during Mythos Preview testing, compared to the number found in Firefox 148 using the previous generation of AI assistance. The UK’s AI Security Institute has reported that Mythos Preview is the first AI model to solve both of its cyber range simulations end to end.
The finding represents a shift in where the bottleneck in the security process has moved. Anthropic states directly that progress on software security is no longer limited by how quickly vulnerabilities can be found, it is now limited by how quickly humans can verify, disclose, and patch them. Anthropic has separately used Mythos Preview to scan more than 1,000 open-source software projects, identifying an estimated 6,202 high or critical-severity vulnerabilities. Of the 1,752 that have been independently assessed by one of six security research firms, 90.6 percent were confirmed as valid, and 62.4 percent were confirmed at high or critical severity. At those rates, Anthropic projects that its open-source scanning effort alone will surface nearly 3,900 confirmed high or critical-severity vulnerabilities.
The implications of Project Glasswing operate on two levels that warrant board-level attention. The first is immediate and positive: the software that underpins cloud platforms, networking infrastructure, and enterprise applications is being patched at a pace and scale that was not achievable before AI-assisted vulnerability discovery, and that reduces the risk exposure of every organisation that depends on it. The second is more strategic: the same AI capability that Anthropic is deploying defensively is available, in some form, to threat actors. Anthropic acknowledges this directly, framing Project Glasswing explicitly as a race to secure critical software before increasingly capable AI models can be turned against it. Organisations that have not yet moved beyond reactive patch management, applying fixes only after public disclosure and only to systems they directly control, are operating with a security posture that was designed for a threat environment that no longer exists. The appropriate response is to treat AI-accelerated vulnerability discovery as a permanent shift in the baseline, and to invest accordingly in the human capacity to triage, prioritise, and deploy patches at a speed that matches the new rate at which they are being generated.