An initiative to secure the world's software | Project Glasswing

2026-04-07 · Source: Anthropic · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Software Development & Engineering · Depth: Advanced, short

Summary

Anthropic has developed "Claude Mythos Preview," a new large language model (LLM) demonstrating significant advancements in cybersecurity capabilities, despite not being specifically trained for it. The model, a side effect of being highly proficient in code generation, is reportedly as effective as a professional human at identifying software bugs. Claude Mythos Preview excels at chaining multiple vulnerabilities, sometimes three to five, to create sophisticated exploits, a capability attributed to its enhanced autonomy in pursuing long-range tasks typical of human security researchers. Recognizing the potential for misuse, Anthropic will not release the model widely. Instead, they launched "Project Glasswing," a collaborative initiative partnering with organizations maintaining critical codebases to provide them with early access to the model, aiming to proactively reduce risk and accelerate vulnerability patching across major platforms like OpenBSD and Linux. Early successes include discovering a 27-year-old OpenBSD crash bug and multiple Linux privilege escalation vulnerabilities.

Key takeaway

For CTOs and security architects evaluating advanced defensive tools, Claude Mythos Preview demonstrates that LLMs can significantly accelerate vulnerability discovery and patching. Your teams should explore partnerships with AI developers offering controlled access to such models, as this collaborative approach provides a crucial head start in securing critical infrastructure against increasingly sophisticated threats. Proactive engagement can help fix bugs before they are exploited, enhancing overall system resilience.

Key insights

Advanced LLMs trained for code can autonomously identify and chain complex software vulnerabilities, enhancing cybersecurity defense.

Principles

• Code proficiency correlates with cyber capability.
• Autonomous LLMs excel at long-range security tasks.

Method

Claude Mythos Preview identifies and chains multiple low-impact vulnerabilities to create sophisticated exploits, mimicking human security researchers' extended task execution.

In practice

• Scan open-source operating system code for deep-seated bugs.
• Collaborate with LLM developers for early access to defensive tools.

Topics

• Software Vulnerabilities
• Claude Mythos Preview
• Project Glasswing
• Large Language Models
• Cybersecurity Defense

Best for: CTO, VP of Engineering/Data, AI Architect, Software Engineer, AI Security Engineer, Policy Maker

Related on AIssential

• Anthropic, Big Tech launch Project Glasswing for AI-led cybersecurity - Business Standard — Project Glasswing deploys Claude Mythos AI for defensive cybersecurity, identifying vulnerabilities across major systems.
• Measuring LLMs' Ability to Develop Exploits — Claude Mythos Preview significantly advances LLM exploit development, achieving end-to-end attacks and outperforming prior models on new benchmarks.
• Anthropic's Project Glasswing - restricting Claude Mythos to security researchers - sounds necessary to me — Advanced LLMs are now autonomously finding and exploiting critical software vulnerabilities at an unprecedented scale.
• Behind the Scenes Hardening Firefox with Claude Mythos Preview — Advanced LLMs, when properly harnessed, can dramatically improve software security by finding numerous vulnerabilities.
• Claude just BROKE the ENTIRE INDUSTRY... — Frontier AI models now autonomously discover and exploit zero-day vulnerabilities, posing significant cybersecurity risks.
• Expanding Project Glasswing — AI models are rapidly changing cybersecurity, necessitating industry-wide adaptation and robust defensive tools.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Anthropic.