Project Glasswing: AI Autonomously Discovers Thousands of Zero-Day Vulnerabilities

On April 7, 2026, Anthropic announced Project Glasswing and unveiled Claude Mythos Preview, a frontier AI model that marks a turning point in cybersecurity. Without being explicitly trained for this purpose, the model demonstrated the ability to autonomously discover thousands of zero-day vulnerabilities across operating systems, browsers, and critical applications used at global scale.

The findings include decades-old bugs in projects widely considered extremely secure, such as OpenBSD, FreeBSD, and FFmpeg, exposing the limits of traditional security methods including fuzzing and static analysis.

Need to assess your exposure to AI-accelerated threats? Our team can audit your infrastructure, prioritize critical patches, and deploy continuous monitoring. See Managed IT Services or IT Outsourcing for proactive protection.

A crucial aspect of this progress is that the exploitation abilities were not the result of specialized training. They emerged as a side effect of general improvements in reasoning, code analysis, and autonomy.

This observation suggests such capabilities will become increasingly common among advanced AI models developed by other organizations, significantly raising the risk level for the global software ecosystem.

Compared to previous generations, the jump in capability is dramatic. Where earlier models only occasionally managed to turn vulnerabilities into working exploits, Mythos Preview can do so at scale, producing hundreds of relevant crashes and multiple full exploit chains, including privilege escalation and remote code execution.

Beyond discovery, the model also classifies issues with high accuracy, approaching that of human experts, which makes it useful not only for finding bugs but also for prioritization and response.

The economic impact is as important as the technical one. The cost of discovering and exploiting vulnerabilities has fallen by orders of magnitude, turning work that previously required specialized teams and significant budgets into an accessible and automatable process.

At the same time, the speed at which these vulnerabilities can be found and weaponized has increased sharply, drastically shrinking the reaction window for organizations. What used to take months between discovery and wide exploitation can now collapse to hours or even minutes.

In response to these risks, Anthropic has decided not to release Mythos Preview publicly. Instead, access is limited to a consortium of global organizations, including major technology and security vendors as well as institutions that manage critical infrastructure and key open-source projects.

The goal of Project Glasswing is to use these capabilities to find and fix vulnerabilities before malicious actors can exploit them, within a coordinated and controlled framework.

For MSPs and the organizations they serve, the implications are clear and immediate. On one hand, offensive risk grows fast: once these capabilities become more widely available, attacks will become more frequent, faster, and more sophisticated.

On the other hand, defensive capabilities will also evolve as security vendors integrate similar technology into their products. However, the benefits will not be distributed evenly, and organizations that run on aging infrastructure or fail to adopt modern security solutions will remain exposed.

In this context, certain measures become essential and can no longer be treated as optional:

• Aggressive patch management. Even decades-old vulnerabilities can now be discovered and weaponized quickly by AI, so prompt patching becomes critical.
• Auditing and retiring legacy systems. Software that no longer receives updates is now a major risk that must be addressed on an accelerated timeline.
• Network segmentation and zero trust. Limiting lateral movement in the event of a compromise becomes a requirement, not an option.
• Continuous monitoring through SIEM and EDR. Fast incident detection is vital when the reaction window shrinks to hours.

While Anthropic's announcement comes in a controversial context, shortly after their own security incident, this does not diminish the importance of the conclusions. The capabilities shown are real, the vulnerabilities found are concrete, and the direction of travel is clear: AI models are becoming increasingly effective at finding and exploiting software weaknesses.

Project Glasswing signals a fundamental shift in the balance between attack and defense. The reaction window narrows, attacker costs drop, and threat complexity rises. Traditional security best practices are no longer enough on their own and must be accelerated, automated, and backed by modern tooling.