Anthropic presented the project Glasswing, within which it will provide access to a preliminary version of the AI model Claude Mythos to identify vulnerabilities and improve the security of mission-critical software. Project participants include the Linux Foundation, as well as Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA and Palo Alto Networks. About 40 more organizations also received invitations to participate in the project.
The Claude Opus 4.6 AI model, released in February, reached a new level of quality in areas such as identifying vulnerabilities, finding and fixing errors, reviewing changes, and generating code that made it possible to identify more than 500 vulnerabilities in open-source projects and generate a C compiler capable of building the Linux kernel. However, the Claude Opus 4.6 model performed poorly in creating working exploits.
The next generation model “Claude Mythos”, according to Anthropic, is significantly ahead of Claude Opus 4.6 in the field of writing ready-made exploits. When attempts were made to create exploits for vulnerabilities identified in the Firefox 147 JavaScript engine, only two attempts in Claude Opus 4.6 were successful. In contrast, using a preliminary version of the Mythos model, working exploits were created 181 times out of several hundred attempts, increasing the percentage of successful exploits from almost zero to 72.4%.
In addition, Claude Mythos has enhanced capabilities to find errors and vulnerabilities, leading to new risks for the industry as exploits for unpatched vulnerabilities (0-day) can be created by non-professionals in a matter of hours. The Mythos model has reached a level of capabilities in finding and exploiting vulnerabilities that rivals professional quality.
To ensure industry readiness before opening unlimited access to an AI model with such capabilities, access to the preliminary edition of Claude Mythos was provided to a select group of experts to work on identifying and addressing vulnerabilities in critical software products and open-source software. A $100