Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most "systemically" important software across the world since the cybersecurity initiative went live last month. Project Glasswing is a defensive effort launched by the artificial intelligence (AI) company to secure critical global software infrastructure. It grants a small set of about 50 partners exclusive, early access to Claude Mythos Preview, a frontier model with capabilities to autonomously identify vulnerabilities in widely-used software before bad actors can exploit them. Of these vulnerabilities, 6,202 have been classified as high- or critical-severity flaws impacting more than 1,000 open-source projects. Subsequent analysis of these vulnerability candidates has identified that 1,726 are valid true positives. As many as 1,094 flaws are assessed to be either high- or critical-severity. One of the identified weaknesses is a critical flaw in WolfSSL (CVE-2026-5194, CVSS score: 9.1) that could allow an attacker to forge certificates and masquerade as a legitimate service. In all, these efforts have led to 97 findings being patched upstream and 88 advisories being issued. "The relative ease of finding vulnerabilities compared with the difficulty of fixing them amounts to a major challenge for cybersecurity," Anthropic acknowledged. "Confronting this challenge successfully will make our software far safer than before." The development comes as software vendors are shipping more fixes than ever before, driven by a surge in AI-assisted vulnerability discovery, with Microsoft noting that the number of new patches it expects to release on a monthly basis to "continue trending larger for some time." Autonomous offensive security platform XBOW has described Mythos Preview as "a major advance" that's "substantially better than prior models at finding vulnerability candidates" and "adept at analyzing source code wi