Imagine hiring a new security engineer. Not an ordinary one — one that never sleeps, never takes a break, and finds vulnerabilities within hours that thousands of human experts missed for decades. That's essentially what Anthropic revealed last week. And the consequences are far more sweeping than most headlines suggest.
On April 7, 2026, Anthropic announced Project Glasswing — a cross-industry initiative with the potential to transform the entire software security landscape. At its core is a new, unreleased frontier model called Claude Mythos Preview, which has found thousands of previously unknown zero-day vulnerabilities in virtually every piece of critical software. Including a bug that had been hiding in OpenBSD for 27 years — an operating system legendary for its security.
What Actually Happened
Over the course of several weeks, Anthropic used Mythos Preview to systematically scan open-source software for vulnerabilities. The results are unprecedented:
- A 27-year-old bug in OpenBSD — the operating system known primarily for its security, widely used in firewalls and critical infrastructure around the world. The vulnerability allowed an attacker to remotely crash any machine running the OS — simply by connecting to it.
- A 16-year-old bug in FFmpeg — the multimedia library embedded in virtually every video application, from VLC to YouTube. The affected line of code had been hit five million times by automated testing tools. Without a single detection.
- Multiple chained vulnerabilities in the Linux kernel that allowed an attacker to escalate from ordinary user access to complete control of the machine — through subtle race conditions and KASLR bypasses.
That alone would be remarkable. But the full dimension only becomes clear when you consider the scale: thousands of critical zero-day vulnerabilities. In every major operating system. In every major web browser. Over 99% remain unpatched — which is why Anthropic is withholding details for now, publishing only cryptographic hashes.
What Sets Mythos Apart From Everything Before It
Just three days ago, we wrote about Claude's ability to autonomously develop a FreeBSD kernel exploit. That was Claude Opus 4.6 — our daily working model. Mythos Preview operates in an entirely different league.
The numbers make the difference tangible: Anthropic ran both models against vulnerabilities in Firefox 147's JavaScript engine — all patched in Firefox 148. The task: turn discovered vulnerabilities into working exploits.
Opus 4.6: 2 successful exploits out of several hundred attempts. Near-0% success rate.
Mythos Preview: 181 working exploits, plus 29 more achieving register control.
This isn't incremental progress. It's a quantum leap. And it goes further: in one case, Mythos Preview wrote a browser exploit that chained four separate vulnerabilities, performed a complex JIT heap spray, and bypassed both the renderer and OS sandboxes. In another, it developed a remote code execution exploit for FreeBSD's NFS server, distributing a 20-gadget ROP chain across multiple packets to grant root access to unauthenticated users.
Perhaps most striking — and simultaneously fascinating: Non-experts could ask Mythos to find vulnerabilities. Engineers at Anthropic with no formal security training asked the model to find remote code execution vulnerabilities overnight. The next morning, a complete, working exploit was ready.
Why Anthropic Is NOT Releasing This Model
This is where it gets strategically interesting. Anthropic made a deliberate decision: Mythos Preview will not be made publicly available. Instead, they launched Project Glasswing — an initiative with the world's largest tech companies and security organizations.
The founding members read like a who's who of the industry: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Plus over 40 additional organizations that build or maintain critical software infrastructure.
The logic is simple and compelling: The capabilities Mythos demonstrates will proliferate. Other models will develop similar capabilities within months — and not all of them will be in the hands of responsible actors. Glasswing is designed to give defenders a head start before the same capabilities are used for offensive purposes.
Anthropic is investing significantly: up to $100 million in usage credits for Mythos Preview across Glasswing partners, plus $4 million in direct donations to open-source security organizations. This isn't a PR move — it's a strategic investment in the security of global software infrastructure.
Why This Affects Everyone — Not Just Big Tech
You might think: ”This doesn't affect me. We're not an operating system vendor.” Think again. The consequences reach deep into the daily reality of every company that uses software — which is every company.
The asymmetry is disappearing. Until now, exploit development was a craft that required years of specialization. That barrier has fallen. When an AI model can produce a working remote code execution exploit overnight, without its operator needing security expertise, the threat landscape changes fundamentally.
Open-source software will become more secure — but the transition will be turbulent. Most businesses build on open-source stacks: Linux servers, PostgreSQL databases, Node.js backends, FFmpeg for media processing. Glasswing will find and fix many hidden vulnerabilities in exactly this software. But between finding a flaw and rolling out a patch, there's a window — and that window is dangerous.
Patch cycles become existentially critical. Anyone who doesn't update their software promptly is now living more dangerously than ever. Because the tools that find vulnerabilities are getting better. And they won't only be used by the good guys.
The Bigger Picture: AI as Defender
Anthropic puts it this way: ”The same improvements that make the model substantially more effective at patching vulnerabilities also make it substantially more effective at exploiting them.”
That sounds threatening — but it's ultimately an opportunity. The history of security tools shows a recurring pattern: when software fuzzers like AFL were first deployed at scale, there were similar concerns. Yes, attackers could find vulnerabilities faster. But today, fuzzing is an indispensable part of the security ecosystem — projects like OSS-Fuzz systematically secure open-source software.
AI-powered vulnerability detection will follow a similar trajectory. In the long run, defenders benefit more. Defenders can apply these tools systematically across their entire codebase, while attackers only need to find individual entry points. Whoever uses the tools more effectively wins — and systematic application is the domain of defense.
However: during the transition period, attackers potentially have an advantage if frontier labs aren't careful about releasing such models. That's exactly why Glasswing matters — it gives defenders access first.
What This Means for Us at Cierra
We use Claude Opus — Anthropic's most capable publicly available model — as the core AI for our daily operations and our clients' systems. Our central AI Cira has been running on Claude since day one. We're not observers of this development — we're right in the middle of it.
What does Project Glasswing mean in practice?
First: AI-powered security is becoming the standard. It's only a matter of time before AI-driven vulnerability scans are integrated into every CI/CD pipeline. Companies that adopt this early will massively reduce their risk. We're already working on integrating such scans into our clients' development processes.
Second: The barrier to good security is lowering. Until now, you needed an expensive security team or costly external audits. If AI models can find vulnerabilities that human experts missed for decades, enterprise-level security becomes accessible to SMBs too. This is a democratizing development — and one we actively want to drive.
Third: Responsible AI use has never been more important. Project Glasswing shows why it's not enough to simply deploy AI. You need to understand what it can do — including things you never explicitly asked it to do. At Cierra, security isn't an afterthought: sandbox isolation, least privilege, explicit approval processes. These very principles become even more critical in a world with Mythos-level AI.
What You Should Do Now
The good news: you don't have to wait for Glasswing to take action.
- Prioritize patch management. If you haven't already: implement a process that rolls out security updates within days, not weeks. The window between vulnerability discovery and exploit is getting shorter by the month.
- Conduct a dependency audit. Which open-source libraries are embedded in your software? Are they current? Tools like Dependabot or Renovate automate this. Every outdated dependency is a potential entry point.
- Integrate AI security into your strategy. The question is no longer whether, but when AI-powered security analysis becomes standard. Start engaging with it now — before it becomes urgent.
- Demand responsible AI practices. Ask your software vendors: How is AI being used in development? Are AI-driven security scans being performed? The answers will be revealing.
Conclusion: The Arms Race Has a New Dimension
Project Glasswing is more than a partnership between tech giants. It's a signal: the AI security landscape has fundamentally changed. Models like Mythos Preview can find vulnerabilities that withstood 27 years of human review and millions of automated tests.
That's simultaneously frightening and hopeful. Frightening because these capabilities will proliferate. Hopeful because — properly deployed — they can raise the security of the entire software infrastructure to a level that was never achievable through human analysis alone.
The question isn't whether AI will transform cybersecurity. The question is whether we as defenders are fast enough. Project Glasswing is a strong first step — but it's only the beginning.
---
Vittorio Emmermann is the founder and CEO of Cierra, a technology and AI company based in Göttingen, Germany. Cierra develops AI agents and automation solutions for mid-sized businesses — with the conviction that security is not an afterthought.
---
