- Claude Mythos autonomously found and exploited a 17-year-old FreeBSD remote code execution flaw, with over 99% of discoveries still unpatched at disclosure.
- Project Glasswing unites Apple, Google, Microsoft, and 45+ organizations to deploy AI vulnerability detection defensively before offensive misuse spreads.
- Anthropic pledged $100M in credits and donations to open-source security efforts, aiming to close the gap between AI-found flaws and active exploitation.
On April 7, Anthropic launched Project Glasswing alongside Claude Mythos Preview, a model that found thousands of critical vulnerabilities across every major operating system and browser within days of testing.
According to The Hacker News, the model discovered security flaws that survived decades of human security research, including a 17-year-old remote code execution vulnerability in FreeBSD’s NFS server that Claude exploited autonomously. Anthropic confirmed that over 99% of identified vulnerabilities remained unpatched at the time of disclosure, creating both opportunity and risk for defenders and attackers alike.
The model found vulnerabilities spanning operating systems, web browsers, and enterprise software infrastructure, with some flaws dating back 27 years undetected despite conventional security testing. In FreeBSD specifically, Help Net Security reported that Claude Mythos autonomously identified and fully exploited CVE-2026-4747, demonstrating not just detection capability but actual attack execution without human guidance. This combination of finding and exploiting vulnerabilities at scale represents a potential inflection point in cybersecurity economics.
Why This Changes the Security Equation
Traditional vulnerability research requires skilled analysts spending weeks or months on individual targets, with success rates that don’t scale linearly with effort. Claude Mythos demonstrated the ability to process targets overnight with results that matched or exceeded human security researchers, as Anthropic documented when engineers with no formal security training asked the model to find remote code execution vulnerabilities.
The model succeeded where years of automated testing had failed on the same systems. CrowdStrike began early testing of Claude Mythos for vulnerability detection, with initial results showing faster identification and improved cross-system analysis compared to existing tools, according to AI Today. The partnership through Project Glasswing includes Apple, Google, Microsoft, and over 45 other organizations working to deploy the technology defensively before it proliferates for offensive use.
The dual-use nature of the capability creates a classic security dilemma: the same technology that helps defenders patch systems faster also helps attackers find exploitation opportunities faster. Anthropic committed $100 million in usage credits and direct donations to open-source security organizations through the Linux Foundation, attempting to accelerate the defensive timeline. Whether this investment outpaces malicious actors’ access to comparable capabilities remains uncertain.
Anthropic built an AI that finds decades-old bugs in systems everyone relies on, and their solution was to give it to the biggest tech companies while hoping nobody notices the window between “AI found this vulnerability” and “AI exploited this vulnerability” is essentially zero. Security researchers who’ve spent careers building expertise in vulnerability discovery must now compete with a model that never sleeps, never gets tired, and doesn’t bill by the hour. The uncomfortable question nobody wants to answer: what happens when the same capability lands in hands that don’t share Anthropic’s commitment to responsible disclosure?
The Race Against AI-Powered Threats
The participating organizations in Project Glasswing represent an unusual moment of industry cooperation between companies that normally compete aggressively. Cisco’s Chief Security Officer Anthony Grieco stated that AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure, acknowledging that traditional hardening approaches can no longer keep pace. The window between vulnerability discovery and exploitation has collapsed from months to minutes, making manual security processes inadequate.
Lee Klarich from Palo Alto Networks warned that organizations must prepare for AI-assisted attackers who can probe systems faster and more systematically than human hackers. The same capabilities Anthropic deployed for defense exist in training form for anyone willing to use them differently. Nation-state actors and criminal organizations have resources to develop or purchase comparable tools, potentially negating the defensive advantage Project Glasswing attempts to establish.
Open-source software maintainers, who handle much of the world’s critical infrastructure code with minimal funding, stand to benefit most from automated vulnerability detection. Jim Zemlin of the Linux Foundation emphasized that Project Glasswing offers these maintainers access to AI models that can identify and fix vulnerabilities at scale, potentially changing the equation for software that billions of people depend on daily. Whether this assistance arrives before exploitation attempts increase remains the critical variable.