Anthropic published its first Glasswing update on May 22, and the headline number is the kind that makes security teams nervous rather than relieved. In its first month, the company says Claude Mythos Preview and roughly 50 partners found more than 10,000 high- or critical-severity vulnerabilities in the software that holds the internet together.
Finding bugs stopped being the hard part
That is the actual story here, and Anthropic says it plainly: progress used to be capped by how fast anyone could find new flaws. Now it is capped by how fast humans can verify, disclose, and ship patches. Machines spot the holes in minutes. People still have to fix them.
The proof is in the gap. Of the open-source bugs assessed so far, Anthropic estimates Mythos Preview surfaced 6,202 high- or critical-rated issues. It has disclosed 530 of them to maintainers. Seventy-five are patched. A high-severity bug takes about two weeks to patch on average, and that math does not scale when one model is generating thousands of leads.
So some maintainers did the only thing they could. They asked Anthropic to slow down. Volunteer open-source teams, already buried under low-quality AI-generated reports, told the company they needed more time to design fixes. A vulnerability scanner that works too well becomes its own denial-of-service attack on the people meant to respond.
The numbers worth trusting, and the ones worth squinting at
The 10,000 figure is largely self-reported by partners, so treat it as a directional claim rather than an audited one. Cloudflare says it found 2,000 bugs across its critical systems, 400 of them high- or critical-severity, with a false positive rate its team rates better than human testers. Mozilla found and fixed 271 vulnerabilities in Firefox 150, more than ten times what it caught a version earlier using an older Claude model.
The figure that actually holds up under scrutiny is the quietest one. Six independent security firms assessed 1,752 of the open-source findings. 90.6% turned out to be valid true positives. That is independent verification of someone else's tool, not a vendor grading its own homework, and it is the reason this reads as a working instrument rather than a demo.
One concrete example: Mythos Preview built an exploit in wolfSSL, a cryptography library running on billions of devices, that would let an attacker forge certificates and stand up a convincing fake bank site. It is now patched and logged as CVE-2026-5194.
Why they won't ship it
Anthropic is not releasing Mythos to the public, and the stated reason is unusually blunt for a company announcement. No one, including Anthropic, has safeguards strong enough to stop a model this capable from being misused. So access stays limited to vetted partners and government bodies.
That admission cuts against the optimistic framing of the rest of the post. The whole pitch for Glasswing is defenders getting an early advantage before equally capable models leak out from somewhere less careful. The unspoken part is that the clock is already running.
Next up, Anthropic says it will expand Glasswing to more partners, including US and allied governments. A full technical writeup of the wolfSSL flaw is due in the coming weeks.
