Claude Mythos Found 10,000 Zero-Days. Now Patching Is the Problem.

10,000 critical security vulnerabilities. Discovered in 30 days. Not by a hundred-person red team - by a single AI model running autonomously.

What Project Glasswing Actually Is

In May 2026, Anthropic launched Project Glasswing - a $100M security initiative partnering with over 50 of the world’s most critical technology organizations.

The partner list is not casual: AWS, Apple, Cisco, Google, JPMorgan Chase, Microsoft, NVIDIA, Cloudflare, Mozilla, Samsung, Palo Alto Networks - and NATO.

The tool deployed: Claude Mythos Preview - Anthropic’s most advanced model, withheld from public release specifically because of its offensive capability risks.

Results after one month: 23,019 vulnerabilities flagged across 1,000+ open-source projects. 6,202 at high or critical severity. Cloudflare alone received 2,000 bug reports, with 400 rated high/critical. Mozilla found 271 vulnerabilities in Firefox 150 (Anthropic Research, 2026).

Independent validation rate: 90.6%. This is not signal noise. This is precision hunting at a scale no human team can match.

The Bottleneck Has Moved

Here’s what matters most - and is getting the least coverage.

In traditional security, finding vulnerabilities was the hard part. It required specialized talent, expensive tooling, and months of work. Only the largest organizations could do it at meaningful scale.

Project Glasswing eliminated that bottleneck in weeks.

The new bottleneck is patching. Each high/critical vulnerability takes an average of two weeks to fix (Anthropic Research, 2026). When AI surfaces 10,000+ bugs in a month, human teams cannot keep up. Open-source maintainers are already overwhelmed by the volume of AI-generated reports arriving in their queues.

One partner’s reaction: “Rate of bug-finding has increased by more than a factor of ten.” But the patch rate has not moved. The result is a massive backlog of known, unfixed, undisclosed vulnerabilities sitting between discovery and remediation.

That gap is where the real risk now lives.

OpenAI Entered the Race - Doubling the Pressure

Anthropic is not alone.

OpenAI released GPT-5.5-Cyber - a competing model aimed at the same objective: autonomous vulnerability discovery at enterprise scale (TechCrunch, 2026). Two frontier AI labs racing to cover more of the global software stack means the pace of AI-driven security scanning will only accelerate.

By June 2026, Anthropic expanded Glasswing to 150 new organizations across 15+ countries: Australia, Canada, France, Germany, Italy, Japan, South Korea, India, and multiple EU nations.

The geographic pattern is telling. Critical infrastructure in allied nations is being prioritized. Southeast Asia - with the notable exception of South Korea and India - is largely absent.

Vietnam’s Outsourcing Industry Has a Hidden Exposure

Here is the angle almost no one has written about.

Vietnam’s software export industry generates over $8 billion annually. Firms like FPT Software, KMS Technology, and Saigon Technology write production code daily for the exact organizations inside Project Glasswing - Cisco, Microsoft, NVIDIA, Cloudflare, Amazon.

But while their clients are being scanned for vulnerabilities at 90%+ precision, the Vietnamese vendors writing that code do not have access to equivalent defensive tooling.

This creates an asymmetric security gap. If a Vietnam-based vendor ships code with a critical flaw that gets merged into Microsoft or Cloudflare’s codebase, it surfaces in the next Glasswing scan. That is not a conversation any account manager wants to have.

As Anthropic and OpenAI expand scanning to include the supply chains of their primary partners - meaning vendors and contractors - security standards will be enforced contractually, not by recommendation.

The companies that treat this as a procurement question now, rather than a security team problem later, will be better positioned when those contract clauses arrive.