AI & Machine LearningQuantum Computing

Anthropic Unveils AI Model Capable of Exploiting Software Vulnerabilities

Analyst 207||Source: Schneier
Lone figure in dimly lit room surrounded by computer screens with code and error messages.

Can a tool that exposes weaknesses in the digital skeleton of modern life be safely kept out of the world it was built to defend? Last week, Anthropic offered a stark answer: sometimes, containment is the only immediate option.

The reveal and the response

Anthropic pulled back the curtain on Claude Mythos Preview, an AI model described by the company as so capable at finding and exploiting software vulnerabilities that it was judged too dangerous for public release. Instead of broad availability, access has been restricted to roughly 50 organizations under an initiative the company calls Project Glasswing.

Who got the keys — and why that matters

Project Glasswing’s roster includes major technology firms and vendors of critical infrastructure by name: Microsoft, Apple, Amazon Web Services and CrowdStrike, among others. The announcement was accompanied by a barrage of hair-raising anecdotes: "thousands of vulnerabilities uncovered across every major..."

An uneasy trade-off

  • Containment as policy: Anthropic’s decision frames containment — limiting distribution to a vetted set of partners — as a practical control when a capability is judged hazardous enough to withhold from general release.
  • Shared defensive resources: By concentrating access among prominent vendors and infrastructure suppliers, Project Glasswing appears designed to route the model’s outputs toward actors who can patch, harden, or otherwise neutralize identified weaknesses.
  • Unstated risks and open questions: The announcement itself raises immediate questions. Does restricting access reduce overall risk, or does concentrating a powerful capability create single points of failure? How will the selected organizations coordinate disclosure and remediation? The source material presents the decision and the recipients, but leaves these operational and governance details unspecified.

Why observers should pay attention

The episode highlights a recurring dilemma in emerging technology: when a system can accelerate the discovery and exploitation of vulnerabilities, choices about distribution, oversight and responsibility become central. Anthropic’s move to limit access and to partner with large, established firms puts the company’s judgment and those partners’ practices at the center of how this capability will be used — for better or worse. The public-facing announcement and its dramatic anecdotes signal both the potency of the tool and the limits of what the company is willing to entrust to the broader community.

If a private actor can build a capability powerful enough to withhold from public release, who decides how it is governed — and who watches the watchers?

Original story

AnthropicArtificial IntelligenceEmerging ThreatsResponsible AiVulnerability ManagementAI ModelProject GlasswingClaude Mythos PreviewSoftware Vulnerability ExploitationSecure By Design
Related Intelligence

Continue Reading

Florida Attorney General James Uthmeier holds a lawsuit folder in a government setting.

Florida Sues OpenAI, Altman Over Alleged Safety Neglect

Florida's top lawman, Attorney General James Uthmeier, is taking a stand against OpenAI and its CEO Sam Altman, alleging the company prioritized profits over safety, putting users at risk. He's filed a civil suit seeking penalties and holding Altman personally accountable for the harm caused to Floridians.

Analyst 207
Formal conference room with laptops and tablets on a large table.

Trump's AI Order Falls Short on Safety, Security Oversight

As President Trump recently issued an executive order calling on AI companies to voluntarily share their most powerful models with the US government, concerns linger about the lack of concrete safety and security oversight. It's now up to Congress to step in and address the potential risks without stifling innovation or compromising free expression.

Analyst 207
Researchers surrounded by old books and manuscripts use a computer to display a decrypted medieval cipher in a library…

Machine Learning Decrypts Medieval Ciphers

Researchers are harnessing the power of machine learning algorithms to crack medieval codes, bringing ancient secrets to life with modern technology. By applying these innovative techniques, they're unlocking the mysteries hidden within historical pencil-and-paper ciphers.

Analyst 207
Professionals in a brightly-lit data center with server racks and a large computer screen.

UK Banks Gain Access to OpenAI's GPT-5.5 Cyber Model

UK banks are now part of an exclusive group gaining early access to OpenAI's cutting-edge GPT-5.5 Cyber model, a powerful AI tool designed to bolster their defenses against sophisticated cyber threats. This move comes as Anthropic's rival program, Project Glasswing, expands to 200 partners, leaving some UK banks to tap into OpenAI's innovative solution instead.

Analyst 207