Anthropic's Claude Mythos identified 10,000 critical vulnerabilities within a single month. The patches are unable to keep pace.

      **TL;DR** Anthropic’s Glasswing project identified over 10,000 critical vulnerabilities in 1,000 open-source projects within a month, but only 97 of these have been resolved.

      On Friday, Anthropic announced that its Project Glasswing, a controlled cybersecurity initiative, had discovered more than 10,000 high- or critical-severity vulnerability candidates in some of the world’s most significant software since launching just a month ago. Out of these, 1,726 have been confirmed as true positives, with 1,094 categorized as high- or critical-severity flaws, yet only 97 have been addressed.

      The disparity in these figures highlights a key issue. Anthropic’s Claude Mythos Preview, an advanced model specialized for detecting vulnerabilities in source code, identifies flaws at a speed that the open-source community struggles to keep up with. The 6,202 high- or critical-severity candidates affect over 1,000 open-source projects, and 88 advisories have been issued. The rate at which vulnerabilities are discovered vastly outpaces the rate of their remediation.

      Anthropic recognized that the relative ease of identifying vulnerabilities compared to the challenges in fixing them poses a significant issue for cybersecurity. The firm has called on developers to expedite patch cycles and ensure timely security updates. Oracle has already transitioned from quarterly to monthly patch releases to keep pace with this surge. Microsoft has cautioned that it anticipates a rising number of monthly patches for the foreseeable future.

      The most critical discovery thus far is a severe flaw in WolfSSL (CVE-2026-5194, CVSS score 9.1), a commonly used embedded TLS library that could enable attackers to forge certificates and impersonate legitimate services. This vulnerability is particularly concerning as WolfSSL is utilized in IoT devices, automotive systems, and industrial control environments where certificate forgery could have serious implications beyond standard web security.

      Glasswing operates under a restricted partnership framework. Around 50 organizations, deemed by Anthropic as key cybersecurity defenders, have access to Claude Mythos Preview, which is not available to the general public. XBOW, an autonomous offensive security platform, has described Mythos Preview as a significant breakthrough, stating it is “substantially better than earlier models at finding vulnerability candidates” and proficient in analyzing source code with a security focus. Cloudflare’s analysis has shown that the model excels at creating end-to-end attack chains from individual vulnerabilities, a skill that can be beneficial for defenders constructing threat models, but poses risks if misused.

      The defensive uses extend beyond just finding vulnerabilities. In one instance, a partner bank utilized Claude Mythos to detect and prevent a fraudulent $1.5 million wire transfer after an attacker infiltrated a customer’s email account and made deceptive phone calls. The model identified the fraud pattern before the transaction took place, emphasizing Anthropic’s view that cutting-edge AI models can provide significant advantages to defenders, provided access is restricted to responsible organizations.

      This timing coincides with a wider increase in AI-related security disclosures. Cyera’s Claw Chain vulnerabilities in OpenClaw, revealed earlier this month, illustrated how attackers can exploit an AI agent’s sandbox privileges. Koi Security’s audit of ClawHub identified 341 malicious entries among 2,857 available AI agent skills. The trend indicates that AI is both creating new attack vectors and offering more robust tools for identifying weaknesses in existing systems. The key issue is which side will evolve faster.

      Anthropic has initiated a Cyber Verification Program allowing approved security experts to use Claude without restrictions for legitimate tasks, including vulnerability research, penetration testing, and red teaming. OpenAI has launched a similar initiative titled Daybreak, which grants comparable access to GPT-5.5-Cyber. Neither Mythos Preview nor GPT-5.5-Cyber is accessible to the general public due to concerns about the lack of adequate safeguards against large-scale misuse.

      The competitive landscape between Anthropic and OpenAI in cybersecurity is intensifying, with both companies positioning their advanced models as essential tools for national and corporate cyber defense while simultaneously limiting access to mitigate the risk of misuse. The dual-use nature of this technology presents a policy challenge that neither company has fully addressed: if models with Mythos-level abilities become widely available, as Anthropic expects is likely in the near future, the current model of restricting access to 50 trusted partners may become unsustainable.

      Anthropic’s publicly available Claude models already rank among the most capable coding assistants on the market. The gap between the capabilities of Mythos and those of the public-facing Claude is closing with each new release. Anthropic urges organizations to prepare for a future where these advanced capabilities are broadly accessible by strengthening network configurations, implementing multi-factor authentication, and keeping thorough logs for detection and response.

      In just one month, the model has uncovered 10,000 vulnerability candidates from 50 partners. The software ecosystem now possesses a tool that can identify flaws quicker than developers can resolve them. This presents both an opportunity