The first report card for Anthropic’s controversial Claude Mythos Preview includes the 50 members of the vendor’s Project Glasswing using the frontier AI model to find more than 10,000 high- or critical-severity vulnerabilities and exposes the challenges of humans trying to fix so many security flaws.

In a report outlining the results of the first month since the announcement of Mythos and launch of Project Glasswing, Anthropic executives wrote that model’s extraordinary capabilities in finding and identifying vulnerabilities – and the speed with which it can generate exploits for the vulnerabilities – will change how the cybersecurity industry addresses the patching of bugs, particularly as more such models are developed and released.

“Progress on software security used to be limited by how quickly we could find new vulnerabilities,” they wrote. “Now it’s limited by how quickly we can verify, disclose, and patch the large numbers of vulnerabilities found by AI.”

The numbers of both vulnerabilities discovered and patched over the past month show significant increases over the norm. Cloud network and security company Cloudflare reported finding 2,000 bugs – 400 of them being high- or critical-severity – with a false-positive rate it rated better than human testers. Mozilla found and fixed 271 vulnerabilities in Firefox 150 using Mythos, a 10-times the number that the company found using Anthropic’s Claude Opus 4.6 for Firefox 148.

“As these capabilities reach the hands of more defenders, many other teams are now experiencing the same vertigo we did when the findings first came into focus,” Mozilla CTO Bob Holley wrote. “For a hardened target, just one such bug would have been red-alert in 2025, and so many at once makes you stop to wonder whether it’s even possible to keep up. Our experience is a hopeful one for teams who shake off the vertigo and get to work.”

Microsoft, Others Detail Mythos Use

Microsoft officials reported they expect the number of new patches the company will release will continue to climb with their use of frontier AI models and Oracle executives said they’re finding and fixing security flaws multiple times faster across its products and cloud environment. Palo Alto Networks’ latest release included more than five times the usual number of patches.

“The big question just a few weeks ago was: ‘Are we overstating the model capabilities?’” wrote Lee Klarich, Palo Alto’s chief product and technology officer. “With more testing, I can confidently say we weren’t. In fact, these models are likely even better at finding vulnerabilities than we initially realized.”

Anthropic earlier this month admitted to letting Glasswing members share their Mythos-based findings.

Scanning Open Source Projects

In addition, the Anthropic executives wrote that they’ve been using Mythos to scour more than 1,000 open source projects that are crucial to internet operations, including the work that the AI vendor does. The model detected 23,019 vulnerabilities in the projects, including 6,202 estimated to be high- or critical-severity vulnerabilities. An assessment by six independent security research firms found that 90.6% of the findings were valid true positives, with 62.4% confirmed to be high- or critical-severity.

They pointed to a security flaw in wolfSSL, an open cryptography library used by billions of devices. Mythos built an exploit for the flaw that would let a bad actor forge certificates that could let them host a fake but legitimate-looking website for a bank or email provider. The vulnerability, tracked as CVE-2026-5194, has been patched.

Anthropic has created a dashboard of the open source vulnerabilities scanned, the company’s disclosure process – from discovery and triage to disclosure and remediation – and its progress over time.

Changes to Patching Process Needed

Given what’s happened after in the month since launching Project Glasswing, the security industry needs to focus on creating processes for managing the massive numbers of vulnerabilities found by Mythos and similar models that are surely on their way.

The software industry typically discloses new vulnerabilities 90 days after discovery, or 45 days after a patch becomes available if the fix is created before the 90 days are reached.

“Currently, there’s often a long lag between the discovery of a vulnerability, the creation of a patch for it, and the time when the patch is widely deployed by end users,” they wrote. “This leaves open a significant window for attackers to exploit critical software. Mythos-class models significantly shrink the time and cost required to find and exploit vulnerabilities, magnifying the risk associated with these time lags.”

They added that “ultimately, Mythos-class models will enable developers to build far more secure software by catching bugs before they are deployed. But this interim period – while vulnerabilities are being rapidly discovered and slowly patched – presents new risks.”

Steps to Take Now

For now, software developers need to shorten their patch cycles and make security fixes available as quickly as possible and network defenders need to shorten their patch testing and deployment timelines. Anthropic and other AI vendors are working on tools to make this easier and faster to do, the Anthropic executives wrote.

Those include models that already are generally available, which already can detect vulnerabilities, even if it’s not at the same rate as Mythos. In addition, Anthropic has released in public beta for Claude Enterprise users Claude Security for scanning code bases for vulnerabilities and creating proposed fixes. Since launching earlier this month, Claude Opus 4.7, using Claude Security, has been used to patch more than 2,100 vulnerabilities.

Anthropic also has its new Cyber Verification Program for security teams already using the vendor’s models for such jobs as vulnerability research and penetration testing to continue to do so without some safeguards used to prevent cyber misuse.

A Look Into the Future

The worry is that more models with similar capabilities as Mythos will be available from other AI companies and that, without the right safeguards, will make it easier and cheaper for threat actors to create exploits for found security flaws.

Anthropic executives wrote that they, along with partners as well as U.S. and other governments, will add more organizations to Project Glasswing and that “in the near future, once we’ve developed the far stronger safeguards we need, we look forward to making Mythos-class models available through a general release.”