· By the ToolNav Team · 2 min read Anthropic Claude Cybersecurity AI Safety

Anthropic Launches Project Glasswing -- Claude Mythos Preview Found a 27-Year-Old OpenBSD Zero-Day

TL;DR

Anthropic unveiled Project Glasswing, a defensive cybersecurity coalition built around the unreleased Claude Mythos Preview model -- which has already found thousands of zero-day vulnerabilities, including a 27-year-old SACK bug in OpenBSD.

Anthropic announced Project Glasswing, a defensive cybersecurity coalition built around Claude Mythos Preview, an unreleased frontier model the company says has already found thousands of zero-day vulnerabilities -- including a 27-year-old SACK bug in OpenBSD and a 17-year-old root-level RCE in FreeBSD. Founding partners include AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, Palo Alto Networks, and the Linux Foundation, with extended access for over 40 additional critical-software organizations. Anthropic is committing $100M in Mythos usage credits across participants and donating $4M to the Linux Foundation's Alpha-Omega and OpenSSF projects and the Apache Software Foundation. For independent developers and small teams the takeaway is uncomfortable: a model that can autonomously chain browser exploits is being handed to defenders first, but the same capability ships eventually to attackers. Audit your dependencies now -- especially anything pinned to older C/C++ libraries -- and assume the asymmetric advantage Mythos gives defenders is temporary. Whether Anthropic's controlled rollout actually preserves that advantage is the real test of Glasswing as a model for shipping dangerous capabilities.

More on this topic — Claude vs ChatGPT comparison

Independent Review

Claude AI

Pricing, pros and cons, real-world verdict — no affiliate spin.

Read the Claude AI review

The AI Hustle Playbook Newsletter

Get one practical AI playbook each week.

Tools, workflows, and side-income ideas — curated for people who want to build, not browse forever.

No spam. Unsubscribe anytime. We respect your privacy.