Anthropic's bug-hunting AI

# Anthropic’s bug-hunting AI A software bug can sit inside important code for 10 or 20 years without anyone noticing. Then one day a researcher finds the right path through it, and that tiny mistake becomes a way into a bank, a hospital, or a power system. (anthropic.com) That is the basic problem Project Glasswing is trying to solve. Anthropic says its new system can do the opposite of what defenders usually do: instead of waiting for attackers to discover weak spots, it searches for them first and helps patch them before they are abused. (anthropic.com) To understand why that is unusual, start with how modern hacking often works. A single bug is sometimes not enough to take over a machine, so attackers chain several flaws together, using one mistake to reach the next like stepping stones across a river. (anthropic.com) That chaining step is the hard part. Many security tools can flag suspicious code patterns, but linking separate weaknesses into a working exploit usually takes the kind of judgment associated with top human researchers. (anthropic.com; nbcnews.com) The other hard part is scale. Critical software now runs everything from medical records to logistics networks to banking systems, and each layer depends on older libraries, operating systems, and open-source components that may have been written years ago by small teams. (anthropic.com) That is why old bugs can survive for so long. A flaw buried in a little-used corner of a browser, an operating system, or a media library may never get enough expert attention, even if the code is installed on millions of machines. (anthropic.com; nbcnews.com) Anthropic introduced Project Glasswing on April 7, 2026 as a coordinated effort to use one of its unreleased frontier models for defensive security work. The company says the model, called Claude Mythos 2 Preview on its Glasswing page, is strong enough at finding and exploiting vulnerabilities that it can outperform all but the most skilled human experts. (anthropic.com) Anthropic also says the model has already found thousands of high-severity vulnerabilities, including flaws in every major operating system and web browser. The company argues that this is not a distant warning but a present capability, and that the window for preparing defenders may be measured in months, not years. (anthropic.com) Outside reporting has filled in some of the examples Anthropic has not fully detailed in its public announcement. NBC News reported that Anthropic researchers said Mythos Preview found thousands of high- and critical-severity bugs, including some that had gone undiscovered for decades, while other reports described a decades-old OpenBSD flaw and Linux exploit chains that could lead to full system compromise. (nbcnews.com; expertinsights.com) The company is not releasing that model to the public. Instead, Anthropic says 12 launch partners, including Amazon Web Services, Apple, Cisco, Google, JPMorganChase, Microsoft, NVIDIA, and Palo Alto Networks, will use it in defensive workflows, and more than 40 additional organizations that build or maintain critical software infrastructure have also been given access. (anthropic.com) Anthropic is putting money behind that limited rollout. The company says it is committing up to $100 million in usage credits for Mythos Preview and $4 million in direct donations to open-source security organizations. (anthropic.com) That closed access is where the argument starts. Anthropic’s position is that a model capable of autonomously finding and exploiting serious flaws could be dangerous if broadly released, while critics worry that concentrating such a defensive tool inside a small club of large companies could leave smaller vendors, independent researchers, and open-source maintainers outside the gate. (anthropic.com; nbcnews.com) Anthropic has tried to show that this is not a free-for-all bug dump. In a separate disclosure policy updated March 6, 2026, the company says vulnerabilities it discovers will generally follow a 90-day disclosure timeline, with faster treatment for actively exploited critical flaws and delays on publishing technical details until patches have had time to spread. (anthropic.com) That policy matters because a machine that can find bugs faster also creates a traffic problem for the people who have to fix them. Anthropic explicitly says it wants to pace reports to what maintainers can absorb, which is an acknowledgment that software security is limited not just by discovery, but by human repair capacity. (anthropic.com) Microsoft has already signaled why large defenders are interested. In a recent post about its open-source CTI-REALM benchmark for security agents, Microsoft said an early snapshot of Claude Mythos Preview showed substantial improvement over previous evaluated systems on end-to-end detection engineering tasks. (microsoft.com) So the story is not just that Anthropic built a stronger coding model. The story is that one company is saying artificial intelligence has crossed into a part of cybersecurity that used to belong mostly to elite human specialists, and it is trying to contain that capability inside a tightly managed remediation network before the same skill spreads more widely. (anthropic.com; nbcnews.com) If Anthropic’s claims hold up, Project Glasswing may be remembered less as a product launch than as a warning shot. The old assumption was that dangerous software flaws were hard to find; the new possibility is that finding them becomes cheap, fast, and automated, and the real bottleneck becomes who gets access to the machine first. (anthropic.com; expertinsights.com; nbcnews.com)