Anthropic launches Project Glasswing: new model found vulnerabilities in all major operating systems and browsers

Anthropic launched Project Glasswing — a closed AI platform for automatically detecting vulnerabilities in corporate systems. Partners include Nvidia, Google, Amazon Web Services, Apple, Microsoft, and a number of other major players. The goal is to provide large companies and government agencies with a tool capable of finding security gaps without significant human involvement. For launch participants, Anthropic opened access to Claude Mythos Preview — a new universal model that the company does not plan to release publicly for now. The reason is security considerations: the model is powerful enough that in the wrong hands it could become a tool of attack rather than defense.

Newton Chen, head of cybersecurity direction at Anthropic's frontier red team, told The Verge that Claude Mythos Preview discovered security issues in literally every major operating system and every popular browser during testing.

Project Glasswing is positioned as a tool for so-called continuous automated penetration testing. Traditionally, vulnerability discovery requires large teams of specialists and takes weeks. An AI model can complete the same work in hours, systematically checking codebases, configurations, and network perimeters. This is what makes the technology interesting not only to corporations but also to government cybersecurity agencies.

It's important to understand the context: Anthropic intentionally restricts access to Claude Mythos Preview and does not intend to make it part of the public API. According to the team, this is a conscious decision — the risk of misuse is too high. Project partners undergo screening, and the platform itself implies strict control over how and by whom the model is used.

Project Glasswing is yet another signal that the largest AI companies are seriously entering the cybersecurity sector. Until now, specialized players dominated here. Now, fundamental models with reasoning capabilities are mature enough to conduct full-fledged vulnerability searches.

The question is not whether AI will replace security specialists, but how quickly this tool will become an industry standard.