Artificial Intelligence is no longer limited to chatbots and content generation. The technology has now entered a new phase in cybersecurity, creating serious concern across the global software industry and among developers worldwide. Anthropic has revealed that its advanced AI model, “Claude Mythos Preview,” has identified more than 10,000 high- and critical-severity vulnerabilities in widely used software systems across the world.
Project Glasswing’s large-scale findings
The discoveries were made under “Project Glasswing,” a specialized cybersecurity initiative launched last month. The program aims to identify dangerous software weaknesses before threat actors can exploit them in real-world attacks. According to the company, nearly 50 selected cybersecurity partners were granted early access to the AI model so they could conduct large-scale software audits and threat analysis.
Anthropic stated that 6,202 of the identified weaknesses have been classified as high or critical severity, affecting more than 1,000 open-source projects. Initial verification reportedly confirmed 1,726 vulnerabilities as valid findings, while 1,094 were assessed as extremely severe. Many of these flaws could potentially allow hackers to infiltrate systems, steal data, or impersonate legitimate digital services.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
High-impact CVEs and patching pressure
One of the most serious findings involved a vulnerability in WolfSSL, tracked as CVE-2026-5194. The flaw received a CVSS severity score of 9.1. According to the report, attackers could exploit the weakness to forge digital certificates and masquerade as trusted online services. Security patches were later issued to address the issue.
The company said that 97 vulnerabilities have already been patched upstream, while 88 official security advisories have been released so far. However, the rapid pace of AI-assisted vulnerability discovery has also created a new challenge for the technology sector. Experts believe vulnerabilities are now being discovered faster than organizations can realistically patch them.
AI as both shield and weapon
Cybersecurity researchers say AI has become a powerful tool for both defensive and offensive operations. A Researcher at Algoritha Security noted that “frontier AI models are no longer limited to simple code analysis. They are increasingly capable of building complex attack chains, generating exploit strategies, and linking multiple weaknesses together to design advanced cyberattacks.”
The report also claimed that one banking partner used the AI system to stop a fraudulent wire transfer attempt worth nearly ₹12.5 crore ($1.5 million). Threat actors had allegedly compromised a customer’s email account and used spoofed phone calls to deceive the bank, but the AI-driven analysis reportedly detected suspicious behavior before the transfer was completed.
Meanwhile, major technology firms are accelerating their security update cycles in response to the growing AI-driven threat landscape. Oracle recently shifted to a monthly patching system, while Microsoft has warned that the number of security fixes released each month is expected to continue rising.
Anthropic has also launched a “Cyber Verification Program,” allowing verified cybersecurity professionals to use its AI models with fewer restrictions for legitimate activities such as vulnerability research, penetration testing, and red teaming. The initiative is being compared to OpenAI’s “Daybreak” program, which provides access to GPT-5.5-Cyber for advanced cyber defense workflows.
Renowned cybercrime expert and former IPS officer Prof. Triveni Singh said AI-powered cyber tools could fundamentally change the nature of cybercrime in the coming years. According to him, “If organizations fail to rapidly improve patch management, multi-factor authentication, and network hardening, AI-driven attacks may soon outpace traditional security defenses.”
