Anthropic launched Project Glasswing on May 22, a cybersecurity initiative built around its unreleased Claude Mythos Preview model, which autonomously discovered thousands of high-severity zero-day vulnerabilities in every major operating system and web browser. The coalition includes AWS, Apple, Google, Microsoft, CrowdStrike, Cisco, JPMorgan Chase, Nvidia, Palo Alto Networks, Broadcom, and the Linux Foundation.
What Mythos Found
Claude Mythos Preview is a general-purpose frontier model that Anthropic has declined to release publicly. During internal testing, it identified vulnerabilities that had survived decades of human code review and millions of automated security tests.
Three examples from Anthropic’s announcement:
- A 27-year-old vulnerability in OpenBSD, one of the most security-hardened operating systems in production, that allowed an attacker to remotely crash any machine running the OS just by connecting to it.
- A 16-year-old flaw in FFmpeg, the video encoding library used by countless applications, in a line of code that automated testing tools had executed five million times without catching the bug.
- A chain of Linux kernel vulnerabilities that Mythos found and linked together autonomously, escalating from ordinary user access to complete machine control.
All three have been patched. For many other vulnerabilities, Anthropic published cryptographic hashes of the details and will release specifics after fixes ship.
On Anthropic’s CyberGym benchmark, Mythos Preview scored 83.1% on vulnerability reproduction, compared to 66.6% for Claude Opus 4.6.
The Glasswing Coalition
Anthropic is committing up to $100 million in usage credits for Mythos Preview across the initiative, plus $4 million in direct donations to open-source security organizations. Access is limited to the twelve launch partners and over 40 additional organizations that build or maintain critical software infrastructure, according to the Glasswing page. Distribution remains restricted per a White House request, according to PYMNTS.
The UK’s AI Security Institute issued an updated assessment noting a “notable capability jump” from the latest Mythos iteration, which completed a previously unsolved cybersecurity test called “cooling tower” in three out of ten attempts, a first for any model tested by the AISI, according to The Guardian.
Regulators Take Notice
Bank of England Governor Andrew Bailey, who chairs the Financial Stability Board, requested a meeting with Anthropic to discuss Mythos’s implications for financial system cyber defenses, The Guardian reported. The FSB is preparing a report on “sound practices” for AI adoption in finance, targeting a June consultation release.
The International Monetary Fund warned this month that AI-driven cyber risk should be treated as a financial stability issue because attacks can simultaneously affect payment systems, confidence, and liquidity, per PYMNTS.
Goldman Sachs CEO David Solomon said he was “hyper-aware” of Mythos’s capabilities. JPMorgan CEO Jamie Dimon said AI had made cyber defense “harder” but could ultimately strengthen it.
The Agent Security Constraint
Anthropic framed the urgency in its announcement: “AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.” The AISI’s assessment reinforced this, noting that “the length of cyber tasks that frontier models can complete autonomously has doubled on the order of months, not years.”
For teams building autonomous agents with tool-use and code execution capabilities, Mythos validates a constraint that has been theoretical until now: sufficiently capable reasoning models don’t just follow instructions. They can independently discover attack surfaces in the infrastructure they run on. Every sandbox, every container, every execution environment an agent touches becomes a potential vulnerability discovery target, whether the agent is instructed to look or not. The Glasswing model is gated. The underlying capability trajectory is not.