feature insight

Anthropic says Project Glasswing has already found more than 10,000 severe softwa…

Anthropic’s first public Project Glasswing update says Claude Mythos Preview and roughly 50 partners have already found more than 10,000 high- or critical-severity vulnerabilities across critical software. The company argues the bottleneck has shifted from finding bugs to verifying, disclosing, and patching them fast enough.

Published May 22, 2026 Updated May 23, 2026 1 sources

AnthropicProject Glasswingsecurityfeature updatehigh impact

securitycybersecurityvulnerability-disclosureopen-sourceenterprise-controlsfeature-update

Impact: high
Confidence: 99%
Change type: feature update
First seen: May 22, 2026
Last updated: May 23, 2026
Audience: security teamsplatform teamsopen-source maintainers
Status: Published

Summary

What changed

Anthropic published its first Project Glasswing progress update with aggregate vulnerability findings, open-source scan results, and a new cyberdefense tooling package for qualifying customers.

Why it matters

This is a strong signal that frontier AI is already reshaping defensive security workflows, not just red-team benchmarks. The practical constraint is now disclosure and patch capacity, which raises the strategic value of triage, patch automation, and secure deployment hygiene.

Evidence excerpt

Anthropic says Claude Mythos Preview and its partners have found more than 10,000 high- or critical-severity vulnerabilities, and that software security is now limited more by verification, disclosure, and patching than by discovery.

Sources

anthropic.com