🔍AI RiskAtlas
← Real-world cases

Project Glasswing — Claude 'Mythos' autonomously finds 10,000+ software vulnerabilities

Research demonstration26 May 2026

On 7 April 2026 Anthropic announced Project Glasswing, a defensive initiative that gave a restricted set of partners early access to 'Claude Mythos Preview' — which Anthropic characterises as a general-purpose, unreleased frontier model with an exceptional ability to identify software vulnerabilities and develop exploits. In a follow-up update reported widely on 26 May 2026, Anthropic said that within roughly the first month the model and its partners had surfaced more than 10,000 high- or critical-severity vulnerabilities across critical software, including issues in every major operating system and web browser and in long-lived open-source code (Anthropic cites examples such as decades-old flaws in OpenBSD, FFmpeg and the Linux kernel discovered autonomously). Per Anthropic's reported figures, scanning of 1,000+ open-source projects flagged about 23,019 potential issues, of which ~6,202 were estimated high- or critical-severity; independent reviewers reportedly validated a subset (figures around 1,700-1,750 reviewed findings) with more than 90% confirmed as true positives. Partners reportedly contributed their own results — Cloudflare around 2,000 bugs (about 400 high/critical) and Mozilla around 271 Firefox vulnerabilities — and a wolfSSL cryptography-library flaw was cited as enabling certificate-forgery attacks. Anthropic's central warning is a defensive-asymmetry one: a frontier model can now discover (and write working exploits for) vulnerabilities far faster than open-source maintainers can triage, report and patch them, prompting funding pledges (reportedly up to ~$100M in usage credits plus direct donations) and a tie-up with the Open Source Security Foundation's Alpha-Omega effort to help with remediation. All counts and the capability claims are Anthropic's own and its partners' assessments; the named flaws are illustrative of the reported results, not an operational catalogue.

More cases on Capability / Architecture Disclosure

AI RiskAtlas is an educational model of how GenAI & agentic systems work and fail. Architectures and payloads are illustrative and simplified for learning — not operational guidance. Real-world cases are summarised from public reporting.

Sources & further reading →·Built by Shi Yuan ↗