Elevator Pitch

• Project Glasswing’s first month shows AI can uncover vulnerabilities at unprecedented scale, shifting cybersecurity’s bottleneck from finding bugs to triaging, disclosing, and patching them safely.

Key Takeaways

• Roughly 50 partners using Claude Mythos Preview found 10,000+ high/critical vulnerabilities, with some reporting 10× higher bug-finding rates.
• Scanning 1,000+ open-source projects surfaced thousands of serious issues, but human capacity to verify and patch remains the limiting factor.
• Anthropic is rolling out defensive tools (e.g., Claude Security, scanning harnesses) while delaying public release of Mythos-class models until stronger anti-misuse safeguards exist.

Most Memorable Quotes

• “Progress on software security used to be limited by how quickly we could find new vulnerabilities. Now it’s limited by how quickly we can verify, disclose, and patch the large numbers of vulnerabilities found by AI.”
• Cloudflare reports Mythos Preview found bugs “with a false positive rate that Cloudflare’s team considers better than human testers.”
• “At present, no company—including Anthropic—has developed safeguards strong enough to prevent such models from being misused and potentially causing severe harm.”