Anthropic says mythos preview has already uncovered more than 10,000 vulnerabilities

At a glance:

• Claude mythos preview helped partners discover over 10,000 software vulnerabilities in its first month
• Cloudflare alone reported 2,000 bugs, 400 of them high or critical, while Mozilla found 271 fixes in Firefox using the model
• Anthropic is on track for $10.9 billion revenue and $559 million operating profit in the June quarter, its first profitable period

What is project glasswing

Anthropic launched Project Glasswing in April as a dedicated cybersecurity initiative that leverages its unreleased large‑language model, Claude Mythos Preview. The goal is to use generative AI to automatically discover security flaws across a wide range of software, from cloud platforms to open‑source libraries. In a fresh report, the company claims the model has already assisted partners in finding more than ten thousand vulnerabilities within just a month of the program’s debut.

The report emphasizes that most participating organisations “each found hundreds of critical‑ or high‑severity vulnerabilities in their software” thanks to the model’s bug‑finding capabilities. Anthropic notes that partner detection rates have risen by more than a factor of ten compared with traditional manual or semi‑automated testing methods.

Partner results and numbers

Anthropic lists several high‑profile collaborators that have put Mythos Preview to work:

• Cloudflare – 2,000 bugs discovered, including 400 classified as high or critical severity
• Mozilla – 271 vulnerabilities fixed in Firefox, a ten‑fold increase over an older Claude model
• Microsoft – recent patch releases are larger partly because of bugs identified through Mythos Preview
• Open‑source scan – 1,000 projects examined, yielding 6,202 high‑ and critical‑severity issues out of 23,019 total findings
• Security‑research firm – claimed a macOS breach was facilitated by Mythos‑generated insights (the firm was not named in the report)

In addition, Anthropic is actively working with Amazon Web Services, Apple, CrowdStrike, Google, JPMorgan Chase, NVIDIA, and Palo Alto Networks as part of the Glasswing ecosystem.

Broader impact and future plans

While Mythos Preview remains unavailable to the public, Anthropic argues that current safeguards are insufficient to prevent misuse of such a powerful model. The company plans to release “Mythos‑class models” only after robust protection mechanisms are in place. In the meantime, it intends to expand the initiative with government partners, including the United States, signalling a potential repair of its previously strained relationship with U.S. regulators.

The initiative also highlights a shift in how AI can augment traditional security tooling. By automating large‑scale code review and vulnerability discovery, Anthropic hopes to reduce the time‑to‑patch for critical bugs, a factor that could become increasingly important as software supply chains grow more complex.

Financial outlook and profitability

According to a recent Wall Street Journal report, Anthropic is on track to become profitable for the first time since its 2021 founding. The company projects $10.9 billion in revenue and an operating profit of $559 million for the quarter ending in June. However, Anthropic cautions that this profitability may be short‑lived, as it plans to reinvest heavily in computing infrastructure and other growth‑related expenses in upcoming quarters.

The financial upside of Project Glasswing could be significant. By offering a differentiated security service powered by cutting‑edge AI, Anthropic may open new revenue streams with enterprise and cloud customers, while also strengthening its strategic partnerships across the tech ecosystem.