Tools 5 min read

Project Glasswing: Anthropic's Claude Mythos Identifies Thousands of Zero-Days Across Major OS and Browsers

Key Takeaways

  • Anthropic launches Project Glasswing with Claude Mythos, an AI model capable of finding thousands of zero-days
  • Mythos identified zero-day vulnerabilities across all major OS and browsers
  • Partnership with AWS, Apple, Cisco, CrowdStrike, Google, Microsoft, NVIDIA, Palo Alto
  • The model will not be made public, access limited to ~40 organizations for critical infrastructure security

Anthropic Reaches a Turning Point in Offensive Security

On April 7, 2026, Anthropic announced Project Glasswing alongside the launch of Claude Mythos Preview, an artificial intelligence model specifically designed for high-complexity offensive and defensive security tasks. The announcement marks a clear break from the typical trajectory of major AI laboratories: rather than releasing a general-purpose model, Anthropic chose a radically restricted distribution approach due to the dual-use potential of the technology.

Claude Mythos Preview is not a security model like those the industry has seen before. Internal evaluations and tests conducted with partner organizations show that the model can identify zero-day vulnerabilities across all major operating systems (Windows, macOS, Linux, iOS, Android) and the most widely used browsers (Chrome, Firefox, Safari, Edge). This is not a handful of flaws: the figures cited by Anthropic describe thousands of vulnerabilities identified during testing phases.

A Model That Can Also Exploit What It Finds

The most significant characteristic of Claude Mythos, and the most debated in the security community, is its ability to go beyond simple vulnerability identification. When directed by an authorized operator, the model can generate functional exploit code for the flaws it discovers.

This directed exploitation capability distinguishes Mythos from existing vulnerability scanning tools. Tools like Nessus, Qualys, or Rapid7 identify problematic configurations and software versions known to be vulnerable. Mythos understands source code, reasons about execution paths, and can design original exploit proofs of concept.

From the defenders’ perspective, this capability represents a significant accelerator for red team teams and security researchers tasked with testing the resilience of critical infrastructure. From the critics’ side, some experts express legitimate concern: a model this capable, in the wrong hands, would be an unprecedented force multiplier for malicious actors.

Deliberately Limited Access

Anthropic anticipated these objections by making radical distribution decisions. Claude Mythos Preview will not be available via Anthropic’s public API or through Claude.ai. Access is restricted to approximately 40 organizations specifically selected for their role in securing global critical infrastructure.

The list of announced partners for Project Glasswing includes actors representative of the entire technology value chain: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. These organizations were chosen because they are, collectively, responsible for a considerable share of the software and infrastructure on which the global digital economy depends.

To support the initiative, Anthropic commits to providing 100 million dollars in model usage credits to participating organizations, representing substantial computational resources for conducting large-scale vulnerability research campaigns.

The Project Glasswing Governance Framework

Project Glasswing is not limited to making the model available. Anthropic accompanied the launch with a governance framework that defines terms of use, responsible disclosure obligations, and oversight mechanisms. Participating organizations commit to using Mythos exclusively for defensive research, disclosing discovered vulnerabilities through existing responsible disclosure processes, and not sharing model access outside their organization.

The Linux Foundation plays a particular role in this arrangement, serving as a neutral coordinator for managing disclosures involving open source software. JPMorgan Chase’s presence on the partner list illustrates that the program extends beyond purely technology companies to include critical infrastructure operators from the financial sector.

Implications for Vulnerability Research

The announcement of Project Glasswing has implications that extend beyond Anthropic alone. It marks the official recognition by a leading AI laboratory that advanced language models have reached a level of security competence that makes them dangerous if widely accessible, and potentially indispensable if properly channeled.

For security teams at large organizations, this announcement should accelerate thinking about integrating AI into vulnerability management processes. The question is no longer whether AI can find zero-days (Mythos answers that clearly), but how to structure the use of these capabilities in an ethical and controlled manner.

For organizations not among the 40 Project Glasswing partners, the message is equally clear: your potential adversaries, whether nation-states or sophisticated cybercriminal groups, will seek to develop or obtain equivalent capabilities. The window during which zero-day discovery required years of specialized human expertise is closing.

What This Changes for Your Security Teams

The Mythos announcement should lead CISOs and security teams to reconsider their threat model. If an AI model can identify thousands of zero-days in major OS and browsers, it implies that these vulnerabilities exist and have existed without being discovered by human researchers. The actual attack surface of your systems is probably broader than your current tools can identify.

Concretely, this reinforces the importance of several already recognized but often under-invested practices: network segmentation to limit the impact of exploitation, the principle of least privilege to reduce what an attacker can do after an initial compromise, and behavioral detection to identify active exploitations independently of known signatures.

Furthermore, this development underscores the urgency of keeping all software up to date. The more quickly vendors can apply Mythos-style analysis to their own codebases, the faster known vulnerabilities can be patched before adversaries develop their own AI-assisted exploitation capabilities. Proactive vulnerability management becomes not just a compliance checkbox but a genuine competitive advantage in resilience.

For your organization’s sensitive communications in this context of uncertainty around zero-days, NordVPN provides connection encryption that protects your network flows independently of the state of your endpoints.

These are affiliate links. If you make a purchase through these links, we may receive a commission at no additional cost to you.

  • Destination CISSP: A Concise Guide: covers threat modeling and strategic security frameworks that help organizations adapt to AI-driven vulnerability discovery at scale.
  • CompTIA Security+ Study Guide: solid foundation for understanding vulnerability classes and defensive strategies applicable to the threats Mythos can now surface automatically.
  • Cybersecurity Essentials: accessible entry point for technical teams needing to understand the security landscape shifting under AI-assisted research.

Sources

#Anthropic #Claude-Mythos #Glasswing #ai-security #zero-day #open-source
Share :

Advertisement

Related Articles

CISA KEV: Catalog Anatomy and How to Integrate It Into Your Patch Management

Microsoft's Axios npm Remediation Guide: Complete Detection and Response Steps

FortiClient EMS actively exploited: check your exposure