Anthropic Officially Launches Project Glasswing — $100M Commitment, 12 Partners, Thousands of Zero-Days Found

AI relevance: Anthropic's Claude Mythos Preview — the first AI model to autonomously discover and exploit software vulnerabilities at scale — is now being deployed across 12 major tech and security organizations, fundamentally changing the vulnerability discovery and patching timeline for critical infrastructure.

What happened

Anthropic officially announced Project Glasswing, a cybersecurity initiative that provides select organizations access to Claude Mythos Preview, an unreleased frontier model capable of autonomous vulnerability discovery and exploit generation.

• 12 launch partners: Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks.
• 40+ additional organizations with critical infrastructure responsibilities also received access.
• $100M in Mythos Preview usage credits committed by Anthropic across these efforts, plus $4M in direct donations to open-source security organizations.
• Zscaler subsequently announced it has joined the Glasswing group.

What Mythos Preview has found

• Thousands of zero-day vulnerabilities across every major operating system and web browser — many previously unknown to vendors.
• A 27-year-old vulnerability in OpenBSD that allows remote crash of any machine running the OS (used in firewalls and critical infrastructure).
• Vulnerabilities in FFmpeg and the ability to chain multiple issues into full system control on Linux kernel environments.
• The model operates autonomously — forming hypotheses, launching containers, executing code, and developing exploits without human intervention.

Why it matters

• The window between vulnerability discovery and exploitation has effectively collapsed. AI models can now find and exploit flaws faster than human patch cycles can respond.
• Microsoft is integrating Mythos Preview directly into its Security Development Lifecycle (SDL), treating patch currency as a "fundamental requirement" rather than best practice.
• The exclusive, invitation-only nature of Glasswing raises questions about which organizations get defensive AI advantages first — and what happens when equivalent capabilities proliferate to adversarial actors.
• For AI operators: the same model architecture patterns used in Mythos will soon be accessible through commercial APIs, meaning any organization running agentic systems needs to assume attackers have similar capabilities.

What to do

• Treat software patching as urgent, not optional — the attacker's discovery timeline is now measured in hours, not months.
• Prioritize internet-facing assets and critical infrastructure components for accelerated patch cycles.
• Monitor CNA and vendor disclosure channels closely; AI-discovered vulnerabilities will likely appear in higher volumes and with shorter embargo windows.
• Assess your own AI agent deployments for exposure to autonomous code execution — the same capabilities used defensively can be weaponized through compromised agent tooling.

Sources

• Anthropic — Project Glasswing (official announcement)
• Microsoft — AI-powered defense for an AI-accelerated threat landscape
• Zscaler joins Anthropic Project Glasswing
• Anthropic Frontier Red Team — Mythos Preview technical details