Claude Mythos AI Identified 10,000+ Software Vulnerabilities in One Month

Anthropic’s Project Glasswing used a restricted, high-capability AI to scan software and open-source projects, identifying over 23,000 potential bugs and more than 10,000 high- or critical-severity gaps in one month; independent firms validated 1,726 real flaws (about 1,000 high-risk) and Anthropic expects ~6,200 severe bugs once verification completes. A critical certificate-forgery vulnerability (CVE-2026-5194) in wolfSSL was found with a proven mock exploit, major vendors are patching large numbers of issues, and a partner bank’s $1.5M fraudulent transfer was stopped with the AI’s assistance.