Project Glasswing: the billion-dollar coalition racing to armor the world’s software before AI falls into the wrong hands
Claude Mythos Preview just changed everything we thought we knew about cybersecurity.
Anthropic has revealed an artificial intelligence model that found, completely on its own, thousands of critical zero-day vulnerabilities across every major operating system and browser in the world.
No human oversight.
No hand-holding.
And with an efficiency that left even the top experts in the field absolutely stunned.
But here is the part that makes this story even more compelling: before these capabilities could spread beyond actors committed to responsible use, a group of tech giants decided to act.
That is how Project Glasswing was born — a coalition made up of names like AWS, Apple, Google, Microsoft, Cisco, NVIDIA, CrowdStrike, Broadcom, Palo Alto Networks, JPMorganChase, and the Linux Foundation, with one clear mission: use this immense power to defend, not to attack.
What you are about to read is how this initiative could represent a real turning point in how the world protects its digital infrastructure — and why the window to act is much smaller than anyone would like.
What Claude Mythos Preview can do that no other model has pulled off before
To grasp the scale of what is happening, it is important to understand what Claude Mythos Preview actually represents. We are not talking about a model that simply answers technical questions or helps developers fix the occasional bug. We are talking about a frontier artificial intelligence system, not yet commercially released, designed to reason deeply about complex software architectures, identify failure patterns that completely escape the human eye, and — most impressively — act autonomously throughout the entire process, without needing a specialist on the other end validating every step.
This is a massive qualitative leap from anything the industry had seen before in terms of capability applied to cybersecurity. Anthropic formed Project Glasswing precisely because of the capabilities observed in this new frontier model, which revealed a striking fact: AI models have reached a skill level in code where they can outperform all humans except the most highly qualified at finding and exploiting software vulnerabilities.
Internal tests conducted by Anthropic showed the model was able to map critical vulnerabilities across widely used operating systems and major browsers at a scale and speed that are simply not achievable by traditional human security teams, no matter how skilled they are. Claude Mythos Preview did not just find these flaws — it categorized them, prioritized them, and described exploitation paths with a level of technical detail that allowed response teams to take immediate action.
Evaluation benchmarks like CyberGym reinforce the substantial gap between Mythos Preview and the next best Anthropic model, Claude Opus 4.6. The model also achieved the highest scores ever recorded across a range of software coding tasks, including SWE-bench Verified, Pro, and Multilingual, SWE-bench Multimodal, and Terminal-Bench 2.0.
Receive the best innovation content in your email.
All the news, tips, trends, and resources you're looking for, delivered to your inbox.
By subscribing to the newsletter, you agree to receive communications from Método Viral. We are committed to always protecting and respecting your privacy.
This kind of capability, applied continuously and in an automated fashion, represents a structural shift in the race between attackers and defenders in the digital world.
Vulnerabilities decades old discovered in minutes
The concrete examples Anthropic shared are jaw-dropping. Over the past few weeks, the team used Claude Mythos Preview to identify thousands of zero-day vulnerabilities — flaws completely unknown to the software developers — across every major operating system, every major browser, and a range of other critical pieces of software.
Three specific cases illustrate the caliber of what we are talking about:
- A 27-year-old vulnerability in OpenBSD — yes, the operating system considered one of the most secure in the world, widely used to run firewalls and other critical infrastructure. The flaw allowed an attacker to remotely crash any machine running the operating system simply by connecting to it.
- A 16-year-old flaw in FFmpeg — the library used by countless software products to encode and decode video. The vulnerability sat in a line of code that automated testing tools had hit five million times without ever catching the problem.
- Multiple chained vulnerabilities in the Linux kernel — the software that runs most of the world’s servers. The model autonomously found and combined several flaws to allow an attacker to escalate from ordinary user access to full machine control.
All of these vulnerabilities have already been reported to the maintainers of the affected software and have received patches. For many other discoveries, Anthropic published a cryptographic hash of the details on the Frontier Red Team blog, with a commitment to reveal full details after fixes are in place. This is the kind of responsible approach that makes a real difference when it comes to security flaw disclosure.
This is exactly where the dilemma lies — the one that pushed major companies to act so quickly. Technology this sophisticated, if used without any governance or coordination, could be weaponized for purposes completely opposite to defense. The same intelligence that finds a flaw to fix it can find it to exploit it. That scenario, publicly acknowledged by Anthropic itself, was the trigger for one of the most ambitious cybersecurity initiatives the tech industry has ever seen.
Project Glasswing: when competition gives way to collaboration
Project Glasswing is, before anything else, a clear signal that the tech industry is taking seriously the responsibility that comes with advancing artificial intelligence. The initiative brought together companies that, in any other context, would be competing fiercely — AWS and Google go head-to-head in the cloud, Microsoft and Apple battle over desktop and mobile, NVIDIA and other hardware players live in constant cycles of rivalry. But faced with the potential impact that Claude Mythos Preview represents, those differences were set aside in favor of a shared goal: ensuring the model’s vulnerability discovery power is used to strengthen the global digital infrastructure, not compromise it.
The logic behind the coalition is pretty straightforward. No single company, no matter how large, has complete visibility into all the systems that make up modern digital infrastructure. A vulnerability found in one layer of an operating system can have cascading impacts on cloud services, financial applications, corporate networks, and consumer devices all at once. When you bring AWS, Apple, Google, Microsoft, Cisco, NVIDIA, CrowdStrike, Broadcom, Palo Alto Networks, and JPMorganChase together around a single AI-powered detection platform, you create coverage that none of these players could achieve alone. It is a combination of perspectives, data, and expertise that multiplies the defensive impact of Claude Mythos Preview exponentially.
Beyond the launch partners, Anthropic extended access to a group of more than 40 additional organizations that build or maintain critical software infrastructure, so they can use the model to scan and protect both proprietary and open-source systems. This expanded reach shows that the initiative is not just an exclusive club for big corporations — it is a network that aims to cover as much of the shared digital attack surface as possible.
The money behind the initiative: $100 million in credits and direct donations
Talking is one thing, putting money on the table is another. And Anthropic did both. The company committed up to $100 million in usage credits for Claude Mythos Preview across these efforts. That amount covers substantial usage during the research period. After that, the model will remain available to participants at $25 per million input tokens and $125 per million output tokens, with access through the Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry.
On top of the credits, Anthropic made direct donations totaling $4 million to open-source security organizations:
- $2.5 million to Alpha-Omega and OpenSSF, through the Linux Foundation
- $1.5 million to the Apache Software Foundation
This investment is particularly relevant because it targets one of the most vulnerable points in the software ecosystem: open-source projects. As Jim Zemlin, executive director of the Linux Foundation, pointed out, open-source software makes up the vast majority of code in modern systems, including the very systems AI agents use to write new software. Historically, open-source project maintainers have been left on their own when it comes to security — and now, with access to next-generation models that can proactively identify and fix vulnerabilities at scale, there is a real path to changing that equation.
What the partners are already saying about the results
Several Project Glasswing partners have had access to Claude Mythos Preview for a few weeks now and shared their initial impressions. The reports are consistent: the model is finding things nobody else has found.
Chuck Robbins, CEO of Cisco, described the situation as a threshold that has been crossed — AI capabilities have fundamentally changed the urgency needed to protect critical infrastructure from cyber threats, and there is no going back. Cisco’s foundational work with these models showed it is possible to identify and fix security vulnerabilities in hardware and software at a pace and scale that were previously impossible.
AWS highlighted that its teams analyze more than 400 trillion network flows per day looking for threats, and that AI is central to this ability to defend at scale. The company has been testing Claude Mythos Preview in its own security operations, applying it to critical codebases, where the model is already helping strengthen the code.
Igor Tsyganskiy, executive vice president of cybersecurity and research at Microsoft, noted that when tested against CTI-REALM — Microsoft’s open-source security benchmark — Claude Mythos Preview showed substantial improvements compared to previous models.
George Kurtz, CEO of CrowdStrike, summed up the urgency well: the window between a vulnerability being discovered and being exploited by an adversary has collapsed — what used to take months now happens in minutes with AI.
Nikesh Arora of Palo Alto Networks was even more direct: the model found complex vulnerabilities that previous-generation models missed entirely. And he warned that everyone needs to prepare for AI-assisted attackers — there will be more attacks, faster attacks, and more sophisticated attacks.
Why the vulnerabilities found by Claude Mythos are different from what we already knew about
There is an important distinction between the vulnerabilities human researchers typically find and the ones Claude Mythos Preview is identifying. Traditional methods for discovering security flaws — whether through automated fuzzing, static code analysis, or manual penetration testing — have proven effectiveness, but they operate within well-known limitations. They depend on predefined hypotheses about where flaws might be, previously documented patterns, and the accumulated experience of the teams running them.
Claude Mythos Preview, on the other hand, approaches the problem from a radically different angle: it reasons about the behavior of a system as a whole, identifies unexpected interactions between components, and can follow analytical paths that simply do not exist in any traditional security playbook. Ten years after the first DARPA Cyber Grand Challenge, frontier AI models are now becoming competitive with the best humans at finding and exploiting vulnerabilities.
This means the model is finding categories of vulnerabilities that have not been previously described in security literature — flaws that exist at the intersection of different software layers, that depend on specific environmental conditions to be triggered, or that emerge from combinations of features that individually appear completely safe. This type of flaw is particularly dangerous because it is exactly what sophisticated bad actors look for: attack vectors that conventional defense tools are simply not equipped to detect.
The pace at which these discoveries are happening is also a factor that cannot be ignored. While a high-performance security research team might take weeks or months to identify and document a critical vulnerability, Claude Mythos Preview operates on a completely different timescale. This puts real pressure on the development and patching cycles of software companies, which need to be prepared to respond with far more agility than has historically characterized the industry.
Long-term plans and the governance framework
Another critical aspect of Project Glasswing is the governance component. The initiative is not just about sharing access to the model — it involves clear protocols for how discovered vulnerabilities are communicated, how much time companies responsible for affected systems have to implement fixes before any information goes public, and how to ensure the responsible disclosure process is respected by all members of the coalition.
Anthropic has stated it intends for this work to grow in scope and continue for many months. Within 90 days, the company will publish an open report on what it has learned, the vulnerabilities that were fixed, and the improvements that can be disclosed. Beyond that, Anthropic will collaborate with leading security organizations to produce a set of practical recommendations on how security practices should evolve in the age of AI, potentially including:
- Vulnerability disclosure processes
- Software update processes
- Open-source and supply chain security
- Software development lifecycle and secure design practices
- Standards for regulated industries
- Triage scalability and automation
- Patch automation
This shared responsibility framework is what sets Glasswing apart from a simple technology partnership and positions it as a collaboration model that could serve as a reference for the industry for years to come.
It is worth noting that Anthropic does not plan to make Claude Mythos Preview available to the general public. The eventual goal is to enable Mythos-class models to be deployed at scale safely — for cybersecurity and for the countless other benefits that models this capable will bring. To get there, the company needs to advance the development of safeguards that detect and block the model’s most dangerous outputs. New safeguards are expected to ship with an upcoming Claude Opus model, allowing them to be refined with a model that does not carry the same level of risk as Mythos Preview.
The role of governments and the geopolitical dimension
Anthropic’s announcement does not shy away from the geopolitical dimension of the situation. The company explicitly acknowledges that state-sponsored cyberattacks have threatened to compromise infrastructure that supports both civilian life and military readiness. The global financial cost of cybercrime is difficult to estimate precisely, but it may be in the range of $500 billion per year.
Anthropic disclosed that it has been in ongoing discussions with U.S. government officials about Claude Mythos Preview and its offensive and defensive cyber capabilities. The company emphasized that protecting critical infrastructure is a first-order national security priority for democratic nations, and that the emergence of these cyber capabilities is yet another reason why maintaining a decisive lead in AI technology is essential.
The medium-term vision includes the potential creation of an independent third-party body — one that could bring together organizations from both the public and private sectors — as the ideal home for the continuation of large-scale cybersecurity projects like this one. This kind of institutional structure would be crucial for ensuring continuity and legitimacy, regardless of market dynamics among the participating companies.
The time window nobody can afford to ignore
There is an element of urgency to Project Glasswing that goes beyond the natural excitement around a new technology. The reality is that the level of capability demonstrated by Claude Mythos Preview in autonomously identifying vulnerabilities will not remain exclusive to Anthropic for long. The advancement of artificial intelligence is happening at an accelerated pace on multiple fronts simultaneously, and it is reasonable to expect that other AI labs — some with very different alignments and governance structures — will reach similar capabilities on a not-so-distant horizon. As Anthropic itself acknowledged, frontier AI capabilities are expected to advance substantially over the coming months.
When that happens, the question will no longer be whether an AI exists that can find critical vulnerabilities at scale, but rather who is using that AI and for what purpose.
This is the context that transforms Project Glasswing from an interesting initiative into something with real implications for the security of billions of people around the world. Modern digital infrastructure underpins virtually everything: banking systems, medical records, logistics networks, government communications, power grids. A critical unpatched vulnerability in any of these systems, exploited with the efficiency that a model like Claude Mythos Preview would make possible for a bad actor, would have consequences that go far beyond compromised data or service disruptions.
What Project Glasswing is trying to do, in essence, is create a structural advantage for the defense side before the balance breaks irreversibly. Using Claude Mythos Preview to find and fix vulnerabilities before they are discovered and exploited by others is a race against time — and the only way to win that race is with the speed and scale that only artificial intelligence can deliver, operated within a framework of responsibility that the world’s largest companies are now publicly committing to uphold.
The work of defending the world’s cyber infrastructure could take years. Frontier AI capabilities will likely advance substantially in the coming months. For the defenders to stay ahead, the time to act is now. 🔐
