Particle.news
Download on the App Store

Anthropic’s Mythos Flags Tens of Thousands of Software Flaws in Restricted Preview

Regulators, vendors, maintainers face strain as the AI-identified backlog outpaces capacity to verify and patch.

Overview

  • Anthropic reported Monday that its Claude Mythos model flagged about 23,019 potential vulnerabilities across more than 1,000 open-source projects during a month-long Project Glasswing preview.
  • A sampled set of 1,900 findings was reviewed by external firms and produced 1,726 confirmations with more than 1,000 rated high or critical, and Anthropic estimates confirmed severe flaws could reach roughly 3,900 to 6,200 as scans continue.
  • Project partners using Mythos found and fixed large numbers of bugs with Cloudflare reporting about 2,000 internal bugs including roughly 400 severe issues and Mozilla fixing about 271 Firefox flaws.
  • Public patches remain limited so far with Anthropic citing a 90-day coordinated disclosure window, undercounting of non-advised fixes, and an overloaded maintenance ecosystem that has slowed advisories and remediation.
  • Anthropic is keeping Mythos access restricted to roughly 50 vetted partners while rolling out a complementary scanner called Claude Security and coordinating with global regulators to manage dual-use risks and the compressed exploit window.