AI Superhacking: Mythos Exposes Cyber Risks, Forcing Governments Into Urgent Action

Here is your publish-ready WordPress Gutenberg block HTML article based on verified primary sources:

Anthropic’s Project Glasswing has uncovered over 10,000 high- or critical-severity vulnerabilities in widely used software since its launch last month, marking a turning point in AI-driven cybersecurity and forcing a rapid industry response. The initiative, which grants exclusive early access to Claude Mythos Preview—a frontier AI model capable of autonomously identifying software flaws—has already prompted 97 patches and 88 security advisories across critical infrastructure, according to verified reporting from The Hacker News and Financial Times.

The scale of the discoveries underscores the dual-edged nature of AI advancements. While Mythos Preview has demonstrated an ability to outpace human experts in vulnerability detection, its capabilities also highlight the urgent need for defensive coordination. Anthropic, the AI lab behind the project, has committed up to $100 million in usage credits for Mythos Preview and $4 million in direct donations to open-source security organizations, signaling a shift toward collaborative vulnerability management.

Industry-Wide Scramble to Patch Flaws

Of the 10,000 vulnerabilities identified, 6,202 were classified as high- or critical-severity flaws affecting more than 1,000 open-source projects. Subsequent analysis confirmed 1,726 as valid vulnerabilities, with 1,094 deemed either high- or critical-severity. One notable example is CVE-2026-5194, a critical flaw in WolfSSL with a CVSS score of 9.1 that could allow attackers to forge certificates and impersonate legitimate services.

Microsoft has already noted that the volume of patches required by AI-assisted discovery is accelerating, with the company expecting to release more fixes monthly in the near term. The findings have triggered a broader industry reckoning, as vendors scramble to address vulnerabilities before malicious actors exploit them.

Government and Financial Sector Response

Anthropic is set to brief the global financial watchdog on the cybersecurity risks exposed by Mythos, according to Financial Times reporting. The move reflects growing concerns among regulators and policymakers about the implications of AI-driven cyber threats. A CIA official recently described the situation as a “reflection point” for governments, emphasizing the need for proactive measures to mitigate risks.

Project Glasswing’s partners—including Amazon Web Services, Google, Microsoft, JPMorgan Chase, and NVIDIA—are using Mythos Preview to scan and secure both proprietary and open-source systems. Anthropic has also extended access to over 40 additional organizations that maintain critical software infrastructure, ensuring a broader defensive effort.

Collaboration Over Competition

Unlike traditional cybersecurity models, where vulnerabilities are often hoarded for competitive advantage, Project Glasswing is designed to foster information-sharing. Anthropic has committed to publishing findings publicly, allowing the broader industry to benefit from AI-driven discoveries. This approach aligns with recent trends in cybersecurity, where collaboration is increasingly seen as essential to countering sophisticated threats.

“The relative ease of finding vulnerabilities compared with the difficulty of fixing them amounts to a major challenge for cybersecurity,” Anthropic acknowledged in a statement. “Confronting this challenge successfully will make our software far safer than before.”

New Zealand’s Role in the AI Cybersecurity Frontier

Radio New Zealand (RNZ) has highlighted New Zealand’s involvement in the AI cybersecurity landscape, positioning the country as a key player in testing and refining AI-driven security tools. While RNZ’s reporting does not provide specific details on local participation in Project Glasswing, it underscores the global nature of the initiative and the growing importance of AI in cyber defense strategies.

The project’s success has also sparked discussions about the ethical deployment of AI in cybersecurity. As capabilities like Mythos Preview become more widespread, there is a risk that similar tools could be weaponized by malicious actors. Project Glasswing represents an attempt to harness these advancements for defensive purposes before such risks materialize.

What Comes Next

With 97 vulnerabilities already patched and 88 advisories issued, the immediate focus remains on accelerating remediation efforts. Anthropic’s commitment to sharing findings publicly will likely accelerate the pace of fixes across the industry. However, the long-term challenge will be scaling these efforts to keep pace with AI’s rapid evolution.

For businesses and governments, the Project Glasswing initiative serves as a wake-up call: the era of AI-driven cybersecurity is here, and proactive collaboration may be the only way to stay ahead of emerging threats.