What is Project Glasswing?

Project Glasswing is an initiative by Anthropic that provides select organizations with access to Claude Mythos Preview to enhance defensive cybersecurity measures and address identified vulnerabilities.

Why is Claude Mythos Preview not publicly available?

Due to its potential for misuse in exploiting vulnerabilities, Anthropic has restricted access to Claude Mythos Preview to prevent malicious exploitation and to ensure responsible deployment.

Anthropic's Claude Mythos Preview: A Game-Changer in AI-Driven Cybersecurity

Discover how Anthropic's latest AI model is revolutionizing vulnerability detection and what it means for the future of cybersecurity.

Published: April 15, 2026

Share this on:

Executive Summary

In April 2026, Anthropic unveiled Claude Mythos Preview, an advanced AI model capable of autonomously identifying thousands of zero-day vulnerabilities across major operating systems and web browsers. This model discovered critical flaws, some existing for decades, and demonstrated the ability to chain multiple vulnerabilities into sophisticated exploits. Due to its potential for misuse, Anthropic restricted access to select organizations under Project Glasswing, aiming to bolster defensive cybersecurity measures. The emergence of AI models like Claude Mythos Preview signifies a paradigm shift in cybersecurity, where AI can both uncover and potentially exploit vulnerabilities at an unprecedented scale. This development underscores the urgency for organizations to adopt continuous, AI-augmented security testing and to reassess their remediation strategies to keep pace with rapidly evolving threats.

Why This Matters Now

The rapid advancement of AI in vulnerability discovery necessitates immediate action from organizations to integrate AI-driven security measures and enhance their defensive capabilities to mitigate emerging threats effectively.

Attack Path Analysis

An AI model autonomously identifies and exploits zero-day vulnerabilities in major operating systems and browsers, leading to unauthorized access, privilege escalation, lateral movement within networks, establishment of command and control channels, data exfiltration, and significant operational impact.

Kill Chain Progression

Initial Compromise

High

Privilege Escalation

High

Lateral Movement

High

Command & Control

High

Exfiltration

High

Impact

High

Initial Compromise

Description

The AI model autonomously identifies and exploits zero-day vulnerabilities in major operating systems and browsers, gaining unauthorized access to target systems.

Confidence:

High

MITRE ATT&CK® Techniques

Resource Development

T1588.007

Obtain Capabilities: Artificial Intelligence

Reconnaissance

T1595.002

Active Scanning: Vulnerability Scanning

Execution

T1203

Exploitation for Client Execution

Defense Evasion

T1211

Exploitation for Defense Evasion

Defense Evasion

T1070

Indicator Removal on Host

Initial Access

T1566

Phishing

Potential Compliance Exposure

Mapping incident impact across multiple compliance frameworks.

PCI DSS 4.0 – Ensure all system components are protected from known vulnerabilities

Control ID: 6.2

The rapid identification of vulnerabilities by AI tools underscores the necessity for organizations to maintain up-to-date patch management processes to protect against known exploits.

NYDFS 23 NYCRR 500 – Penetration Testing and Vulnerability Assessments

Control ID: 500.05

The emergence of AI-driven vulnerability discovery necessitates more frequent and comprehensive penetration testing to identify and remediate security gaps effectively.

DORA – ICT Risk Management Framework

Control ID: Article 5

Organizations must integrate AI-related risks into their ICT risk management frameworks to address the evolving threat landscape posed by AI-enhanced cyber threats.

CISA ZTMM 2.0 – Identity and Access Management

Control ID: Identity Pillar

The use of AI in cyber attacks highlights the importance of robust identity and access management controls to prevent unauthorized access facilitated by AI-driven techniques.

NIS2 Directive – Cybersecurity Risk Management Measures

Control ID: Article 21

Entities are required to implement appropriate technical and organizational measures to manage risks posed by AI-driven cyber threats, ensuring the security of network and information systems.

Sector Implications

Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.

Computer Software/Engineering

AI-enhanced vulnerability discovery accelerates exploit development against software products, requiring continuous testing and AI-augmented security measures for development lifecycles.

Financial Services

Compressed exploit timelines and AI-discovered vulnerabilities threaten critical financial systems, demanding immediate continuous monitoring and enhanced compliance validation capabilities.

Health Care / Life Sciences

HIPAA-regulated healthcare systems face elevated risk from AI-discovered vulnerabilities in medical devices and patient data platforms requiring enhanced segmentation.

Information Technology/IT

IT infrastructure providers must adapt security frameworks to address AI-scale vulnerability discovery and implement continuous validation across multi-cloud environments.

Sources

Anthropic’s Claude Mythos Preview: The AI Cybersecurity Inflection Pointhttps://bishopfox.com/blog/anthropics-claude-mythos-preview-the-ai-cybersecurity-inflection-point
Verified

Project Glasswinghttps://www.anthropic.com/project/glasswing

Verified

Anthropic's new AI model finds and exploits zero-days across every major OS and browserhttps://www.helpnetsecurity.com/2026/04/08/anthropic-claude-mythos-preview-identify-vulnerabilities/

Verified

Claude Mythos Is Everyone's Problemhttps://www.theatlantic.com/technology/2026/04/claude-mythos-hacking/686746/

Verified

Frequently Asked Questions

Claude Mythos Preview is an advanced AI model developed by Anthropic, capable of autonomously identifying and exploiting software vulnerabilities across major operating systems and web browsers.

Cloud Native Security Fabric Mitigations and ControlsCNSF

Aviatrix Zero Trust CNSF is pertinent to this incident as it could likely limit the attacker's ability to exploit zero-day vulnerabilities, escalate privileges, move laterally, establish command and control channels, and exfiltrate data, thereby reducing the overall blast radius.

Initial Compromise

Control: Cloud Native Security Fabric (CNSF)

Mitigation: The attacker's ability to exploit zero-day vulnerabilities may be constrained, reducing the likelihood of unauthorized access to target systems.

Privilege Escalation

Control: Zero Trust Segmentation

Mitigation: The attacker's ability to escalate privileges could be limited, reducing the scope of administrative control over compromised systems.

Lateral Movement

Control: East-West Traffic Security

Mitigation: The attacker's lateral movement within the network may be restricted, reducing the number of systems that can be compromised.

Command & Control

Control: Multicloud Visibility & Control

Mitigation: The establishment of command and control channels could be detected and disrupted, limiting the attacker's ability to manage compromised systems remotely.

Exfiltration

Control: Egress Security & Policy Enforcement

Mitigation: The attacker's ability to exfiltrate sensitive data may be constrained, reducing the risk of data loss.

Impact (Mitigations)

The overall impact of the attack could be mitigated, reducing operational disruption, data loss, and reputational damage.

Impact at a Glance

Affected Business Functions

Software Development
Cybersecurity Operations
IT Infrastructure Management

Operational Disruption

Estimated downtime: N/A

Financial Impact

Estimated loss: N/A

Data Exposure

Potential exposure of sensitive software vulnerabilities across major operating systems and browsers.

Recommended Actions

• Implement Zero Trust Segmentation to restrict lateral movement and limit the spread of potential breaches.
• Deploy Inline Intrusion Prevention Systems (IPS) to detect and block exploit attempts targeting known vulnerabilities.
• Enhance East-West Traffic Security to monitor and control internal network communications, preventing unauthorized access.
• Establish Multicloud Visibility & Control to gain comprehensive insights into network traffic and detect anomalous activities.
• Enforce Egress Security & Policy Enforcement to control outbound traffic and prevent data exfiltration to unauthorized destinations.

Secure the Paths Between Cloud Workloads

A cloud-native security fabric that enforces Zero Trust across workload communication—reducing attack paths, compliance risk, and operational complexity.

Stop Advanced Threats Get a Free Workload Attack Path Assessment Under Active Attack?

Anthropic's Claude Mythos Preview: A Game-Changer in AI-Driven Cybersecurity

Executive Summary

Why This Matters Now

Attack Path Analysis

Kill Chain Progression

Initial Compromise

Description

MITRE ATT&CK® Techniques

Obtain Capabilities: Artificial Intelligence

Active Scanning: Vulnerability Scanning

Exploitation for Client Execution

Exploitation for Defense Evasion

Indicator Removal on Host

Phishing

Potential Compliance Exposure

PCI DSS 4.0 – Ensure all system components are protected from known vulnerabilities

NYDFS 23 NYCRR 500 – Penetration Testing and Vulnerability Assessments

DORA – ICT Risk Management Framework

CISA ZTMM 2.0 – Identity and Access Management

NIS2 Directive – Cybersecurity Risk Management Measures

Sector Implications

Computer Software/Engineering

Financial Services

Health Care / Life Sciences

Information Technology/IT

Sources

Frequently Asked Questions

Cloud Native Security Fabric Mitigations and ControlsCNSF

Impact at a Glance

Affected Business Functions

Recommended Actions

Key Takeaways & Next Steps

Secure the Paths Between Cloud Workloads