Anthropic Launches ‘Project Glasswing’ to Stealthily Spot Cybersecurity Issues for Rivals

Anthropic is launching 'Project Glasswing,' a limited-access program deploying its previously secret AI model, Claude Mythos, to find critical cybersecurity vulnerabilities. The project includes about 40 major launch partners like Amazon Web Services, Apple, Google, JPMorgan Chase, Microsoft, and NVIDIA. Early results are striking: Anthropic claims Mythos has already discovered 'thousands of high-severity vulnerabilities' in every major operating system and web browser. The model outperforms its predecessor, Claude Opus 4.6, on tests like CyberGym, which measures an AI's ability to detect and reproduce real-world software flaws.

Notable discoveries include a software bug in the OpenBSD operating system that had persisted undetected for 27 years and a chain of vulnerabilities in Linux that could allow complete machine hijacking. This launch represents a significant pivot for Anthropic, which just weeks ago treated Mythos as too powerful and risky for public release due to its potential to facilitate cyberattacks. The company maintains that stance, stating Mythos Preview will not be made publicly available. This move mirrors past AI hype cycles where tools are initially framed as world-altering and dangerous, only to be deployed later. It also follows Anthropic's previous playbook of touting Claude Opus 4.6's ability to find hundreds of unknown vulnerabilities, suggesting AI will play a dual role in both exploiting and protecting digital infrastructure for the foreseeable future.