Today Anthropic announced Project Glasswing — and with it, a model they refuse to make generally available. Claude Mythos finds vulnerabilities that good.
The claim isn't hype.
In their own testing, Mythos wrote a browser exploit that chained four vulnerabilities together. It achieved local privilege escalation on Linux through subtle race conditions. It crafted a remote code execution exploit on FreeBSD's NFS server by splitting a 20-gadget ROP chain across multiple packets.
Opus 4.6 managed near-0% success rate on autonomous exploit development. Mythos hit 181 out of 200+ attempts on the same benchmark.
The Numbers That Matter
- $100M in usage credits for trusted partners
- $4M direct donations to open-source security orgs
- Partners include AWS, Apple, Microsoft, Google, and the Linux Foundation
- Vulnerabilities found in every major operating system and web browser
- One OpenBSD bug had been there 27 years
Why This Is Different
We've been hearing about AI security research for a while. But the tone shifted recently.
Greg Kroah-Hartman (Linux kernel): "Months ago, we were getting AI slop. Something happened a month ago, and the world switched. Now we have real reports."
Daniel Stenberg (curl): "The challenge transitioned from an AI slop tsunami into more of a security report tsunami. Many of them really good."
Thomas Ptacek: "Vulnerability Research Is Cooked" — his post inspired by a podcast with Anthropic's Nicholas Carlini.
Nicholas Carlini himself: "I've found more bugs in the last couple of weeks than I found in the rest of my life combined."
The Restriction
This isn't a marketing stunt. Anthropic explicitly states:
We do not plan to make Claude Mythos Preview generally available.
They're developing safeguards with an upcoming Opus model first. The model can chain 3–5 vulnerabilities together. That's not something you casually release to the public.
What This Means
The AI security research conversation just moved from theoretical to operational. The kernel maintainers are already seeing high-quality vulnerability reports from AI tools. Now Anthropic is saying they've built something that's genuinely too capable.
The model exists. Others will build similar capabilities. The question is whether the industry can harden fast enough.
Project Glasswing is Anthropic's answer: controlled access for trusted partners, funding for the open-source ecosystem, and time for the software industry to prepare.
Whether that's sufficient — we'll find out.
Top comments (0)