The Glasswing problem
On 7 April 2026, Anthropic announced two things at once. The first was a new frontier model called Claude Mythos Preview. The second was Project Glasswing, a coalition of twelve technology and finance companies that would receive controlled access to that model, with everyone else, including paying API customers, locked out indefinitely. The accompanying blog posts from Anthropic’s red team made a remarkable claim: Mythos Preview, given an isolated container and a vague prompt, had autonomously discovered thousands of zero-day vulnerabilities across “every major operating system and every major web browser”: a 27-year-old denial-of-service bug in OpenBSD’s TCP stack, a 17-year-old remote code execution flaw in FreeBSD’s NFS server, fully weaponised end-to-end. A 16-year-old vulnerability in FFmpeg’s H.264 codec that had survived every fuzzer and every human reviewer to look at the code since 2010. In Mozilla Firefox alone, the model surfaced 271 zero-days, shipped as fixes in Firefox 150, the largest single batch of security fixes in the browser’s history. ...