Skip to main content
TechnologyApr 8, 2026· 6 min read

Anthropic's Mythos Transforms 72% of Vulnerabilities into Working Exploits: Project Glasswing's Bet for Cybersecurity

Anthropic has officially introduced Claude Mythos Preview, a frontier model never released to the public (though some information had emerged a few days ago in connection with the leak of Claude Code's source) that has found thousands of zero-day vulnerabilities in every major operating system and browser currently in circulation. The company has also announced Project Glasswing, an initiative that brings together twelve of the biggest players in the technology and security industries to use the model exclusively for defensive purposes.

A Zero-Day Machine

The characteristic that sets Mythos Preview apart from any other available model is not its ability to find bugs, but its capacity to transform a vulnerability into a working exploit. Where Claude Opus 4.6 manages to create attack code in less than 1% of cases, Mythos Preview achieves 72.4%, according to measurements conducted by Anthropic on Firefox's JavaScript shell. This marks a fundamental paradigm shift: we are no longer facing a vulnerability scanning tool but something akin to an automated exploit engine.

The Register reports a particularly telling detail: Anthropic engineers, lacking formal training in cybersecurity, set up an overnight session asking the model to search for remote code execution vulnerabilities, and woke up the next morning with a complete and functioning exploit. Not a partial proof-of-concept: a ready-to-use exploit.

The cases documented by Anthropic on its Frontier Red Team blog provide a clear picture of the situation. The model found a vulnerability in OpenBSD dating back 27 years that allowed an attacker to crash any machine running the operating system simply by connecting to it. OpenBSD is the system chosen for firewalls and critical infrastructures precisely because it is considered one of the most robust. In FFmpeg, used for video encoding by countless software, it identified a bug that had remained hidden for 16 years in a single line of code that automated testing tools had analyzed five million times without ever detecting the issue. On the Linux kernel, Mythos autonomously chained multiple vulnerabilities to achieve privilege escalation from a regular user to full control of the machine.

The complexity of the exploits goes beyond classic stack overflows. In a documented case, the model wrote a browser exploit that chains four separate vulnerabilities, building a sophisticated JIT heap spray capable of escaping both the renderer’s sandbox and the operating system’s. On FreeBSD, it produced an RCE exploit against the NFS server that grants root access to unauthenticated users, deploying a 20-gadget ROP chain across multiple network packets.

Benchmarks That Leave No Room for Interpretation

In terms of formal evaluations, Mythos Preview leaves Opus 4.6 (the most capable model of Anthropic publicly available so far) at a considerable distance. On CyberGym, the benchmark specialized for reproducing vulnerabilities, it scores 83.1% against 66.6% of Opus 4.6. On SWE-bench Verified, the standard test for solving real problems on GitHub repositories, it reaches 93.9% against 80.8% of its predecessor. On SWE-bench Pro, the hardest version with low memorability problems, the gap widens further: 77.8% against 53.4%. On Terminal-Bench 2.0, which measures the ability to operate autonomously in the terminal, Mythos achieves 82.0% against 65.4% of Opus 4.6 and reaches 92.1% with extended timeouts and updates to Terminal-Bench 2.1. On GPQA Diamond, the advanced scientific reasoning benchmark, it scores 94.6% against 91.3%. On Humanity's Last Exam, a test built specifically to withstand the saturation of standard benchmarks, Mythos reaches 56.8% without tools and 64.7% with tools, against 40.0% and 53.1% of Opus 4.6. On BrowseComp, it achieves higher results than Opus 4.6 while consuming 4.9 times fewer tokens.

Project Glasswing: The Industry's Response

Anthropic has not released the model and does not intend to do so. Instead, it has convened a consortium of twelve organizations, dubbed Project Glasswing, which includes AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. The stated objective is to use Mythos Preview to scan and fix vulnerabilities in their core systems before other models with similar capabilities become widely accessible.

“Introducing Project Glasswing: an urgent initiative to help secure the world’s most critical software. It’s powered by our newest frontier model, Claude Mythos Preview, which can find software vulnerabilities better than all but the most skilled humans.”
Source – Anthropic (@AnthropicAI) April 7, 2026

Access is also extended to over 40 additional organizations that develop or maintain critical software infrastructures, including maintainers of open-source software. Anthropic is committing up to $100 million in usage credits to cover the activity during the research preview. Subsequently, the model will be available to participants at $25 per million tokens in input and $125 per million tokens in output. On the front of direct donations, $2.5 million goes to Alpha-Omega and OpenSSF via the Linux Foundation, and another $1.5 million to the Apache Software Foundation.

Partners have already worked with Mythos Preview for weeks. Microsoft has tested the model against CTI-REALM, its own open-source benchmark for security, finding substantial improvements over previous models. AWS claims to have applied it to critical codebases with already tangible results in strengthening the code. CrowdStrike points out the collapse of the time between discovering a vulnerability and its exploitation by an attacker: what once took months now takes minutes with AI.

The Dual Nature of Risk

The project carries a concern that none of the participants ignore. The same capabilities that make Mythos Preview (here the system card) an exceptional defensive tool would make it devastating in hostile hands. Anthropic explicitly acknowledges that the cost, effort, and level of skills required to find and exploit software vulnerabilities have drastically decreased over the past year, and that Mythos represents a further acceleration of this trajectory. The current cost of damage caused by global cybercrime is estimated at around $500 billion annually: with models of this class available without guardrails, that figure could grow significantly.

Anthropic's response is to anticipate the inevitable dissemination of offensive capabilities by putting defensive capabilities in the hands of those managing global critical infrastructure. The logic is that of responsible disclosure applied not to individual vulnerabilities but to an entire class of AI capabilities: making defenders stronger before attackers reach the same technological level. Within 90 days, Anthropic will publish a detailed report on the vulnerabilities corrected and the lessons learned, as well as a set of practical recommendations on how security practices should evolve in the AI era.

On the regulatory front, Anthropic is in dialogue with U.S. government officials regarding the offensive and defensive capabilities of the model. The company hopes for the establishment of an independent third-party organization, with public and private participation, that coordinates large-scale security projects in the long term. For security professionals whose legitimate activities might be limited by developing guardrails, a future Cyber Verification Program is envisaged.

The name chosen for the project refers to the butterfly Greta oto, whose transparent wings allow it to hide in plain sight, just like the vulnerabilities that Mythos has unveiled after decades of human reviews and failed automated tests.

2 Samsung microwaves on super sale, priced like budget models, plus 4 air fryers, there's an 8L for €66Corsair RM 2025: 4 Power Supplies on Offer, Gold and ATX 3.1 - How Many Watts Do You Need for Each GPU and CPU Model