A new Anthropic model found security problems ‘in every major operating system and web browser’

Anthropic has unveiled Project Glasswing, a cybersecurity initiative powered by its new, privately-held Claude Mythos Preview model. In partnership with tech giants like Nvidia, Google, AWS, Apple, and Microsoft, alongside security firms and financial institutions, the project aims to give defenders a massive advantage. The model autonomously scans code and systems, having already identified "thousands of high-severity vulnerabilities, including some in every major operating system and web browser," and developed related exploits without human steering. For now, access is tightly controlled and offered only to a vetted group of about 50 "defensive security" organizations to prevent malicious use.

Anthropic is committing up to $100 million in usage credits to subsidize the program for launch partners, which include JPMorgan Chase, CrowdStrike, and the Linux Foundation. The company has also briefed senior U.S. government officials on the model's offensive and defensive cyber capabilities. While Claude Mythos Preview wasn't specifically trained for security, Anthropic credits its success to "strong agentic coding and reasoning skills." The program represents a potential future revenue stream for Anthropic, evolving into a paid service if proven effective. This launch follows a recent data leak about the model, which the company attributes to human error.