Overview
- Anthropic says its Claude Mythos Preview scanned more than 1,000 open‑source projects and flagged about 23,000 potential vulnerabilities, with partners in Project Glasswing reporting over 10,000 high‑ or critical‑severity issues in the first month.
- Independent reviewers assessed a sample of 1,752 high‑ or critical‑rated findings and validated more than 90 percent as true positives, and roughly 62 percent of those confirmed were judged high or critical.
- The model can autonomously generate working exploits in testing, which Anthropic reported succeeding about 72 percent of the time, a capability the company says makes public release too risky without stronger safeguards.
- Few of the flagged defects have been publicly patched so far, with vendors and open‑source maintainers struggling to triage, verify and deploy fixes fast enough to keep pace with the volume of AI discoveries.
- Governments and large tech firms are seeking controlled access or testing—India has begun stress tests on financial and government systems—and Anthropic plans to expand partner access to allied states while withholding broader release until safeguards improve.