Last week, Anthropic unveiled Project Glasswing — a coalition of twelve major technology companies built around a single, uncomfortable fact: their unreleased Claude Mythos Preview model can autonomously find and exploit zero-day vulnerabilities in every major operating system and web browser.
Not theoretically. Thousands of them. Including a 27-year-old bug in OpenBSD and a 16-year-old flaw in FFmpeg that automated tools hit five million times without catching.
Here's the short version of what matters.
The Expertise Barrier Is Gone
Finding exploitable vulnerabilities in hardened systems used to require a few hundred people worldwide. Mythos compresses that into an API call. Non-security engineers at Anthropic asked the model to find remote code execution vulnerabilities overnight. They had working exploits by morning.
On benchmarks, Mythos scores 83.1% on vulnerability reproduction versus 66.6% for Claude Opus 4.6. On real-world exploit development against Firefox's JS engine, it succeeded 181 times where Opus 4.6 managed two.
The Controlled Release Buys Time, Not Safety
Anthropic isn't releasing Mythos publicly. Access is restricted to Glasswing partners (AWS, Microsoft, Google, CrowdStrike, Cisco, Apple, Palo Alto Networks, and others) plus 40+ organisations maintaining critical infrastructure. They're committing $100M in usage credits to the effort.
The strategy is sound: give defenders a head start. But Anthropic acknowledges that "it will not be long before such capabilities proliferate." This is a window, not a solution.
What To Do Now
- Compress your patch cycle. If AI can find and weaponise zero-days in hours, 30-day patch windows are a liability.
- Reassess your scanning tools. Mythos doesn't pattern-match known vulnerabilities. It reasons about code, forms hypotheses, and iterates. Traditional SAST/DAST can't do this.
- Fund your open-source dependencies. The software you depend on is maintained by people who can't afford the security tooling that just changed the game. Anthropic's $4M donation to open-source security orgs signals the problem; it doesn't solve it.
- Harden your agent infrastructure. If you're running agentic AI systems — agents that execute code, access APIs, handle sensitive data — ask yourself: what happens when a Mythos-class model probes your execution environment? Platforms that treat security as core architecture, not an afterthought, are now in a materially different position.
The Bottom Line
Anthropic will publish a 90-day report (likely early July) on what Glasswing has found and fixed. Until then, the best response is to assume your systems contain vulnerabilities that existing tools haven't found — because a model that's better than all but the top human security researchers is now scanning for them.
The vulnerability surface hasn't changed. The cost of discovering it has.
Where Amulet Fits
Most businesses do not need the most dangerous model in the world. They need an agent they can trust with real work. That means secure execution, strong auditability, data sovereignty, and workflows built for business outcomes, not demos.
If you are thinking through what agentic AI looks like inside a real company, Amulet is building for that future.