Anthropic
Anthropic's AI found thousands of security bugs — explained
What Project Glasswing found, why it's a big deal, and why it's also a warning.
Anthropic's Claude Mythos found 6,202 serious security flaws in open-source software.
A lot of the world's software is built on free, 'open-source' code maintained by small teams of volunteers. Anthropic just pointed a powerful AI at it — here's what happened, in plain English.
What it found
Mythos found 6,202 serious (high- or critical-severity) vulnerabilities. To check it wasn't just making things up, six independent security firms reviewed the results and confirmed about 91% were genuine. One flaw was in software (wolfSSL) used by billions of devices, and it has since been fixed.
Why it's both good and worrying
Good: defenders can now find and fix dangerous flaws much faster — Anthropic only gave this tool to about 50 trusted partners like Apple, Google and big banks. Worrying: finding bugs is now easy, but fixing them still depends on busy (often unpaid) people. So there's a growing pile of known problems waiting to be patched.
Sources
- Project Glasswing: An initial update — Anthropic, 26 May 2026
- Anthropic says Mythos has already found more than 10,000 vulnerabilities — Engadget, 26 May 2026
- Anthropic: Claude Mythos identified 10,000+ software flaws — Help Net Security, 26 May 2026