Project Glasswing: How Anthropic's Mythos AI Chains Vulnerabilities into Working Exploits
Original: Project Glasswing: what Mythos showed us View original →
What Is Project Glasswing?
Project Glasswing is Anthropic's controlled research program providing select organizations access to Mythos Preview — a security-specialized LLM distinct from general-purpose frontier models. Cloudflare participated and tested the model against their own infrastructure, publishing the full results on their blog.
What Mythos Can Do
Exploit chain construction: Mythos can take multiple low-severity vulnerability primitives and chain them into a single, more severe working exploit. This is senior security researcher reasoning, not automated scanning.
Proof generation: Rather than generating speculative findings, Mythos writes, compiles, and executes code to verify vulnerabilities. When initial hypotheses fail, it iterates independently.
Cloudflare's 8-Stage Architecture
- Recon: Architecture mapping and initial task queue
- Hunt: ~50 concurrent agents targeting specific attack classes
- Validate: Independent adversarial review to filter false positives
- Gapfill: Re-queues under-explored areas
- Dedupe: Collapses duplicate findings
- Trace: Cross-repo exploitability analysis
- Feedback: Loops validated findings back into hunting
- Report: Structured output
Limitations and Dual-Use Warning
Despite lacking standard guardrails, Mythos exhibited unpredictable refusals on legitimate security tasks — identical requests produced different outcomes across runs. Cloudflare is explicit: these capabilities will eventually reach attackers. Their recommendation shifts emphasis from fast patching to defensive architecture — separating security boundaries, implementing blocking infrastructure, and coordinating simultaneous global deployments.
Related Articles
Security alerts are moving from volume to trust. GitHub says LLM-based contextual verification reduced secret-scanning false positives by 75.76%, beating its 65% target.
Anthropic said Claude Opus 4.6 found 22 Firefox vulnerabilities during a two-week collaboration with Mozilla. Mozilla classified 14 as high severity and shipped fixes in Firefox 148.0.
The Future of Life Institute’s Summer 2026 AI Safety Index grades nine frontier AI companies across 37 indicators, and no firm rises above C+. The sharper point is not who leads, but how weak the ceiling remains as model capabilities and defense use expand.