Anthropic’s Project Glasswing surfaces 10,000+ critical vulnerabilities
TL;DR:
- Anthropic says approximately 50 Project Glasswing partners running Claude Mythos Preview have surfaced more than 10,000 high- or critical-severity vulnerabilities in systemically important software since the April launch.
- Cloudflare alone reports 2,000 bugs (400 high or critical) on its critical-path systems, with a false-positive rate Anthropic’s team rates as better than human testers; Mozilla found 271 vulnerabilities in Firefox 150 – over ten times more than Firefox 148 with Claude Opus 4.6.
- Scanning of 1,000+ open-source projects has surfaced an estimated 6,202 high- or critical-severity issues; on current post-triage true-positive rates, Anthropic projects nearly 3,900 confirmed high/critical issues across open source alone.
Anthropic’s first Glasswing progress note sits awkwardly between security-research transparency and product marketing, but the numbers are large enough to matter to UK security teams regardless. The headline finding is a structural one: bug-hunting has shifted from a discovery-rate problem to a verification-and-patching problem, with vendors scrambling to absorb the volume.
What partners are reporting
Anthropic cites several partner outputs. UK AISI – fresh from its Mythos pre-release evaluations and a NYT profile this week – reports Mythos Preview is the first model to solve both of the institute’s cyber-range simulations end to end. XBOW calls Mythos Preview “a significant step up over all existing models.” Academic benchmarks ExploitBench and ExploitGym show Mythos as the strongest performer for exploit development. At one Glasswing partner bank, Mythos helped detect and prevent a fraudulent $1.5m wire transfer triggered by a customer email compromise.
The downstream effect on vendor patch volume is visible. Anthropic cites Palo Alto Networks releasing over five times its usual patch count, Microsoft saying patch volume will “continue trending larger for some time,” and Oracle finding and fixing vulnerabilities across products and cloud “multiple times faster than before.”
The disclosure tension
Anthropic is choosing not to fully detail partner findings, citing the 90-day Coordinated Vulnerability Disclosure window. That trade-off – publishing aggregate metrics now and full case detail later – sits inside a wider tension: a frontier-model offensive capability is now being deployed at scale to defenders, but it is the same capability that could be turned the other way. AISI’s parallel evaluation work this week sharpens the question. For UK businesses, the practical read is that the patch volume in critical infrastructure software is about to rise sharply.
Looking forward
The next milestone is how vendors absorb the patching load and how disclosure norms evolve once enough Mythos-found vulnerabilities are public. Expect more partner-bank case studies once dollar-value loss-prevention claims can be verified, and continued AISI-anchored evaluation work to anchor what models like Mythos can and cannot do at frontier capability. UK SMEs running infrastructure built on the open-source projects Anthropic has scanned should expect an unusually heavy update season in the second half of 2026.