Anthropic said Friday its Claude Mythos Preview model has found more than 10,000 high- or critical-severity software vulnerabilities across the world's most systemically important software in the first month of Project Glasswing, a controlled cybersecurity initiative with roughly 50 partner organizations. The company wrote that progress on software security used to be limited by how quickly vulnerabilities could be found but is now constrained by how fast they can be verified, disclosed, and patched. Cloudflare, Mozilla, Microsoft, and Oracle are among the organizations reporting sharply higher patch volumes as AI-driven discovery accelerates beyond the capacity of maintainers to respond.

Key Takeaways

AI-generated summary, reviewed by an editor. More on our AI guidelines.

Partner findings

Cloudflare found 2,000 bugs across its critical-path systems, including 400 classified as high- or critical-severity, with a false-positive rate its security team rated better than human testers, the company noted in a May 18 blog post. Mozilla identified and fixed 271 vulnerabilities in Firefox 150 while testing Mythos Preview, more than ten times the number it found in Firefox 148 with Claude Opus 4.6. The UK's AI Security Institute stated Mythos Preview became the first model to solve both of its multistep cyberattack simulations end to end. At one Glasswing partner bank, Mythos Preview detected and prevented a fraudulent $1.5 million wire transfer after a threat actor compromised a customer email account, Anthropic confirmed.

Open-source bottleneck

Anthropic's open-source scan covered more than 1,000 projects. The company logged 23,019 findings, including 6,202 the model rated high or critical. Six independent security research firms reviewed 1,752 of the high- or critical-rated reports; 1,587 were valid true positives, and 1,094 remained high or critical after human review. Anthropic's public CVE list now names CVE-2026-5194, a patched wolfSSL certificate-forgery flaw. The library is used in billions of devices, according to Anthropic's May 21 update.

Anthropic's May 21 update counted 530 high- or critical-severity reports sent to maintainers; its dashboard showed 75 patched bugs and 65 public advisories at the same point. The company lists another 827 confirmed vulnerabilities awaiting disclosure. It says a serious Mythos bug takes two weeks to patch on average, and several maintainers have asked Anthropic to slow the reporting pace because they need more time to design fixes.

Industry and government response

Palo Alto Networks released more than five times its usual number of patches in a recent update cycle. Microsoft told customers its patch volumes will "continue trending larger for some time." The Pentagon is deploying Mythos to find and patch software vulnerabilities across the U.S. government, Reuters reported May 12, while President Donald Trump was set to sign an AI cybersecurity executive order, Bloomberg reported.

Anthropic has briefed the Financial Stability Board, chaired by Bank of England Governor Andrew Bailey, on Mythos implications, the Guardian reported May 18. Goldman Sachs CEO David Solomon described himself as "hyper-aware" of the model's capabilities last month, and JP Morgan CEO Jamie Dimon told the outlet AI had made cyber defense "harder." On May 18, Anthropic revised its partner agreements to allow sharing of Mythos findings with organizations outside Project Glasswing, and Verizon joined the coalition.

What comes next

Anthropic stated it plans to expand Project Glasswing to additional partners in coordination with U.S. and allied governments. The company aims to make Mythos-class models available through a general release once it develops stronger safeguards. For now, Anthropic has released Claude Security in public beta for enterprise customers; Claude Opus 4.7 has been used to patch more than 2,100 corporate vulnerabilities in its first three weeks. Cisco, a Glasswing partner, open-sourced its Foundry Security Spec to help other organizations build evaluation systems. Anthropic plans a full public accounting of Glasswing-identified vulnerabilities in July 2026.

Frequently Asked Questions

What is Project Glasswing?

Project Glasswing is Anthropic controlled cybersecurity initiative that gives roughly 50 partner organizations access to the unreleased Claude Mythos Preview model to find and fix software vulnerabilities before malicious actors can exploit them.

Why did Anthropic not release Mythos publicly?

Anthropic determined Mythos Preview can autonomously find and exploit zero-day vulnerabilities across every major operating system and browser. The company considers the dual-use risk too high for a general release without stronger safeguards.

How many vulnerabilities has Mythos found?

More than 10,000 high- or critical-severity vulnerabilities across partner systems, plus 6,202 in 1,000-plus open-source projects, with a 90.6 percent true-positive rate confirmed by independent security firms.

Who has access to Mythos Preview?

Roughly 50 organizations including Apple, Microsoft, Google, Cloudflare, JP Morgan, and CrowdStrike. The Pentagon is also deploying it, and Verizon joined the coalition in May 2026.

When will Mythos-class models be publicly available?

Anthropic plans a general release once it develops "far stronger safeguards" but has not specified a timeline. A full public accounting of Glasswing findings is expected in July 2026.

AI-generated summary, reviewed by an editor. More on our AI guidelines.

Two Cyber Models, Two Opposite Bets. The Subsidy Era Ends.
San Francisco | Wednesday, April 15, 2026 OpenAI shipped GPT-5.4-Cyber to thousands of verified defenders on Tuesday, exactly one week after Anthropic restricted Mythos Preview to roughly forty vette
The Implicator
OpenAI Builds Cybersecurity Product for Select Partners as AI Hacking Fears Mount
OpenAI is finalizing a product with advanced cybersecurity capabilities for a limited set of partners, Axios reported Thursday, becoming the second major AI lab in a week to restrict access to tools c
The Implicator
Stanford's 2026 AI Index puts US lead over China at 2.7% as DeepSeek V4 stalls
The number landed quietly inside a 423-page PDF that Stanford released Monday morning. Top American AI model, 1,503 points on the Arena Leaderboard. Top Chinese AI model, 1,464. The gap between Anthro
The Implicator
AI News

San Francisco

Editor-in-Chief and founder of Implicator.ai. Former ARD correspondent and senior broadcast journalist with 10+ years covering tech. Writes daily briefings on policy and market developments. Based in San Francisco. E-mail: [email protected]