InfoSecBulletin Cybersecurity for mankind
Anthropic has shown the amazing first results of Project Glasswing. This is a teamwork project for cybersecurity. It aims to protect important systems with smart AI before bad actors can take advantage.
In the first month, the project used the new Claude Mythos model to find over 10,000 serious zero-day flaws in important software systems worldwide.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
Anthropic worked with more than 50 big tech companies like Microsoft, Apple, Google, and Cloudflare to use Claude Mythos Preview on specific codebases. The model has shown an amazing skill to find problems and create working exploits by itself.
Cloudflare found 2,000 bugs, with 400 being high or critical. They noted that the model is better at spotting issues than human security testers.
Claude Mythos Preview Uncovers 10,000+ 0-Days
Independent checks show these skills work well in various settings. The UK’s AI Security Institute found that Mythos Preview is the first model to completely handle its complex cyberattack tests. Meanwhile, Mozilla used the model to find and fix 271 weaknesses in Firefox 150, finding ten times more issues than earlier tests with Claude Opus 4.6.
The large number of discoveries has shown a big problem in the software industry: people can’t quickly find, report, and fix security issues as fast as AI can discover them.
The first scan found 23,019 possible issues. When 1,900 of these were checked by outside security companies, 1,726 (90.8%) were confirmed as real problems.
Anthropic found 1,596 issues and told the maintainers, but only 97 problems were fixed so far. This led to just 88 security warnings being issued. This big drop shows how much work the volunteer open-source maintainers have. They are now overwhelmed with many serious AI issues.
Organizations are encouraged to go beyond just patching. They should improve their network security by using strict default settings, requiring multi-factor authentication, and using advanced behavior analysis to shorten the time to detect problems after a breach.
According to the initial results report, Anthropic is thinking about releasing Mythos-class models in the future.
