Anthropic, in collaboration with 12 major tech companies, has launched the “Glasswing” initiative, leveraging the unreleased state-of-the-art model Mythos to patch software vulnerabilities worldwide.
TechFlow Selected TechFlow Selected
Anthropic, in collaboration with 12 major tech companies, has launched the “Glasswing” initiative, leveraging the unreleased state-of-the-art model Mythos to patch software vulnerabilities worldwide.
Project Glasswing is a critical step for defenders to establish a lasting advantage in the upcoming AI-driven cybersecurity era.
Navigating Web3 tides with focused insightsAuthor: Anthropic
Translation & Editing: TechFlow
TechFlow Intro: Anthropic has released an unreleased frontier model, Claude Mythos Preview, whose code auditing capabilities already surpass those of the vast majority of human security experts—capable of autonomously discovering zero-day vulnerabilities that have existed for decades.
Leveraging this capability, Anthropic has launched Project Glasswing in partnership with 12 tech giants—including AWS, Apple, Google, Microsoft, and NVIDIA—committing $100 million in credit to proactively secure critical global software before adversaries acquire equivalent capabilities.
Introduction
Today we announce Project Glasswing, a new initiative bringing together Amazon Web Services (AWS), Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks—with the goal of protecting the world’s most critical software.
We are launching Project Glasswing because a new frontier model trained by Anthropic has demonstrated capabilities we believe may reshape the cybersecurity landscape. Claude Mythos Preview is a general-purpose, unreleased frontier model that reveals a sobering truth: AI models’ coding abilities have advanced to the point where, in discovering and exploiting software vulnerabilities, they now outperform everyone except the very top human experts.
Mythos Preview has already discovered thousands of high-severity vulnerabilities across every major operating system and every major browser. Given the pace of AI advancement, this capability will soon proliferate—and may fall into irresponsible hands. The economic, public safety, and national security consequences could be severe. Project Glasswing is an urgent effort to prioritize these capabilities for defense.
As part of Project Glasswing, the above partners will deploy Mythos Preview in their defensive security work; Anthropic will share lessons learned to benefit the entire industry. We have also opened access to over 40 additional organizations that build or maintain critical software infrastructure—enabling them to scan and harden both their own systems and open-source systems. Anthropic has committed up to $100 million in Mythos Preview usage credits, plus a $4 million direct donation to open-source security organizations.
Project Glasswing is only a starting point. No single institution can solve cybersecurity alone: frontier AI developers, other software companies, security researchers, open-source maintainers, and governments worldwide all play irreplaceable roles. Securing global network infrastructure may take years—while frontier AI capabilities could leap forward dramatically in just months. To gain and hold the advantage, cyber defenders must act now.
Cybersecurity in the AI Era
The software we rely on daily—running banking systems, storing medical records, connecting logistics networks, and maintaining power grids—has always contained bugs. Most are harmless, but some are serious security flaws that, once discovered, allow attackers to hijack systems, disrupt operations, or steal data.
The destructive impact of cyberattacks on enterprise networks, healthcare systems, energy infrastructure, transportation hubs, and government agencies around the world—including those in the U.S. and others—is already well documented. At the global level, state-sponsored attacks from China, Iran, North Korea, and Russia have threatened infrastructure underpinning civilian life and military readiness. Even small-scale attacks targeting individual hospitals or schools can cause massive financial losses, expose sensitive data, and even endanger lives. Annual global cybercrime damage costs are difficult to estimate precisely—but may approach $50 billion.
In the past, many software defects remained undiscovered for years, because finding and exploiting them required highly specialized expertise possessed by only a handful of security experts. But with the emergence of the latest frontier AI models, the cost, effort, and expertise required to discover and exploit software vulnerabilities have dropped dramatically. Over the past year, AI models have grown increasingly capable at reading and reasoning about code—especially in identifying vulnerabilities and constructing exploits. Claude Mythos Preview represents a quantum leap in these cybersecurity skills—it has uncovered vulnerabilities that survived decades of human review and millions of automated security tests, and its generated exploits are growing ever more sophisticated.
Ten years after the first DARPA Cyber Grand Challenge, frontier AI models are approaching—or in some cases matching—the vulnerability discovery and exploitation capabilities of the world’s top human experts. Without essential safeguards, these powerful cyber capabilities could be used to exploit the vast number of latent defects present in the world’s most important software. Cyberattacks would become more frequent, more destructive, and empower adversaries of the U.S. and its allies. This is a security priority democracies must treat with urgency.
The good news is: the very capabilities that make AI models dangerous in the wrong hands also make them extraordinarily valuable for discovering and fixing critical software defects—and for building new software with far fewer security bugs. Project Glasswing is an essential first step toward enabling defenders to establish a durable advantage in the coming AI-driven era of cybersecurity.
Claude Mythos Preview’s Vulnerability Discovery and Exploitation Capabilities
Over the past few weeks, we have used Claude Mythos Preview to discover thousands of zero-day vulnerabilities—previously unknown to software developers—in every major operating system, every major browser, and a range of other critical software, many of them high severity.
On our Frontier Red Team blog, we disclose technical details of some of these patched vulnerabilities, along with the exploits Mythos Preview developed. Nearly all of these vulnerabilities were discovered—and many of the associated exploits developed—fully autonomously by the model, without any human guidance. Here are three examples:
- Mythos Preview discovered a 27-year-old vulnerability in OpenBSD—a system renowned for its extreme security hardening and widely deployed in firewalls and other critical infrastructure. This flaw allows attackers to remotely crash the target machine simply by connecting to it.
- It also uncovered a 16-year-old vulnerability in FFmpeg—a library used by countless applications for video encoding and decoding. The issue resided in a single line of code—a line that automated testing tools had hit five million times without ever flagging the problem.
- The model autonomously discovered and chained multiple vulnerabilities in the Linux kernel—the foundation of most servers worldwide—to escalate privileges from an ordinary user account to full control of the machine.
We have reported all of these vulnerabilities to the relevant software maintainers, and each has been patched. For many others, we are today publishing encrypted hashes (see the Red Team blog), with full details to be disclosed only after patches are available.
Evaluation benchmarks such as CyberGym also confirm the substantial gap between Mythos Preview and our next-strongest model, Claude Opus 4.6:
Cybersecurity Vulnerability Reproduction – CyberGym
Beyond our own work, many partners have already been using Claude Mythos Preview for several weeks. Below are their reactions:
“AI capabilities have crossed a threshold that fundamentally changes—and irreversibly raises—the urgency of protecting critical infrastructure from cyber threats. Our foundational work with these models demonstrates that security vulnerabilities in hardware and software can now be identified and remediated at unprecedented speed and scale. This is a profound shift—and a clear signal that legacy approaches to system hardening are no longer sufficient. Technology providers must immediately adopt new methods proactively, and customers must prepare for deployment. That is why Cisco joined Project Glasswing: this work is too important and too urgent to tackle alone.”
— Anthony Grieco, Senior Vice President and Chief Security & Trust Officer, Cisco
“At AWS, we build defenses before threats emerge—from custom silicon to the full technology stack. Security isn’t a phase; it’s continuous and embedded in everything we do. Our teams analyze over 400 trillion network events per day to detect threats, and AI sits at the core of our large-scale defensive capabilities. We’ve been testing Claude Mythos Preview in our own security operations, applying it to critical codebases—and it’s already helping us harden our code. We’re contributing deep security expertise to our collaboration with Anthropic, and helping strengthen Claude Mythos Preview so more organizations can advance their work to the highest security standards.”
— Amy Herzog, Vice President and Chief Information Security Officer, Amazon Web Services
“When cybersecurity is no longer constrained by purely human capacity, the opportunity to responsibly use AI to massively improve security and reduce risk is unprecedented. Joining Project Glasswing—and gaining access to Claude Mythos Preview—enables us to identify and mitigate risks earlier, enhancing both our security and development solutions to better protect our customers and Microsoft. When tested on our open-source security benchmark CTI-REALM, Claude Mythos Preview demonstrated substantial improvement over prior models. We look forward to collaborating with Anthropic and the broader industry to improve security outcomes for everyone.”
— Igor Tsyganskiy, Executive Vice President, Cybersecurity & Microsoft Research, Microsoft
“The window between vulnerability discovery and attacker exploitation has collapsed—what used to take months now takes minutes with AI. Claude Mythos Preview demonstrates what’s possible for defenders operating at scale—while adversaries will inevitably seek to harness the same capability. This isn’t a reason to slow down—it’s a reason to accelerate together. Deploying AI demands built-in security. That’s why CrowdStrike joined from day one.”
— Elia Zaitsev, Chief Technology Officer, CrowdStrike
“In the past, security expertise was a luxury reserved for organizations with large security teams. Open-source software maintainers—who build the software underpinning most of the world’s critical infrastructure—have historically had to fend for themselves. Open-source software constitutes the vast majority of modern code—including the very systems AI agents use to write new software. By granting maintainers of these critical open-source codebases access to next-generation AI models capable of proactively identifying and fixing vulnerabilities at scale, Project Glasswing offers a tangible path to change that reality. This is how AI-augmented security evolves from an exclusive tool for large teams into a reliable assistant for every maintainer.”
— Jim Zemlin, Executive Director, Linux Foundation
“Advancing the cybersecurity and resilience of the financial system is central to JPMorgan Chase’s mission—and we believe the industry is strongest when leading institutions collaborate on shared challenges. Project Glasswing presents a unique early opportunity for us to evaluate next-generation AI tools against our own standards for defensive cybersecurity in critical infrastructure, while partnering alongside respected technology leaders. We will take a rigorous, independent approach to determine how best to proceed—and how best to contribute. Anthropic’s initiative embodies the forward-looking, collaborative approach this moment demands.”
— Pat Opet, Chief Information Security Officer, JPMorgan Chase
“Google is pleased to see the formation of this cross-industry cybersecurity initiative—and is providing Mythos Preview to participants via Vertex AI. Industry collaboration on emerging security challenges has long been vital—whether in post-quantum cryptography, responsible zero-day disclosure, open-source software security, or defending against AI-powered attacks. We’ve long believed AI brings both new challenges and new opportunities to cyber defense—that’s why we built AI-driven tools like Big Sleep and CodeMender to find and fix critical software defects. We’ll continue investing in leading cybersecurity platforms and in a culture centered on protecting users, customers, ecosystems, and national security.”
— Heather Adkins, Vice President, Security Engineering, Google
“Over the past few weeks, we’ve been using the Claude Mythos Preview model to identify complex vulnerabilities completely missed by previous generations of models. This doesn’t just change the game for uncovering hidden flaws—it means attackers will soon find and exploit zero-days faster than ever before. It’s clear these models need to get into the hands of open-source project owners and all defenders, to find and patch vulnerabilities before attackers gain access. Perhaps more importantly: everyone needs to prepare for AI-assisted attackers. Attacks will be more frequent, faster, and more complex. It’s time to comprehensively upgrade cybersecurity systems. We commend Anthropic’s collaboration with the industry to ensure these powerful capabilities are prioritized for defense.”
— Lee Klarich, Chief Product and Technology Officer, Palo Alto Networks
Claude Mythos Preview’s formidable cybersecurity capabilities stem from its exceptional agent coding and reasoning abilities. The evaluation results below show the model achieving the highest scores among all known models across multiple software coding tasks.
Agent Coding
Reasoning
Agent Search & Computer Use
Notes:
- SWE-bench Verified, Pro, and Multilingual: Memorization screening flagged some questions. Excluding potentially memorized questions does not change Mythos Preview’s relative advantage over Opus 4.6.
- SWE-bench Multimodal: Uses internal implementation; scores are not directly comparable to the public leaderboard.
- Terminal-Bench 2.0: Uses the Terminus-2 framework, adaptive thinking mode, maximum effort per task, 1M-token total budget per task, 1× guaranteed / 3× ceiling resource allocation, and 5 attempts per task averaged. With timeout limits extended to 4 hours and updated to Terminal-Bench 2.1, Mythos Preview scores 92.1%.
- BrowseComp: Claude Mythos Preview scores higher than Opus 4.6 while consuming only 1/4.9 the tokens.
- Humanity's Last Exam: Mythos performs well even in low-effort mode, suggesting some degree of memorization may be present.
For more information about this model’s capabilities, safety properties, and fundamental characteristics, please refer to the Claude Mythos Preview System Card.
We do not plan to release Claude Mythos Preview to the public. However, our ultimate goal is to enable users to safely deploy Mythos-level models at scale—not only for cybersecurity, but also for the many other high-value applications these highly capable models will unlock. To achieve that, we must make progress in developing cybersecurity (and other) safety measures capable of detecting and blocking the model’s most dangerous outputs. We plan to release new safety measures in the upcoming Claude Opus model, allowing us to refine and improve them using a model that carries significantly lower risk than Mythos Preview.
Next Steps for Project Glasswing
Today’s announcement marks the beginning of a long-term effort. Success will require broad participation across and beyond the technology industry.
Project Glasswing partners will receive access to Claude Mythos Preview to discover and remediate vulnerabilities and weaknesses in their foundational systems—which collectively represent a large portion of the global shared attack surface. Expected areas of focus include local vulnerability detection, binary black-box testing, endpoint hardening, and system penetration testing.
Anthropic’s $100 million commitment in model usage credits for Project Glasswing and other participants will cover extensive usage during the research preview period. Thereafter, Claude Mythos Preview will be offered to participants at $25/$125 per million input/output tokens (accessible via the Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry).
In addition to model credits, we are donating $2.5 million to Alpha-Omega and the Open Source Security Foundation (OpenSSF) via the Linux Foundation, and $1.5 million to the Apache Software Foundation—to help open-source software maintainers navigate this shifting landscape (interested maintainers may apply for access via the Claude for Open Source program).
We intend for this work to expand continuously in scope over months—and to share learnings as broadly as possible, enabling other organizations to apply them to their own security practices. Partners will share information and best practices with one another where feasible; within 90 days, Anthropic will publicly report our findings—including patched vulnerabilities and improvements that can be disclosed. We will also collaborate with leading security organizations to develop practical guidance on the evolution of AI-era security practices—potentially covering vulnerability disclosure processes, software update workflows, open-source and supply-chain security, secure software development lifecycles and design practices, regulatory industry standards, triage scaling and automation, and patch automation.
Anthropic has also been engaging with U.S. government officials on the offensive and defensive cybersecurity capabilities of Claude Mythos Preview. Protecting critical infrastructure is a top national security priority for democracies—and the emergence of these cybersecurity capabilities underscores yet again that the U.S. and its allies must maintain decisive leadership in AI technology. Government plays an indispensable role in helping sustain that leadership—and in assessing and mitigating national security risks associated with AI models. We welcome collaboration with government representatives at all levels to support these missions.
We hope Project Glasswing catalyzes a much broader effort spanning industry and the public sector—uniting stakeholders to address the most pressing security implications of powerful models. We invite other members of the AI industry to join us in shaping industry standards. In the medium term, an independent third-party organization—capable of convening private- and public-sector entities—may serve as the ideal platform to host future phases of these large-scale cybersecurity initiatives.
Notes
- This project is named after the glasswing butterfly (Greta oto). The metaphor has two layers: the butterfly’s transparent wings render it nearly invisible—like the vulnerabilities hidden in code discussed here; and its transparency also helps it evade harm—mirroring our advocacy for transparency in methodology.
- “Mythos” derives from Ancient Greek, meaning “narrative” or “story”—the frameworks civilizations use to understand the world.
- Security professionals engaged in lawful work affected by these safety measures may apply for the forthcoming Cyber Verification Program.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
@AnthropicAI
