AI developer Anthropic has provided more details about Project Glasswing, a cybersecurity initiative it has launched with several major technology and infrastructure players to secure critical software after observing advanced exploit capabilities in its newest AI model.
Project Glasswing brings together Amazon Web Services (AWS), Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks to address growing concerns within the cybersecurity community that AI models are now capable of discovering and exploiting vulnerabilities at a faster pace than humans can keep up with.
The impetus for Anthropic to lead the initiative came when the developer realised that its new Claude Mythos Preview large language model (LLM) could pose a significant security risk.
“Claude Mythos Preview is a general-purpose, unreleased frontier model that reveals a stark fact: AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.”
According to the post on Anthropic’s website, the model’s strong agentic coding and reasoning skills enable it to uncover and exploit security flaws when directed by the user that have existed for years, even decades without detection. Benchmarking results cited by the company suggest a notable performance gap between Mythos Preview and its previous models in cybersecurity-related tasks.
“Over the past few weeks, we have used Claude Mythos Preview to identify thousands of zero-day vulnerabilities (that is, flaws that were previously unknown to the software’s developers), many of them critical, in every major operating system and every major web browser, along with a range of other important pieces of software.”
The announcement highlights the risk that offensive capabilities could spread beyond controlled environments as tasks that once required specialist expertise are becoming more accessible to malicious attackers using LLMs.
Project Glasswing is an “urgent” attempt to put these capabilities to work for cyber defense before hackers gain access to them, Anthropic stated.
“Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. The fallout—for economies, public safety, and national security—could be severe.”
Why AI Capabilities Are Forcing a Rethink of Cybersecurity Strategies
Anthropic’s framing of Project Glasswing is rooted in a broader industry reality. Software systems underpinning banking, healthcare, logistics, and energy infrastructure remain riddled with vulnerabilities, some of which persist undetected for years. The US-based Centre for the Governance of AI estimates that global cybercrime costs at roughly $500BN annually, although precise figures remain difficult to verify.
Recent geopolitical tensions have added urgency, Anthropic noted. State-backed cyber activity attributed to countries such as China, Iran, North Korea, and Russia continues to target critical infrastructure, while smaller-scale attacks on hospitals, schools, and local institutions still produce significant economic damage, expose sensitive data, and even risk lives.
Against this backdrop, Anthropic suggests that AI models like Mythos Preview are lowering the barrier to exploiting software flaws in ways that “could reshape cybersecurity.” The dual-use dilemma is that the same systems that can automate defensive security work could also accelerate attacks if misused.
Early Mythos Preview Findings Reveal Scale of AI-Driven Vulnerability Detection
According to Anthropic, the Mythos Preview has demonstrated the ability to independently uncover long-standing vulnerabilities that had evaded automated testing as well as human review.
As more than 99 percent of the vulnerabilities it has found have not yet been patched, the company is holding off on disclosing details about them.
“Yet even the 1% of bugs we are able to discuss give a clear picture of a substantial leap in what we believe to be the next generation of models’ cybersecurity capabilities—one that warrants substantial coordinated defensive action across the industry.”
The vulnerabilities the model is finding autonomously are often subtle or difficult to detect, Anthropic added.
The oldest it has found so far that has been patched is a 27-year-old bug in OpenBSD, despite its reputation as “one of the most security-hardened operating systems in the world,” which is used to run firewalls and other critical infrastructure.
The model also found and chained together several vulnerabilities in the Linux kernel, which runs most of the world’s servers, potentially allowing an attacker to manipulate ordinary user access to take complete control of a machine.
The company also shared an example of a 16-year-old vulnerability in the widely-used FFmpeg video encoding and decoding tool that automated testing tools had failed to catch in five million hits.
These examples indicate the scale of the challenge that Project Glasswing is designed to tackle.
Project Glasswing Opens Access For Cross-Industry Collaboration
Given the security risks associated with it, Anthropic said that it does not plan to make Claude Mythos Preview generally available.
Instead, Project Glasswing’s launch partners will use the model as a controlled environment to find and fix vulnerabilities and weaknesses in their foundational systems. Collectively, their platforms account for a substantial share of global software deployments, including those used in customer experience environments and the applications used daily by enterprises and well as end users.
“We anticipate this work will focus on tasks like local vulnerability detection, black box testing of binaries, securing endpoints, and penetration testing of systems,” Anthropic noted.
Beyond the initial launch partners, Anthropic has granted access to the model to more than 40 other organizations that build or maintain critical software infrastructure so they can scan and secure their systems. The company has allocated them up to $100MN in model usage credits to do so. It is also providing $2.5M to Alpha-Omega and OpenSSF through the Linux Foundation and $1.5M to the Apache Software Foundation to help support open-source security initiatives.
Anthropic said it is also in ongoing discussions with US government officials about the emergence of advanced cyber capabilities and the importance of assessing and mitigating the national security risks associated with AI models.
As the developer stated:
“[O]ur eventual goal is to enable our users to safely deploy Mythos-class models at scale—for cybersecurity purposes, but also for the myriad other benefits that such highly capable models will bring. To do so, we need to make progress in developing cybersecurity (and other) safeguards that detect and block the model’s most dangerous outputs.”
Anthropic plans to launch new security safeguards with an upcoming Claude Opus model, allowing it to improve and refine them using a model that does not pose the same risk levels as Mythos Preview.
Cisco, which is among the partners that has been using Claude Mythos Preview for several weeks, stated that “AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back.”
But the company’s work with the model does highlight the other side of the equation, that the same capabilities that make AI models dangerous in the wrong hands allow developers to find and fix flaws—and produce new software with fewer bugs.
After all, the Project Glasswing initiative takes its name from the glasswing butterfly, which is known for its transparent wings. Anthropic said the metaphor reflects two aspects of modern cybersecurity risk: vulnerabilities that remain effectively invisible despite sitting in widely used systems, and the role of transparency in reducing exposure.
Anthony Grieco, SVP & Chief Security & Trust Officer at Cisco, stated:
“Our foundational work with these models has shown we can identify and fix security vulnerabilities across hardware and software at a pace and scale previously impossible. That is a profound shift, and a clear signal that the old ways of hardening systems are no longer sufficient.”
Grieco also pointed out the importance of vendors adopting new security tactics and customers responding by staying on top of updating their systems.
“Providers of technology must aggressively adopt new approaches now, and customers need to be ready to deploy.”
Project Glasswing Signals New CX Risks in the Age of AI Cyber Threats
The implications of Anthropic’s findings are significant for customer experience operations. As AI-driven cyber capabilities evolve, the risks to systems containing sensitive customer data increase, as does the threat to customer trust and brand perception.
Enterprises will need to revisit secure development practices, disclosure processes, and supply chain oversight as AI tools become embedded in development and security workflows.
Anthropic’s initiative also signals a potential shift toward more formalized collaboration between AI developers, software vendors, enterprises, and public sector bodies that could reshape how customer-facing systems are secured.
Project Glasswing indicates how quickly the cybersecurity conversation is evolving in the AI era, raising questions about whether defensive adoption can keep pace with the AI capabilities now emerging, and whether CX leaders are prepared for the potential impact.
