10xNews.aiNews.ai
Text AI

Anthropic's AI Finds Over 10,000 Critical Software Bugs in Just One Month

Anthropic's Project Glasswing used its Claude Mythos AI model to discover more than ten thousand high-severity vulnerabilities across critical software, with Cloudflare alone reporting a tenfold increase in bug detection.

Anthropic's AI Finds Over 10,000 Critical Software Bugs in Just One Month
May 23, 2026
2 min read
By James Park

Key Takeaways

  • Project Glasswing partners discovered over ten thousand high or critical severity software vulnerabilities in just one month
  • Cloudflare reported a tenfold increase in bug detection rates using Claude Mythos Preview
  • Independent reviewers confirmed over ninety percent of AI-discovered vulnerabilities are genuine
  • Anthropic withheld the Mythos model from public release due to concerns about misuse for hacking

Anthropic has launched Project Glasswing, a massive artificial intelligence security initiative that uncovered more than ten thousand high or critical severity vulnerabilities in widely used software within its first month. The project pairs Anthropic’s Claude Mythos Preview model with roughly fifty partner organizations including Cloudflare, Mozilla, Palo Alto Networks, and major financial institutions to scan the code that powers much of the modern internet.

How Claude Mythos Finds Hidden Flaws

Claude Mythos Preview is a specialized AI model designed to analyze source code and identify security weaknesses that human reviewers often miss. Think of it like a tireless security auditor that can read millions of lines of code and spot patterns that indicate potential entry points for hackers. In its first open-source scan covering over one thousand projects, the model flagged more than six thousand high or critical severity bugs out of twenty-three thousand total findings. Independent reviewers confirmed that over ninety percent of the discoveries were genuine vulnerabilities. Cloudflare reported that using the model increased their bug detection rate by more than ten times, uncovering two thousand bugs including four hundred rated high or critical severity.

The Patching Bottleneck Problem

While the AI excels at finding problems, fixing them remains a human challenge. Of the five hundred thirty high severity bugs disclosed to software maintainers so far, only seventy-five have been patched, with each fix taking an average of two weeks. Anthropic acknowledges that the real bottleneck has shifted from discovery to remediation. One striking example involved a flaw in the wolfSSL cryptography library that could have let attackers forge security certificates used by banks and email providers. The model also helped a partner bank detect and prevent a one point five million dollar fraudulent wire transfer. Anthropic has not released Mythos publicly due to concerns that bad actors could misuse its exploit development capabilities.

The project signals a fundamental shift in cybersecurity where artificial intelligence can find vulnerabilities far faster than organizations can fix them. With roughly fifty major partners now onboard and plans to expand to government agencies, Glasswing creates both enormous opportunity and urgent pressure to accelerate patch deployment across the entire software industry.

Stay Informed

Weekly AI marketing insights

Join 5,000+ marketers. Unsubscribe anytime.