Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

SkimNews Take
The expanding volume of monthly software patches, driven by AI-powered detection, suggests a shifting cybersecurity landscape where the sheer scale of discovered vulnerabilities outpaces traditional human analysis and remediation.
Get the Tech newsletter
Daily tech — startups, AI labs, chips, the launches that shape the next decade. Free.
- Anthropic disclosed that its Project Glasswing initiative uncovered more than 10,000 high- or critical-severity vulnerabilities across globally important software since its launch last month.
- Claude Mythos Preview identified 1,094 high- or critical-severity flaws, including a critical CVE‑2026‑5194 in WolfSSL (CVSS 9.1) that could allow an attacker to forge certificates.
- Xbow called Mythos Preview “a major advance,” noting it outperforms prior models at finding vulnerability candidates and can construct full attack chains.
- Partner bank using Glasswing’s AI prevented a $1.5 million fraudulent wire transfer after a breach, demonstrating real‑world defensive use.
- Oracle shifted to a monthly patch cycle, echoing Anthropic’s call for faster security updates.
Why it matters: Software vendors and users gain tighter security as Anthropic’s AI flags critical flaws, while attackers lose exploitable windows; the push for faster patch cycles reduces breach costs and accelerates remediation across the ecosystem.


