
Anthropic's Project Glasswing Finds 10,000+ Critical Vulnerabilities Using AI
Anthropic's Project Glasswing used Claude Mythos Preview to discover over 10,000 high-severity vulnerabilities in critical software, accelerating cybersecurity at unprecedented scale.
Project Glasswing — What Is It?
Anthropic launched Project Glasswing last month as a collaborative effort to secure the world's most critical software before increasingly capable AI models can be weaponized against it. The project deploys Claude Mythos Preview — a specialized AI model tuned for security research — across approximately 50 partner organizations that build fundamental internet infrastructure.
After just one month, the results are staggering: partners have collectively found more than 10,000 high- or critical-severity vulnerabilities. Cloudflare alone discovered 2,000 bugs across their critical-path systems, with a false positive rate that their team considers better than human testers.
Why This Changes Cybersecurity Forever
The scale of discovery is what makes this breakthrough remarkable. Several partners report their bug-finding rate increased by more than 10x compared to traditional methods. The bottleneck has shifted from finding vulnerabilities to verifying, disclosing, and patching them fast enough.
This represents a fundamental shift in cybersecurity economics. Previously, defensive teams were always outnumbered — attackers had time and patience on their side. Now AI can scan vast codebases at machine speed, leveling the playing field for defenders.
Anthropic is now making some security tools available to qualifying customers, including skills, a Claude harness, and a threat model builder.
What This Means for Software Teams
If you build software, expect a new normal where AI-powered scanners continuously probe your code for weaknesses. The 90-day coordinated disclosure convention still applies, but the volume of findings will push teams toward faster patching cycles. Companies that invest in automated vulnerability remediation workflows will have a significant advantage.
Common Questions (FAQ)
Q1: Is Mythos Preview available to the public? A1: Not yet. It's currently limited to Project Glasswing partners, though Anthropic plans broader releases in the future.
Q2: How accurate is AI vulnerability detection? A2: Cloudflare reports a false positive rate better than human testers, though Anthropic acknowledges disclosed vulnerabilities remain a lagging indicator.
Q3: Should security teams be worried or excited? A3: Both. AI massively accelerates bug finding for defenders, but the same technology could be used by attackers. The race is on.
Stay ahead of the AI curve. Follow @AiForSuccess for daily insights.
📬 Want more AI solopreneur insights?
Subscribe to our weekly newsletter →Related Articles

AI Model API Aggregation Platforms: From Simple Proxies to Enterprise AI Hubs
AI API aggregation platforms are evolving beyond protocol translation. Discover how these platforms are becoming essential infrastructure for enterprise AI adoption.

AI Jobs Explosion: 12x Increase in AI Positions Signals Massive Talent Demand
The AI job market has exploded with a 12x increase in AI positions since 2025. Discover what's driving this talent rush and what it means for your career in artificial intelligence.

Anthropic's Claude Code Source Leak: 1900 Files, 500K Lines of Code Gone Public
In June 2026, Anthropic accidentally published nearly 1,900 source files and 500,000 lines of Claude Code's core codebase. Here's what the leak revealed and why it matters for AI developers.