Friday, Jul 10 | --:--
Back to home

Infrastructure

Cybersecurity United States

Anthropic Launches Project Glasswing to Secure Critical Software Using Claude Mythos Preview

On April 7, 2026, Anthropic announced Project Glasswing, a collaborative initiative with major tech companies to use its new frontier model, Claude Mythos Preview, to identify and fix vulnerabilities in the world’s most critical software before malicious actors can exploit them.

Tech Insights Reporter 6 min read San Francisco

TLDR\n\nAnthropic announced Project Glasswing on April 7, 2026, an urgent industry-wide effort to secure critical software infrastructure using Claude Mythos Preview—a new unreleased frontier model with unprecedented capabilities in finding and exploiting software vulnerabilities. The model has autonomously identified thousands of high-severity zero-day vulnerabilities across every major operating system and web browser, including decades-old flaws that survived extensive human and automated review. Founding partners include AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic is committing up to $100 million in usage credits for Mythos Preview and $4 million in donations to open-source security organizations.\n\n## Project Glasswing Announcement\n\nProject Glasswing was formed in response to capabilities observed in Claude Mythos Preview, which the company describes as a general-purpose frontier model that reveals a stark fact: AI models have reached a level where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.\n\nThe initiative brings together twelve launch partners to use Mythos Preview for defensive security work on critical systems. Anthropic will share learnings across the industry. Access has also been extended to over 40 additional organizations that build or maintain critical software infrastructure.\n\nAnthropic’s commitments:\n- Up to $100 million in usage credits for Mythos Preview.\n- $4 million in direct donations to open-source security organizations ($2.5 million to Alpha-Omega and OpenSSF via the Linux Foundation; $1.5 million to the Apache Software Foundation).\n\nThe goal is to give defenders a head start before similar capabilities become widely available to potential adversaries.\n\n## Claude Mythos Preview Capabilities\n\nMythos Preview demonstrates a leap in cybersecurity skills. In testing:\n- It found thousands of high-severity vulnerabilities, many critical, in every major OS and browser.\n- Examples include a 27-year-old vulnerability in OpenBSD (used for firewalls and critical infrastructure) that allowed remote crashes; a 16-year-old flaw in FFmpeg that automated tools missed after five million hits; and chained vulnerabilities in the Linux kernel for full machine control.\n- Non-experts at Anthropic used it to develop complete working exploits overnight.\n- On internal benchmarks (CyberGym and OSS-Fuzz-style tests), it significantly outperformed prior models like Opus 4.6 (e.g., 83.1% vs. 66.6% on vulnerability reproduction; tier 5 full control flow hijacks on 10 targets where previous models achieved none).\n\nThese capabilities have emerged from general improvements in code reasoning and autonomy, not specific training for hacking. The model can autonomously propose hypotheses, experiment, debug, and develop sophisticated exploits (including ROP chains, JIT sprays, and sandbox escapes).\n\n## Why this story matters\n\nThis marks a watershed moment where frontier AI capabilities in cybersecurity have crossed a threshold that fundamentally changes the attack-defense balance. What once required elite human expertise can now be done at scale by AI, compressing the window for discovery and exploitation. By channeling these powerful tools into coordinated defensive efforts like Project Glasswing—rather than a broad public release—Anthropic and partners aim to harden critical infrastructure before threats escalate. The involvement of major vendors and open-source foundations signals industry recognition that old hardening methods are insufficient and that AI-augmented defense must be adopted urgently. Long-term, such models could benefit defenders more, but the transitional period requires immediate, collective action.\n\n## Sources\n- Anthropic: “Project Glasswing: Securing critical software for the AI era” (April 7, 2026). https://www.anthropic.com/glasswing\n- Anthropic Frontier Red Team: “Assessing Claude Mythos Preview’s cybersecurity capabilities” (April 7, 2026). https://www.anthropic.com/research/mythos-preview\n- Partner announcements (e.g., Cisco, AWS, Microsoft, Linux Foundation) cross-referenced in the primary posts.\n\n## Featured Image Alt Text\n\nAnthropic Project Glasswing logo with Claude Mythos Preview model icon scanning code for vulnerabilities, surrounded by partner logos (AWS, Microsoft, Google, etc.), symbolizing collaborative AI-powered defense of critical software announced April 7, 2026\n\n## Tags\nAnthropic, Project Glasswing, Claude Mythos Preview, Cybersecurity, Vulnerabilities, Zero-Day, Critical Infrastructure, AI Security

Scroll to continue reading