Claude Mythos Preview, has reportedly found “thousands of high-severity vulnerabilities” in recent weeks. According to the company’s blog post, these flaws include issues present in “every major operating system and web browser.” The AI identified these vulnerabilities and developed related exploits “entirely autonomously, without any human steering.”
Project Glasswing is a collaborative effort with major industry players, including Nvidia, Google, Amazon Web Services, Apple, and Microsoft. Additional partners include JPMorgan Chase, Broadcom, Cisco, CrowdStrike, the Linux Foundation, and Palo Alto Networks, alongside approximately 40 other organizations involved in software infrastructure. Anthropic is currently offering access to Claude Mythos Preview exclusively to these “defensive security” partners, limiting its public release due to potential security risks.
While Claude Mythos Preview was not specifically trained for cybersecurity, Anthropic attributes its success to the model’s “strong agentic coding and reasoning skills.” Newton Cheng, Anthropic’s cyber lead for its frontier red team, indicated that the model is designed to give cyber defenders a crucial “head start” against malicious actors. The partners will leverage this AI to analyze their systems, pinpoint high-stakes vulnerabilities, and facilitate patching efforts. Access remains restricted to prevent adversaries from exploiting the model’s capabilities for offensive purposes.
Anthropic is committing substantial resources to Project Glasswing, including up to $100 million in usage credits for partners. Additionally, the company is providing $4 million in direct donations to the Linux Foundation and the Apache Software Foundation. While currently subsidized, Anthropic anticipates that the program could evolve into a paid service, establishing a new revenue stream as the demand for advanced AI-driven cybersecurity grows. The existence of Claude Mythos Preview was initially reported last month due to a data leak, which Anthropic attributed to human error, not software vulnerabilities. The company stated it is taking steps to solidify its internal processes.
Anthropic has confirmed ongoing discussions with US government officials regarding the offensive and defensive cyber capabilities of Claude Mythos Preview. Dianne Penn, a head of product management at Anthropic, stated the company has “briefed senior officials in the US government about Mythos and what it can do.” This engagement highlights the strategic importance of AI in national cybersecurity frameworks. The project’s success and expansion could significantly reshape how large organizations and governments approach system security, moving towards more autonomous and proactive defense mechanisms, as detailed in Anthropic’s publicly-released examples.
Follow Hashlytics on Bluesky, LinkedIn , Telegram and X to Get Instant Updates
