Summary
- Last week, Anthropic introduced Claude Mythos Preview, an unreleased frontier model that can find and exploit software vulnerabilities with unprecedented efficiency.
- In the wrong hands, the model poses systemic risk for business and critical infrastructure. In partnership with major technology companies, Anthropic has launched Project Glasswing to address critical vulnerabilities before they can be exploited by malicious actors
- To prepare for the weaponization of Mythos-class models, software consumers must continue to build high-confidence asset inventories and compress patching cycles while also introducing machine-speed SecOps capabilities. Technology providers must harden their software lifecycle, address defects and accelerate disclosures.
What happened?
On April 6th, Anthropic revealed Project Glasswing, Anthropic’s initiative to secure critical software against AI-enabled adversarial vulnerability identification and exploitation. It is powered by Claude Mythos, which Anthropic calls a step-change in artificial intelligence reasoning and coding. Mythos is reported to be capable of autonomously identifying and exploiting high-severity and zero-day vulnerabilities at unprecedented speed, including bugs that have persisted for decades in hardened operating systems, open-source tools and commonly used web browsers.
Because it can easily be weaponized, Anthropic’s current position is that a public release poses unacceptable systemic risk. Instead, Anthropic has launched Project Glasswing, a tightly controlled, defender-only program that gives access to Mythos Preview to about 50 trusted organizations that maintain critical software and infrastructure.
Glasswing’s purpose is to establish a trusted coalition of key partners that use the model to scan and secure both first-party and open-source systems. Partners will, to the extent they’re able, share information and best practices with each other; within 90 days, Anthropic will report publicly on learnings, as well as the vulnerabilities fixed and improvements made.
Why It’s Important and How it Will Reshape Cyber Defense
Mythos Preview is a potentially major cybersecurity disruptor that could both accelerate the identification and remediation of vulnerabilities, but also greatly expand the risk surface if bad actors leverage the new AI model for malicious objectives.
Sophistication and Speed, But in Who’s Hands? Mythos operates at machine speed to identify software weaknesses, chain exploits and complete end-to-end attack simulations that take security experts days and exponentially more time and resources. It operates autonomously and can convert vulnerabilities into working exploits. While a major advantage for defenders, in the wrong hands Mythos could accelerate and amplify the scope and effectiveness of threat actors.
Intensifying the Patching Gap: Enterprises already struggle to identify, triage and remediate high-severity vulnerabilities, resulting in an unmanageable backlog of exploitable defects. While Anthropic and its partners like AWS, Microsoft and Cisco, are using Mythos to identify and patch bugs, internal teams still must deploy those patches. If your organization takes 30 to 90 days to patch critical systems, you are now operating in an unprotected period where an AI-armed adversary can weaponize a disclosed bug in minutes. Critical infrastructure, which often relies on “stable” legacy software, can emerge as even more attractive targets for AI discovery and exploitation. Because Mythos can also reportedly chain together lower-severity vulnerabilities to enable exploitation, the scope of vulnerabilities requiring speedy patching will likely also expand.
Model Proliferation, Not If But When: AI-powered offensive tools are already in use by commercial red teams, cybercrime groups, and nation-state actors but this latest development should be viewed as a major disruptive event. While Anthropic is keeping Mythos in a “closed loop” for now, we can be reasonably confident that either the model will leak, or a nation-state (like China or Russia) will train a “blackhat” equivalent. When that happens, organizations must prepare to withstand an automated, intelligent operator that may understand your software dependencies better than your own developers do.
While Mythos Preview capabilities and Glasswing’s activities are evolving business can take steps to prepare for the flood of vulnerability disclosures and the potential for malicious use of Mythos-class capabilities.
Enterprises should take the following steps now
Enrich Your Asset Inventory: A high-confidence asset inventory is the bedrock of an effective cyber security program. The Mythos development further amplifies this foundational capability. Having a high-confidence software asset inventory can significantly reduce the mean time to detect and triage a vulnerability by knowing where the vulnerabilities exist within the enterprise environment. It also minimizes blind spots and assists in triaging remediation by understanding the potential impacts of exploitation. Asset intelligence software can leverage AI, data aggregation and analytics to deliver enhanced visibility, tracking and insights into enterprise assets. Maintaining high quality software bills of materials (SBOM) is also essential for asset visibility and shrinking response times.
Shrink the Patch Cycle, Embrace Machine Speed SecOps, and Fast-Track End-of-Life Software Replacement: If your organization’s current process for patching a critical server involves three meetings, a change-control board and a two-week testing cycle, you are now operating at a major disadvantage. Organizations should lean into AI-enabled defense and consider investments in automated patching and micro-segmentation capabilities that can remediate or isolate a system rapidly after an “AI-discovered” flaw is found. AI-assisted analysis can help determine if a vulnerability is actually reachable and executable in the environment. Increasingly organizations are adopting autonomous security agents that can identify anomalous behavior, identify vulnerabilities and deploy patches. While nascent, these capabilities are emerging as key controls for machine-speed threats. End-of-life (EOL) software replacement should be prioritized, and continued use of internet-facing EOL software should require executive-level risk acceptance.
Factor Secure By Design into Go-Forward Software Buying Decisions. Buyers should consider whether software is secure by design. For example, memory safety vulnerabilities are a class of vulnerability affecting how memory can be accessed, written, allocated, or deallocated in unintended ways in programming languages. Buying factors should thus include whether software uses memory safe program language.
Resilience Remains Essential: Sustaining and validating enterprise resilience is a critical countermeasure for managing the risk of AI-enabled exploitation. Organizations should leverage business impact analysis to prioritize defensive controls and business continuity/disaster recovery capabilities. Implementing Zero Trust Architecture (ZTA) can also serve as a key resilience pillar by limiting the attack blast radius. Effective ZTA enforces verified relationships and point-in-time access management across assets, data, and services that can isolate an exploit and constrain the attack scope. Tactical and C-suite level cybersecurity exercises give practitioners and leaders exposure to potential threat scenarios, and stress test the organization’s ability to respond and recover from this new class of potential attacks.
For Developers/Builders
While the Mythos Preview announcement raises significant issues for enterprise software users, software vendors must also consider the following implications.
Supply Chain Transparency: Bad actors are already using frontier models to find vulnerabilities in your dependencies, not just your first-party code – Mythos-equivalent models will materially expand both the skill and speed of weaponized AI. This standardized, machine-readable framework allows software suppliers to communicate whether a known vulnerability is actually exploitable based on product-specific context.
Address Memory Safety Issues: Mythos is reportedly exceptionally good at identifying memory-safety issues and complex logic flaws. Patching memory safety vulnerabilities in the short term is critical but migrating critical components to memory-safe languages is the more sustainable long-term defense, and a key tenant of the Secure by Design guidance published by the U.S. Government’s Cybersecurity and Infrastructure Security Agency.
Accelerated Disclosure and Patch Availability. Given the potential for a collapsed exploitation window caused by Mythos, software vendors should consider how to accelerate their ability to disclose and release patches for newly identified vulnerabilities. Glasswing is expected to report on enhanced vulnerability disclosure processes and timelines which could prove instructive and a model for the industry. This will require more resources for rapid patch development and deployment, helping to reduce the risk of exploitation.
David London is a principal in Cybersecurity at The Chertoff Group.
