For decades, cybersecurity has been defined by a brutal asymmetry: defenders must secure every single vulnerability, while attackers only need to find one. That asymmetry is about to be permanently disrupted — not by a new firewall or compliance framework, but by the same frontier AI models that are reshaping every other domain of enterprise technology.
Enter Project Glasswing.1 Announced by Anthropic, this coordinated initiative brings together a coalition of twelve technology leaders — Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks — with a single mission: leverage frontier AI to find and fix the critical software vulnerabilities hidden in the world's most important infrastructure, before adversaries use those same capabilities against us.
For enterprise CIOs and CTOs evaluating AI deployment, Project Glasswing is not an abstract research story. It is the clearest signal yet that the attack surface your organization depends on — operating systems, browsers, open-source libraries, cloud infrastructure — is being actively hardened by the most capable AI systems ever built. And it raises an equally urgent question: is your organization's own security posture keeping pace?
The Fragility of Our Digital Foundation
The modern enterprise runs on software it did not write and cannot fully audit. The systems handling your banking transactions, medical records, logistics operations, and power infrastructure have always contained bugs. Most are benign. A critical subset are not.
State-sponsored actors from China, Iran, North Korea, and Russia continuously probe this infrastructure. Ransomware groups have paralyzed hospital networks, disrupted fuel pipelines, and cost municipalities hundreds of millions in recovery costs. The scale of the problem is now measured in trillions: global cybercrime costs are estimated at $1.5 trillion annually and climbing.2
For years, the barrier protecting this infrastructure was practical obscurity — finding and weaponizing serious vulnerabilities required elite expertise held by only a handful of researchers worldwide. That barrier is gone.
The Catalyst: Claude Mythos Preview
The catalyst behind Project Glasswing is a new, unreleased frontier model called Claude Mythos Preview. Anthropic's internal testing of this model produced a finding that is both remarkable and alarming: AI has now crossed the threshold where it can surpass all but the most elite human experts at finding and exploiting software vulnerabilities.
The benchmark numbers reflect this leap. Claude Mythos Preview achieved 93.9% on SWE-bench Verified — the standard measure of real-world software engineering task completion — and 94.6% on GPQA Diamond, a graduate-level scientific reasoning benchmark.3 These are not incremental improvements. They represent a step change in what autonomous AI can accomplish on code.
More significant than the benchmarks are the discoveries. Operating entirely without human guidance, Mythos Preview identified thousands of high-severity zero-day vulnerabilities across every major operating system and browser. Three findings in particular illustrate the magnitude of this capability:
- A 27-year-old vulnerability in OpenBSD — a security-hardened operating system widely used for critical firewalls. The flaw allowed an attacker to remotely crash any machine simply by connecting to it.
- A 16-year-old vulnerability in FFmpeg, the foundational library used globally for video encoding and decoding. This bug existed in a code path that automated security scanning tools had executed five million times without ever flagging a problem.
- A complex Linux kernel exploit chain — the model autonomously discovered and linked multiple vulnerabilities together to escalate from standard user access to full machine control.
These flaws survived decades of human code review and millions of automated tests. A frontier AI model found them in a matter of hours. As a point of reference: ten years passed between the first DARPA Cyber Grand Challenge — which proved autonomous systems could compete with human hackers — and the moment AI became genuinely competitive with elite offensive researchers.7 That moment is now.
93.9%
scored by Claude Mythos Preview on SWE-bench Verified — record-breaking autonomous coding performance
$1.5T
estimated annual cost of global cybercrime — the attack surface Project Glasswing is racing to close
$104M
committed by Anthropic — $100M in AI usage credits plus $4M in direct donations to open-source security foundations
The Urgency of Now
Project Glasswing was not formed because this threat is theoretical. It was formed because the window between discovery and exploitation has already collapsed.
As CrowdStrike CTO Elia Zaitsev put it: "what once took months now happens in minutes with AI."4 The adversary is not waiting for the security industry to catch up. State-sponsored groups and well-resourced criminal organizations are running the same AI capabilities that power enterprise productivity tools — but optimized for offense.
The acceleration is structural, not cyclical. Cisco SVP and Chief Security & Trust Officer Anthony Grieco described it directly: AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure, rendering previous approaches to hardening systems completely insufficient.5 The fallout for economies, public safety, and national security — if defenders lose this race — is not recoverable through patching cycles and compliance audits. The response has to be architectural, and it has to happen now.
Turning the Weapon into a Shield
The core thesis of Project Glasswing is that the same capabilities that make Mythos Preview dangerous in adversarial hands also make it the most powerful defensive tool in existence. The initiative is a coordinated deployment of that capability across the organizations whose infrastructure constitutes the majority of the global attack surface.
The operational commitments are concrete. AWS is applying Mythos Preview to its critical codebases and analyzing over 400 trillion network flows daily to embed continuous security at scale.6 Microsoft is using the model to augment its security solutions and mitigate risks earlier in the development lifecycle — an acknowledgment that cybersecurity has exceeded the capacity of purely human-driven processes. Palo Alto Networks is using it to surface complex vulnerability chains that previous generation models missed entirely, modernizing their defenses against the AI-assisted attackers now entering the threat landscape.9
Each of these deployments is not a pilot program. They represent production-scale infrastructure changes driven by the recognition that the old perimeter has dissolved.
Democratizing Security for Open Source
Perhaps the most consequential dimension of Project Glasswing is its focus on open-source software. Open-source code constitutes the majority of the software running in modern enterprise stacks — it is the invisible load-bearing structure of the internet. And historically, open-source maintainers have operated without access to the enterprise-grade security expertise that large corporations can deploy.
Project Glasswing changes this equation. Over 40 additional organizations, including open-source maintainers, are being given direct access to Mythos Preview — allowing them to proactively identify and fix vulnerabilities at a scale that was previously impossible for teams without dedicated security budgets.
To sustain this, Anthropic is committing $100 million in usage credits for Mythos Preview, ensuring defenders have the compute they need to run extensive scans.8 On top of that, Anthropic is making $4 million in direct financial donations: $2.5 million to Alpha-Omega and OpenSSF through the Linux Foundation, and $1.5 million to the Apache Software Foundation. For the maintainers responsible for the libraries your enterprise depends on, this represents a meaningful structural change in their security capacity.
A Calculated, Collaborative Path Forward
Because of the extreme dual-use nature of Mythos Preview's capabilities, Anthropic is not making it generally available. The model is being tightly controlled within this research initiative. The explicit goal is to use Project Glasswing to develop the cybersecurity safeguards — detection, blocking, and output filtering — required to eventually deploy a next-generation Claude Opus model responsibly.
The initiative is also designed as a learning exercise with a public accountability mechanism. Partners are sharing findings and best practices. Within 90 days, Anthropic has committed to publicly reporting what has been learned, disclosing patched vulnerabilities, and collaborating with security organizations to establish updated recommendations across the software development lifecycle, vulnerability disclosure processes, and regulated-industry standards.
The name itself carries the framing. The glasswing butterfly (Greta oto) survives by using transparent wings to hide in plain sight — just as critical zero-day vulnerabilities hide undetected inside production systems for decades. And that same transparency is the strategy: open collaboration, shared findings, and public accountability as the mechanism by which defenders stay ahead.
What This Means for Enterprise Security Leaders
Project Glasswing will not replace your security team or your existing controls. What it signals, clearly and urgently, is that the baseline has shifted.
The infrastructure your organization depends on is being actively scanned and hardened by the most capable AI models ever deployed for defensive purposes. The organizations that built the cloud platforms, operating systems, and open-source libraries in your stack are now using frontier AI to find and fix vulnerabilities before they can be weaponized.
The operational question for enterprise CIOs and CTOs is whether your internal security posture, your agentic AI deployment controls, and your vendor governance frameworks are evolving at the same pace. The exploit window has collapsed. The attack surface has expanded. The tools to defend it are now available — but only to organizations that have built the architecture to use them responsibly.
Project Glasswing is the opening move of that future. The question is whether your organization is positioned to move with it.
References
- 1Anthropic, Project Glasswing: Securing critical software for the AI era, April 2026. https://www.anthropic.com/glasswing↩
- 2Cybersecurity Ventures, Cybercrime To Cost The World $10.5 Trillion Annually By 2025, updated projections 2025–2026. https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/↩
- 3LLM Stats, Claude Mythos Preview: Benchmarks, Pricing & Project Glasswing, April 2026. https://llm-stats.com/blog/research/claude-mythos-preview-launch↩
- 4CyberScoop, Tech giants launch AI-powered 'Project Glasswing' to find software vulnerabilities, April 2026. https://cyberscoop.com/project-glasswing-anthropic-ai-open-source-software-vulnerabilities/↩
- 5Network World, Cisco joins Anthropic's multivendor effort to secure AI software, April 2026. https://www.networkworld.com/article/4155237/cisco-joins-anthropics-multivendor-effort-to-secure-ai-software.html↩
- 6AWS Security Blog, Building AI defenses at scale: Before the threats emerge, April 2026. https://aws.amazon.com/blogs/security/building-ai-defenses-at-scale-before-the-threats-emerge/↩
- 7DARPA, Cyber Grand Challenge, 2016. https://www.darpa.mil/research/programs/cyber-grand-challenge↩
- 8Linux Foundation, Introducing Project Glasswing: Giving Maintainers Advanced AI to Secure the World's Code, April 2026. https://www.linuxfoundation.org/blog/project-glasswing-gives-maintainers-advanced-ai-to-secure-open-source↩
- 9SecurityWeek, Anthropic Unveils 'Claude Mythos' — A Cybersecurity Breakthrough That Could Also Supercharge Attacks, April 2026. https://www.securityweek.com/anthropic-unveils-claude-mythos-a-cybersecurity-breakthrough-that-could-also-supercharge-attacks/↩
