AI News May 23, 2026 · 4 min read

Anthropic Unleashes Project Glasswing and Claude Mythos Found 10,000 Vulnerabilities in a Month — The Safety Lab Built a Weapon and Pointed It at Open Source for Your Own Good

🤚 The Open-Palm Disclosure

Anthropic has published the first results of Project Glasswing, a collaborative cybersecurity initiative launched in April 2026 that pairs the company’s unreleased frontier model — Claude Mythos Preview — with approximately 50 partner organizations including major infrastructure companies and government entities. The goal: find and fix the world’s most dangerous software vulnerabilities before less scrupulous AI models do it for the other team.

The results are, to use a technical term, preposterous:

  • 10,000+ high- or critical-severity vulnerabilities identified across open-source projects in a single month
  • 6,202 of those found directly by Mythos Preview
  • A 90.6% accuracy rate validated by independent security firms, with 62.4% confirmed as genuinely high or critical severity
  • 88 security advisories published from 23,000 total findings
  • 2,100+ vulnerabilities already patched via Claude Security Enterprise in just three weeks

For context, this is the same model that became the first AI to solve UK AI Security Institute cyber range simulations end-to-end and currently outperforms every existing model on exploit development benchmarks. XBOW, the security evaluation firm, called it “a significant step up over all existing models” with “absolutely unprecedented precision.”

👐 The Two-Handed Vulnerability Report

The partner results read like a cybersecurity highlight reel that someone accidentally set to fast-forward. Cloudflare found 2,000 bugs — 400 of them critical or high-severity — with false positive rates “better than human testers.” Mozilla discovered 271 vulnerabilities in Firefox 150, which is over ten times more than they found in Firefox 148 using Claude Opus 4.6. Palo Alto Networks released five times their usual number of patches. Microsoft and Oracle reported similar acceleration.

Let that sink in for a moment. The same company that we reported was leasing Elon Musk’s supercomputer and posting its first profitable quarter has now essentially built an AI that can audit the entire open-source ecosystem faster than maintainers can read their email.

The Hacker News discourse was predictably bifurcated. Enthusiasts called it the most significant cybersecurity development in years. Skeptics questioned whether Mozilla’s higher vulnerability count reflected genuine model improvement or just “more intensive scanning with better harnesses.” Others noted that access to Mythos remains restricted to select partners — there’s no general availability — making independent verification difficult. One commenter raised the unsettling question of perverse incentives: if you monetize vulnerability-finding separately from vulnerability-prevention, what exactly is your motivation to make software actually secure?

🌿 The Gentle Awakening

Here is the part of the briefing where we pause to appreciate the cosmic absurdity of the moment. Anthropic — the company founded because its leaders thought OpenAI wasn’t being careful enough — has built the most powerful offensive cybersecurity tool in history, and their strategy for making the world safer is to use it first and very quickly.

The company’s own blog post acknowledges the fundamental tension with refreshing candor: “The fundamental bottleneck in cybersecurity has shifted. Finding vulnerabilities is now trivial for advanced AI; the constraint is human capacity for verification, disclosure, and patching.” Translation: the robot can find ten thousand holes in a month, but humans still need to fill them in one at a time with their little human hands.

This creates what Anthropic delicately calls “an interim period of heightened risk” — the window between when AI discovers vulnerabilities at superhuman speed and when humans manage to actually deploy patches. It’s the cybersecurity equivalent of someone handing you a list of every unlocked door in your house while you’re still looking for the right key.

👑 The Gold-Leaf Security Briefing

Project Glasswing is, depending on your perspective, either the most responsible thing a frontier AI lab has ever done or the most elaborate flex in Silicon Valley history. Possibly both. Anthropic has essentially said: “Our model is so powerful at finding vulnerabilities that we need a coalition of 50 organizations and multiple governments just to handle the output.”

The strategic implications are significant. Anthropic plans to expand Glasswing partnerships with the US and allied governments while developing stronger safeguards before any general release of Mythos-class models. This positions them not just as an AI company but as a cybersecurity infrastructure provider — one that happens to have the most potent vulnerability scanner on the planet as a byproduct of building a chatbot.

Anthropic’s advice to the industry is characteristically measured: accelerate patch cycles, simplify updates, strengthen baseline controls like multi-factor authentication and comprehensive logging. In other words: the AI found your bugs, now please fix them before someone else’s AI finds them too.

The race between AI-powered offense and human-paced defense has officially begun. The good news is that the safety lab fired the starting gun. The bad news is that the starting gun found 10,000 vulnerabilities in itself.

“We built the most powerful vulnerability scanner in history and our biggest challenge is that humans can’t patch fast enough. We considered automating that too, but our legal team had feelings.” — The Slap of Wisdom Responsible Disclosure Desk, filing this report from a codebase that has been scanned, flagged, triaged, and spiritually humbled