Anthropic has published impressive early results from Project Glasswing, its AI-powered cybersecurity initiative launched just one month ago. The project uses Claude Mythos Preview, an unreleased AI model that has already helped partners discover more than 10,000 vulnerabilities across various software systems.
The results show a dramatic improvement in bug-finding efficiency. Most partners found hundreds of critical or high-severity vulnerabilities in their software, with bug discovery rates increasing by more than ten times compared to previous methods.
Major tech companies have reported significant security improvements through the program. Cloudflare discovered 2,000 bugs, with 400 classified as high or critical severity. Mozilla found and fixed 271 vulnerabilities in Firefox – ten times more than what it discovered using an older Claude model on a previous browser version. Microsoft’s recent announcement about larger patch releases is directly tied to bugs found through Mythos Preview.
The scope of Mythos Preview’s capabilities extends beyond partner companies. Anthropic used the model to scan 1,000 open-source projects over recent months, identifying 6,202 high and critical-severity vulnerabilities out of 23,019 total findings. A security research firm also claimed it successfully breached macOS using Mythos’ bug-finding capabilities, though this wasn’t included in Anthropic’s official report.
Despite these promising results, Anthropic isn’t releasing Mythos Preview to the public yet. The company acknowledges that neither it nor other organizations have developed adequate safeguards to prevent misuse of such powerful models. This cautious approach reflects growing industry awareness about the dual-use nature of AI security tools – the same capabilities that help find vulnerabilities could potentially be exploited by bad actors.
The company plans to expand Project Glasswing’s availability through partnerships with governments, including the US. This strategy suggests Anthropic is working to rebuild its relationship with American authorities after previous tensions. Current partners include:
- Amazon Web Services
- Apple
- CrowdStrike
- JPMorgan Chase
- NVIDIA
- Palo Alto Networks
The timing of these developments coincides with Anthropic’s improving financial position. Reports indicate the company is approaching profitability for the first time since its 2021 founding, with projected revenue of $10.9 billion and operating profit of $559 million for the quarter ending in June. However, the company expects this profitability to be temporary as it plans increased investment in computing resources and other operational expenses.
Project Glasswing represents a significant development in AI-assisted cybersecurity. As cyber threats become more sophisticated, the ability to automatically discover vulnerabilities at scale could prove essential for maintaining software security across the technology industry. The challenge now lies in balancing these defensive capabilities with appropriate safeguards to prevent misuse.