Anthropic: Project Glasswing found 10,000 high-risk vulnerabilities in its first month using Claude Mythos Preview

Anthropic published its first monthly update on Project Glasswing on May 22, 2026 — an initiative using the Claude Mythos Preview model to scan critical software for vulnerabilities before attackers can exploit them. Project Glasswing brings together approximately 50 external partners, including security teams from Mozilla, the UK AI Safety Institute, and XBOW, who use Mythos models through a structured research-preview program. In the first month of operation, partners reported more than 10,000 high-risk and critical vulnerabilities across their own production codebases.

Anthropic simultaneously launched an open-source program through which Glasswing automatically scans 1,000+ JavaScript, Python, and Rust projects on GitHub and other platforms. In that part of the program, Mythos found 6,202 high-risk and critical vulnerabilities with a true-positive rate of 90.6 percent, measured through a coordinated triage process with project maintainers.

How does Project Glasswing work technically?

Project Glasswing combines the Claude Mythos Preview model with a pipeline that receives source code, builds a semantic model of functions and metadata, and then instructs the model to find specific classes of vulnerabilities — memory safety flaws, deserialization gadgets, race condition conditions, hardcoded credentials, and logic errors in authorization controls. Mythos generates hypotheses, attempts to reproduce them in a sandbox environment, and only forwards validated findings to human review teams.

Anthropic claims that Mythos uncovers flaws that traditional static analyzers and fuzzers miss because it combines semantic understanding with targeted experimentation. Mozilla stated in a coordinated disclosure that Mythos found 10 times more confirmed vulnerabilities in the Firefox codebase through the Glasswing program than previous rounds of internal and external penetration testing.

What do partners use it for and what are the results?

Among the reported figures, Anthropic highlighted several concrete partners. Mozilla announced that Mythos discovers security flaws 10× faster than its previous audit teams in the Firefox codebase. The UK AI Safety Institute uses Glasswing for independent verification of findings and evaluation of offensive model capabilities. XBOW, a company specializing in autonomous penetration testers, integrates Mythos into its autonomous penetration agent.

What does this change in cybersecurity?

Anthropic explicitly states that the main bottleneck has now shifted from discovering vulnerabilities to verifying and patching them. Thousands of confirmed critical flaws await coordinated disclosure and remediation, placing pressure on open-source project maintainers and vendor security teams. This is a structural change in cybersecurity — for decades the claim “we cannot keep up with the number of reported vulnerabilities” was an excuse for missed patching; it now becomes an excuse for insufficient organization.

Why do Mythos models remain closed?

Anthropic clarified in the same document that Mythos models remain in Preview access without broader public availability for now. The reason is dual-use risk: the same capability that helps partners find and close vulnerabilities would also enable attackers to automatically search for flaws in production systems. Anthropic assesses that current safeguards — including rate-limiting, access control through the partner program, and query monitoring — are insufficient for unrestricted public distribution.

The UK AI Safety Institute independently confirmed that assessment through its evaluation of the offensive capabilities of Mythos models. Anthropic announces expansion of the partner program in the coming months and the development of stronger safeguards that could enable broader access during 2027.