Share

Anthropic's 'Claude Mythos' AI Finds 10,000 Software Vulnerabilities

By Any May 23, 2026
As part of its Project Glasswing initiative, AI company Anthropic reported that its specialized model, Claude Mythos, identified over 10,000 potential critical vulnerabilities in open-source software projects within a single month. The pace of discovery has far exceeded the ability of developers to issue patches, highlighting a growing cybersecurity challenge.
Anthropic's 'Claude Mythos' AI Finds 10,000 Software Vulnerabilities

Anthropic’s ‘Claude Mythos’ AI Finds 10,000 Software Vulnerabilities Anthropic’s latest cybersecurity experiment is exposing a stark imbalance: AI can now uncover software flaws far faster than human developers can fix them.

Timeline: From Launch to Overload

Last month, Anthropic quietly launched Project Glasswing, a collaborative initiative aimed at “secure[ing] the world’s most critical software before increasingly capable AI models can be turned against it.” The effort centers on Claude Mythos, a specialized version of the company’s AI model tailored to scan source code for vulnerabilities.

Within its first month of operation, Claude Mythos identified more than 10,000 high- or critical‑severity vulnerability candidates across over 1,000 open‑source projects, including some of the most systemically important software in use today. Of these, more than 1,700 were validated as true positives and over 1,000 confirmed as high‑ or critical‑severity flaws — yet only 97 had been patched in that period.

Human Perspective: Racing to Catch Up

Security researchers and maintainers describe the patch gap as the real story: “Anthropic’s Claude Mythos found 10,000 critical vulnerabilities in one month. The patches can’t keep up.” The discovery rate is “orders of magnitude faster than the rate of remediation,” prompting calls for shorter patch cycles and faster security releases. Some large vendors are already reacting; Oracle reportedly shifted from quarterly to monthly patch releases, while Microsoft has warned that its monthly patch volume will keep growing.

Anthropic’s Perspective: Defensive AI, Tightly Controlled

Anthropic frames Glasswing as a pre‑emptive defense project designed to give “the most systemically important cyber defenders” an AI advantage before similar tools can be abused. Access to Claude Mythos is restricted to about 50 organizations, and the model has not been released to the general public.

Both sides agree on the core tension: AI has decisively tilted the balance in favor of faster vulnerability discovery, but without a matching revolution in patching, the internet’s attack surface may actually grow.

Continue reading https://foxvector.com

Write a comment
No comments yet.