Anthropic's Mythos AI Finds Thousands of Zero-Days

Get the Tech newsletter
Daily tech — startups, AI labs, chips, the launches that shape the next decade. Free.
- Anthropic announced Project Glasswing on April 7, 2026, deploying its Claude Mythos Preview model to identify and help remediate software vulnerabilities across the tech stack.
- The Claude Mythos Preview model has surfaced 'thousands of zero-day vulnerabilities' in every major operating system and web browser, with some flaws having gone unpatched for decades, per Tom's Hardware's coverage.
- Apple, AWS, Broadcom, Google, NVIDIA, and Microsoft are participating in the effort, with Security Boulevard framing the grouping as an 'unprecedented industry alliance.'
- Apple and Amazon gained access to test the more powerful Mythos model as part of the collaboration, according to Bloomberg's reporting.
- Anthropic is separately bolstering compute capacity through new deals with Google and Broadcom to support Mythos workloads, per CIO Dive.
- Access to Mythos is being restricted to security researchers rather than released broadly, a containment choice Simon Willison argued 'sounds necessary' given the model's offensive capabilities.
Why it matters: The Mythos model appears to compress decades of patch debt into a single discovery cycle, meaning every major OS and browser vendor now faces a coordinated disclosure wave from a single AI source. For the partner companies, early access to Mythos buys leverage in vulnerability remediation; for attackers, the same capabilities raise the ceiling on what AI-assisted exploitation can find before defenders do.




