Anthropic Glasswing and the Future of Vulnerability Research

What Just Happened

On 8 April 2026, Anthropic announced Project Glasswing — and if you work in cybersecurity, it deserves more than a quick read.

The project is built around Claude Mythos Preview, an unreleased frontier model that Anthropic describes as capable of finding and exploiting software vulnerabilities at a level that “surpasses all but the most skilled humans.” In early testing, it autonomously identified thousands of zero-day flaws across every major operating system and every major web browser. One of them was a 27-year-old bug in OpenBSD — an OS long considered one of the most security-hardened in existence, with millions of automated tests run against it over the decades.

Anthropic isn’t releasing Mythos publicly. Instead, it’s restricting access to a closed consortium — Amazon, Microsoft, Apple, Google, Cisco, CrowdStrike, Palo Alto Networks, the Linux Foundation, NVIDIA, Broadcom, and JPMorganChase — plus over 40 additional organisations that build or maintain critical software infrastructure. It’s also committing $100M in usage credits and $4M in donations to open-source security projects.

That’s the announcement. Here’s what it actually means.

The Economics of Bug Hunting Just Broke

For the last two decades, vulnerability research has been a labour-intensive craft. Finding bugs in mature codebases required years of expertise, patience, and creativity. Bug bounty programmes were built on this scarcity: pay the rare individuals who could do it.

Claude Mythos Preview changes the cost curve. If an AI model can scan an entire OS for previously unknown flaws in hours rather than months, the economics of who does this work — and what it costs — shifts permanently.

Jeff Williams, founder of OWASP and CTO of Contrast Security, put it plainly: “Once frontier AI can do large-scale bug hunting, the logic of paying humans for routine discovery starts to break down.”

This isn’t just a threat to bug bounty programmes. It’s a challenge to the entire model of security as a find-and-fix afterthought. If discovery becomes cheap, the bottleneck shifts to remediation speed — and most organisations aren’t ready for that.

The Exposure Window Is the Real Problem

Most vulnerability management programmes are built around prioritisation. You get a feed of CVEs, score them by CVSS, rank them by exploitability and business impact, and work through the backlog. It’s slow, imperfect, and organisations learn to live with long remediation queues.

Project Glasswing reframes this entirely. The question is no longer “which vulnerabilities should we fix first?” It’s “how long are we exposed?”

When attackers can use the same AI capabilities to find and exploit flaws at scale, the length of time a vulnerability exists in your environment becomes the primary risk variable. A CVE that sits unpatched for 90 days while it lives in your backlog is a 90-day open window for anyone running Mythos-class tooling.

This is what Williams calls the “exposure-window problem” — and it’s why the traditional prioritisation model struggles here. Prioritisation assumes you can afford to defer. In a world where discovery is automated on both sides, that assumption breaks.

Defensive vs. Offensive: The Access Gap

Anthropic’s decision to restrict Mythos Preview to a closed consortium is deliberate. The logic: if AI-powered vulnerability discovery is going to happen at scale, defenders should get there first.

But it raises an obvious tension. The 40+ organisations in the consortium are among the best-resourced security teams on the planet. What about everyone else?

The gap between organisations inside the consortium and those outside it will widen as Mythos-class models proliferate. State actors, well-funded criminal groups, and nation-state proxies are not waiting for Anthropic’s access list. The threat capability will spread faster than the defensive one — it almost always does.

For MSPs managing security for mid-market clients, this is the practical challenge: your clients won’t have access to Mythos Preview, but the attackers targeting them eventually will. The question is what you do with that lead time.

What Changes for MSPs and vCISOs

Patch velocity becomes a core metric

The era of 90-day remediation SLAs for critical vulnerabilities is over. If AI can identify a flaw and develop an exploit in hours, the time between public disclosure and active exploitation compresses dramatically. MSPs need to push patch velocity as a client KPI, not just a best practice.

Vulnerability management needs a new model

The classic backlog-and-prioritise workflow doesn’t hold when both discovery and exploitation are automated. The better model is continuous scanning, shorter remediation cycles, and treating unpatched exposure time as the primary risk indicator — not CVSS scores in isolation.

Clients need to understand the shift

Most mid-market clients still think of cybersecurity as a periodic activity — an annual pen test, a quarterly review. The Glasswing announcement is a good forcing function to have the conversation about why that model is no longer adequate. AI-powered threat actors don’t operate on quarterly cycles.

Secure-by-design matters more

Project Glasswing is partly about finding bugs in existing software. But Anthropic’s broader point is that AI will eventually change how software is written — shifting security upstream into the development process itself. For MSPs advising clients on technology choices, this means vendor security posture (and how fast vendors patch) matters more than it used to.

The Dual-Use Problem Isn’t Going Away

The same model that finds vulnerabilities for defenders can find them for attackers. Anthropic is betting that by giving defenders access first, they can build a durable lead. That’s a reasonable bet for the organisations in the consortium.

For everyone outside it, the more honest framing is: a new class of highly capable offensive tooling is coming, and the window to prepare is measured in months, not years.

The 27-year-old OpenBSD bug is the clearest illustration. A flaw that survived decades of the best human review and millions of automated tests was found autonomously by an AI model in a matter of weeks. The implication is that no legacy codebase should be considered clean. Every piece of software your clients run contains bugs that haven’t been found yet — not because the bugs aren’t there, but because the tooling to find them didn’t exist until now.

What To Do Now

The practical list for MSPs and vCISOs isn’t complicated, but it requires moving faster than most organisations are used to:

1. Tighten patch SLAs — aim for critical vulnerabilities within 24–48 hours of disclosure, not 30 days
2. Shift to continuous scanning — periodic pen tests won’t keep pace; continuous monitoring tools are the baseline now
3. Review your attack surface — prioritise internet-facing systems, legacy software, and anything that hasn’t been touched in years
4. Pressure vendors on response times — when evaluating tools for clients, vendor patch cadence is a procurement criterion, not a nice-to-have
5. Update client risk conversations — use Glasswing as a concrete example of why the threat model has changed

The Bigger Picture

Anthropic is spending $100M to give defenders a head start. That’s a serious commitment, and the Glasswing consortium includes the organisations best placed to use it.

But the head start is measured in months. The same capabilities that make Mythos Preview valuable for defence will eventually be accessible to the other side — whether through a competing model, a leaked capability, or gradual commoditisation. The organisations that use this window to modernise their vulnerability management approach will be better positioned. Those that wait for the technology to stabilise before changing anything will find themselves catching up under worse conditions.

The security backlog isn’t a manageable queue anymore. It’s an attack surface with a timer on it.

---

GetCybr helps MSPs deliver structured, continuous vCISO services to their clients — including vulnerability management programmes built for the pace that AI-driven threats demand. Book a demo to see how.