On 7 April 2026, Anthropic unveiled Project Glasswing, a collaboration with AWS, Apple, Google, Microsoft, and the Linux Foundation that quietly became the most significant moment in software security this decade. Using a restricted model called Claude Mythos Preview, the initiative discovered over 2,000 previously unknown zero-day vulnerabilities across every major operating system and browser — in just seven weeks.
That is roughly 30 per cent of the entire world’s typical annual zero-day output. And fewer than one per cent of those vulnerabilities have been patched.
For development teams, this is not a headline to skim and forget. It is a structural shift in how vulnerabilities are found, disclosed, and — crucially — left unresolved. Here is what your team needs to understand.
TL;DR
- Anthropic’s Project Glasswing used AI (Claude Mythos Preview) to discover over 2,000 zero-day vulnerabilities in seven weeks — 30% of a typical year’s global output
- Fewer than 1% of discovered vulnerabilities have been patched, exposing a massive remediation bottleneck
- Legacy bugs hiding for decades (27-year OpenBSD flaw, 16-year FFmpeg bug) were found where millions of automated scans failed
- Development teams must shift from periodic security audits to continuous, signal-driven vulnerability management
- The “fix gap” — AI finding bugs faster than humans can patch them — is now the defining challenge in application security
What Project Glasswing Actually Did
Glasswing is not a product launch. It is a coordinated vulnerability disclosure programme backed by $100 million in usage credits for over 40 organisations that build or maintain critical software infrastructure, plus $4 million in donations to open-source security organisations specifically for patch development.
The model behind it, Claude Mythos Preview, was not trained specifically on security data. Anthropic reports that its vulnerability discovery capabilities emerged from strong agentic coding and reasoning skills — the same capabilities that make modern AI useful for software engineering more broadly. The difference is scale and persistence: Mythos can examine codebases line by line, across millions of lines, without fatigue or assumption blindness.
The results speak for themselves. A 27-year-old flaw in OpenBSD — one of the most security-hardened operating systems in the world — was found and patched before the public announcement. A 16-year-old bug in FFmpeg surfaced after automated tools had scanned the same line of code five million times without catching it. Mythos achieved a 72.4 per cent success rate in autonomous exploit development against Firefox, compared to near-total failure from previous-generation models.
The Fix Gap: Finding Is Solved, Fixing Is Not
This is where Glasswing stops being a triumphant AI story and becomes a sobering operational one.
Defenders operate on what security researchers call “calendar speed” — roughly four days per patch cycle for well-resourced teams. Attackers leveraging AI now operate at “machine speed,” where the median time from vulnerability disclosure to weaponised exploit has collapsed from 771 days in 2018 to single-digit hours today.
When the most capable vulnerability discovery engine ever built ran against the world’s most critical software, the ecosystem simply could not absorb the output. Traditional patch management processes — largely unchanged for a decade — were designed for a trickle of findings, not a flood. The Cloud Security Alliance has already warned IT teams to prepare for this “flood of vulnerabilities” as AI-driven discovery becomes normalised.
This is the fix gap, and it is now the defining challenge in application security.
What This Means for Your Development Team
1. Your Security Posture Is About to Be Tested
If Mythos found bugs that survived 27 years of expert human review in OpenBSD, your application’s security assumptions deserve scrutiny. The question is not whether AI-driven vulnerability discovery will reach your codebase — it is when, and whether you will be the one running it or someone else will.
2. Periodic Audits Are No Longer Sufficient
Annual penetration tests and quarterly code reviews were designed for a world where vulnerabilities trickled in at human speed. With AI-assisted discovery scaling to thousands of findings per engagement, teams need to shift toward continuous security validation — automated scanning integrated directly into CI/CD pipelines, with real-time triage and prioritisation.
3. Prioritisation Becomes Critical
When you go from dozens of findings to thousands, not everything can be patched immediately. Development teams need risk-based prioritisation frameworks that weigh exploitability, blast radius, and business context. Tools like EPSS (Exploit Prediction Scoring System) and enriched CVSS scoring become essential, not optional.
4. Open-Source Dependencies Are Ground Zero
Many of Glasswing’s discoveries were in widely-used open-source components. If your application depends on FFmpeg, OpenSSL, or any of the thousands of packages in a typical modern stack, you are exposed to whatever AI-driven scanners find next. Software Bill of Materials (SBOM) generation and dependency monitoring are no longer best practices — they are baseline requirements.
5. Secure-by-Design Matters More Than Ever
The most effective defence against a flood of vulnerability findings is writing fewer vulnerabilities in the first place. Memory-safe languages, strict input validation, least-privilege architecture, and threat modelling during design — not after deployment — all reduce the attack surface that AI scanners will inevitably probe.
The Bigger Picture: AI as Both Sword and Shield
Glasswing perfectly illustrates what security researchers call the “dual-use dilemma.” The same AI capabilities that help defenders find and fix vulnerabilities can, in the wrong hands, help attackers find and exploit them. Anthropic has restricted Mythos to vetted partners and committed to responsible disclosure, but the capability itself — AI that deeply understands and can reason about complex software — is not unique to one company.
This is why Forrester, the CSA, and multiple government bodies are already publishing frameworks for what comes next. The economics of vulnerability discovery have permanently shifted. Organisations that adapt their security operations to this reality will be substantially more resilient. Those that do not will find themselves buried under a backlog of critical findings they cannot process quickly enough.
How to Start Preparing Now
For development teams that want to get ahead of this shift, here is a practical starting point:
- Audit your patch management process. How long does it take from vulnerability disclosure to deployed fix? If the answer is weeks, that needs to shrink to days.
- Integrate security scanning into your CI/CD pipeline. SAST, DAST, and dependency scanning should run on every merge request, not quarterly.
- Generate and maintain an SBOM. You cannot patch what you do not know you are running.
- Implement risk-based prioritisation. Not every CVE deserves the same urgency. Use EPSS scores and business context to triage intelligently.
- Invest in developer security training. Shift-left is not just tooling — it is culture.
At REPTILEHAUS, we help development teams build security into their workflows from day one — from DevSecOps pipeline design to AI integration and ongoing security reviews. If your team is looking to modernise its security posture before the AI-driven vulnerability flood arrives, get in touch.
📷 Photo by Ferenc Almasi (@flowforfrank) on Unsplash
