Anthropic's Claude Mythos identified 10,000 critical vulnerabilities in just one month. The patches are unable to keep pace.

      TL;DR: Anthropic's Project Glasswing discovered over 10,000 critical vulnerabilities in more than 1,000 open-source projects within a month, yet only 97 have been addressed. Anthropic revealed on Friday that its cybersecurity initiative, Project Glasswing, has identified over 10,000 high- or critical-severity vulnerabilities across vital software since launching a month ago. Of these, 1,726 were validated as true vulnerabilities, with 1,094 confirmed as high or critical. Only 97 have already been patched.

      The disparity in these numbers highlights a significant issue. Anthropic’s Claude Mythos Preview, a state-of-the-art model designed to find source code vulnerabilities, identifies flaws faster than the open-source community can manage. The 6,202 high- or critical-severity vulnerabilities impact over 1,000 open-source projects, leading to 88 advisories being issued. The speed of discovery vastly outpaces the speed of remediation.

      Anthropic noted, “The relative ease of discovering vulnerabilities versus the challenge of fixing them poses a considerable obstacle for cybersecurity.” The company is advocating for software creators to shorten patch cycles and implement security fixes more swiftly. Oracle has adapted by moving from quarterly to monthly patch releases to keep pace, while Microsoft has cautioned that the volume of monthly patches anticipated will “continue to increase for some time.”

      The most significant finding to date is a critical vulnerability in WolfSSL (CVE-2026-5194, CVSS score 9.1), a commonly used embedded TLS library that could enable attackers to forge certificates and impersonate legitimate services. WolfSSL is widely used in IoT devices, automotive systems, and industrial controls, where such vulnerabilities have serious implications beyond standard web security.

      Project Glasswing operates on a limited partner model, with around 50 organizations deemed as crucial defenders against cyber threats gaining access to Claude Mythos Preview. The model has not been made available to the general public. XBOW, an autonomous offensive security platform, characterized Mythos Preview as a significant leap forward, being “substantially better than previous models at identifying vulnerability candidates” and “skilled at analyzing source code with a security-focused approach.” Cloudflare’s review found the model excels at transforming individual vulnerabilities into comprehensive attack chains, a skill valuable for defenders but dangerous if misapplied.

      Its defensive applications extend beyond mere vulnerability detection. One Glasswing partner bank successfully utilized Claude Mythos to stop a fraudulent wire transfer of $1.5 million after an attacker accessed a customer’s email and made spoofed phone calls. The model detected the fraudulent pattern before the transaction was finalized, supporting Anthropic's claim that frontier AI models can give defenders a significant edge—provided that access is limited to organizations capable of responsible use.

      This development coincides with an increase in AI-related security disclosures. Cyera's Claw Chain vulnerabilities in OpenClaw, revealed earlier this month, showcased how attackers can exploit an AI agent's own sandbox privileges. Koi Security's assessment of ClawHub identified 341 malicious entries within 2,857 AI agent skills. The trend shows that AI is both creating new attack vectors and equipping users with stronger tools to identify existing vulnerabilities. The pressing question remains which side will evolve more rapidly.

      Anthropic has initiated a Cyber Verification Program permitting vetted security professionals to use Claude without restrictions for legitimate purposes, including vulnerability research and penetration testing. Similarly, OpenAI has launched a program called Daybreak, which offers comparable access to GPT-5.5-Cyber. Both Mythos Preview and GPT-5.5-Cyber are not available to the public due to concerns regarding effective safeguards against widespread misuse.

      The competitive landscape between Anthropic and OpenAI in the cybersecurity domain is heating up. Both firms aim to position their advanced models as crucial support for national and corporate cyber defense while simultaneously limiting access to prevent offensive applications. The dual-use nature of the technology presents a policy dilemma that neither company has fully addressed: should models with Mythos-level capabilities become widely accessible, as Anthropic acknowledges is likely soon, the current strategy of restricting access to 50 trusted partners will become untenable.

      Anthropic’s publicly available Claude models are already among the most proficient coding aids on the market. The gap between what Mythos can achieve and what the public version of Claude can do is closing with each new release. Anthropic is encouraging organizations to brace for a future where these abilities are commonplace by strengthening network configurations, enforcing multi-factor authentication, and maintaining thorough logs for effective detection and response.

      The discovery of 10,000 vulnerability candidates in just a month, initiated by 50 partners using a singular model, signifies that the software ecosystem now has tools that uncover flaws more quickly than developers can resolve them. This represents both a significant opportunity and a pressing challenge. Anthropic describes Glasswing as an asymmetric advantage for defenders, which it is. However, such advantages are typically short-lived, and time is already ticking down on this one.