281/69 Monday, May 25, 2026
Anthropic revealed that Project Glasswing, the company’s proactive cybersecurity initiative, has identified more than 10,000 High and Critical vulnerabilities in widely used and mission-critical software projects worldwide since the program began last month. The initiative granted approximately 50 partners access to Claude Mythos Preview, an advanced AI model capable of analyzing source code and identifying vulnerabilities before threat actors can exploit them in real-world attacks.
According to the project findings, researchers identified 6,202 High or Critical vulnerabilities affecting more than 1,000 open-source projects. Further validation confirmed 1,726 of these findings as true positives, with 1,094 classified as High or Critical severity issues. One notable vulnerability discovered during the initiative was CVE-2026-5194 in WolfSSL, carrying a CVSS score of 9.1, which could allow attackers to forge digital certificates and impersonate trusted services. As a result of the project, developers have already patched 97 vulnerabilities, and 88 security advisories have been issued to affected projects.
Anthropic stated that while AI significantly accelerates vulnerability discovery, the greater challenge lies in patching and deploying fixes quickly enough to prevent exploitation. The company warned that similarly capable AI models are likely to become more widespread in the future, increasing pressure on organizations to improve vulnerability management processes. Anthropic recommends that software developers and system administrators shorten patch development and deployment timelines, strengthen secure-by-default configurations, enforce Multi-Factor Authentication (MFA), and maintain comprehensive logging practices to improve detection and response capabilities against evolving cyber threats.
Source https://thehackernews.com/2026/05/claude-mythos-ai-finds-10000-high.html