Anthropic Launches Project Glasswing with Mythos AI Model to Address Cybersecurity Vulnerabilities

Anthropic announced Project Glasswing on Tuesday, a cybersecurity initiative centered on a preview of its new AI model, Claude Mythos. The model demonstrates advanced capabilities in vulnerability discovery, exploit development, and penetration testing.

Over 40 organizations, including Microsoft, Apple, Google, Amazon Web Services, Nvidia, Cisco, Broadcom, the Linux Foundation, CrowdStrike, and Palo Alto Networks, have private access to Mythos Preview for testing on their systems.

The collaboration provides participants time to address vulnerabilities identified by the model, following principles of coordinated vulnerability disclosure. Anthropic states that Mythos Preview has already uncovered thousands of critical vulnerabilities, including decades-old bugs in scrutinized code.

The model excels at tasks such as producing attack chains, proofs of concept, endpoint security assessments, hunting system misconfigurations, and evaluating software binaries without source code access.

Model Capabilities and Industry Implications Claude Mythos was trained for code proficiency, which results in strong performance in cybersecurity tasks without specific training for them.

Anthropic CEO Dario Amodei noted that the model's abilities represent a significant advancement in AI-assisted security analysis.

“Claude Mythos preview is a particularly big jump," Anthropic CEO Dario Amodei said on Tuesday in a Project Glasswing launch video. "We haven't trained it specifically to be good at cyber. We trained it to be good at code, but as a side effect of being good at code, it's also good at cyber.”

The model has identified security problems in every major operating system and web browser, according to Anthropic. This capability raises concerns about AI's dual-use potential, where it can aid defenders but also enable attackers to develop exploits more efficiently.

Partners expressed support for the initiative. Google's vice president of security engineering, Heather Adkins, stated that AI poses new challenges and opportunities in cyber defense. Microsoft's global CISO, Igor Tsyganskiy, highlighted the opportunity to use AI to improve security at scale.

Broader Context and Future Plans Anthropic is limiting the initial rollout of Mythos to this industry group to mitigate risks from its cybersecurity prowess. The company emphasizes the need for preparation as more powerful AI models emerge across the sector, potentially disrupting current security paradigms. > "The real message is that this is not about the model or Anthropic," Logan Graham, the company's frontier red team lead, tells WIRED. "We need to prepare now for a world where these capabilities are broadly available in 6, 12, 24 months. Many things would be different about security." Logan Graham, Anthropic's frontier red team lead, indicated that the model achieves results comparable to those of a senior security researcher. Project Glasswing serves as a starting point for broader industry exploration, with Anthropic calling for expanded global collaboration to address emerging AI-driven threats.