← BACK TO FEED
Anthropicvulnerability researchClaudecybersecurityAI safety

Anthropic's Claude Mythos Is Finding Bugs Faster Than Anyone Can Fix Them

Anthropic's Claude Mythos Preview AI model, working with around 50 partners through Project Glasswing, identified over 10,000 critical security vulnerabilities in system-critical software within just one month, with some partners reporting a tenfold increase in bug discovery rates. However, the pace of discovery far outstrips the ability of organizations to verify and patch the flaws, with only 97 of 23,019 open-source vulnerabilities found having been fixed so far. Anthropic warns this creates a dangerous transition period where AI models can rapidly find and potentially exploit vulnerabilities faster than defenders can respond, and acknowledges that no company currently has safeguards strong enough to prevent misuse of such capabilities.

Anthropic has published the first results from Project Glasswing, and the numbers are uncomfortable reading. Over a single month, its Claude Mythos Preview model worked alongside roughly 50 partners to turn up more than 10,000 high- or critical-severity vulnerabilities in software that underpins critical infrastructure. The problem isn't the finding. It's that the patching can't keep up.

Anthropick is deliberately vague on specifics for now. The standard responsible disclosure window is 90 days, and most of what Mythos found still can't be discussed publicly without creating fresh risk for end users.

The partner numbers are striking on their own. Cloudflare flagged 2,000 bugs, 400 of them high or critical severity, with a false positive rate that reportedly beat human testers. Mozilla found and fixed 271 vulnerabilities in Firefox 150, more than ten times what Claude Opus 4.6 managed in Firefox 148. Several partners reported their bug discovery rates jumping more than tenfold.

External validation backs this up. The UK's AI Security Institute says Mythos Preview is the first model to fully solve both of its in-house cyber ranges, which simulate multi-stage attacks. Independent security platform XBOW called it a step beyond all prior models, citing 'unprecedented precision.' It also leads academic benchmarks ExploitBench and ExploitGym, though OpenAI's GPT-5.5 is close behind on most of those and is already publicly available.

The knock-on effects are showing up in patch volumes. Palo Alto Networks shipped five times its usual number of patches in its latest release. Microsoft said patch counts will 'continue trending larger for some time.' Oracle claims it's finding and fixing flaws several times faster than before. One partner bank used Mythos to block a fraudulent wire transfer worth over $1.5 million.

Anthropik also ran Mythos Preview across more than 1,000 open-source projects independently. The model flagged 23,019 total findings, with 6,202 estimated to be high or critical severity. Of those, 1,752 have been reviewed so far. Around 90 percent were true positives, and 62 percent were confirmed as genuinely high or critical. Extrapolating those rates, Anthropic estimates Mythos has identified close to 3,900 confirmed serious vulnerabilities in open-source code.

Of the 23,019 total findings, 97 have been patched.

Read that again. Ninety-seven.

Some open-source maintainers have asked Anthropic to slow down disclosure because they simply don't have the bandwidth to respond. Fixing a high or critical bug takes two weeks on average. There are 530 reported, 75 patched, 827 confirmed vulnerabilities still sitting in a queue waiting to be disclosed. Meanwhile, maintainers are already drowning in low-quality, AI-generated bug reports from other sources. The timing could hardly be worse.

Anthropik is candid about what this means. Models with similar capabilities will soon be widely available, if they aren't already. GPT-5.5 fits the profile, and OpenAI also has a specialised variant called GPT-5.5 Cyber. The gap between discovery speed and remediation speed creates a window that's attractive to attackers. Mythos-class models reduce the time and cost of finding and exploiting flaws, and Anthropic acknowledges that no company, including itself, has built safeguards sufficient to prevent serious misuse.

The longer-term picture is better. Models like this should eventually help developers write more secure code before it ships. But that's a future problem. Right now, Anthropic's advice is fairly mundane: shorten patch cycles, make updates frictionless for users, and keep network defences tight with multi-factor authentication, hardened configurations, and proper logging.

Solid advice. Doesn't quite address the 827 vulnerabilities still in the queue, but it's a start.