Anthropic announced the Glasswing project, which will provide access to a preliminary version of its Claude Mythos AI model for the purpose of identifying vulnerabilities and improving the security of critical software. Project participants include the Linux Foundation, Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, and Palo Alto Networks. Approximately 40 additional organizations have also received invitations to participate.
Released in February, the Claude Opus 4.6 AI model achieved new levels of performance in areas such as vulnerability detection, bug detection and fixes, change review, and code generation. Experiments with this AI model allowed the identification of over 500 vulnerabilities in open-source projects and the generation of a C compiler capable of building the Linux kernel. However, Claude Opus 4.6 performed poorly in creating working exploits.
According to Anthropic, the next-generation "Claude Mythos" model significantly outperforms Claude Opus 4.6 in producing ready-to-use exploits. Of several hundred attempts to create exploits for vulnerabilities identified in Firefox's JavaScript engine, only two were successful with Claude Opus 4.6. When repeating the experiment using a preliminary version of the Mythos model, working exploits were created 181 times—the success rate increased from near zero to 72.4%.
Furthermore, Claude Mythos significantly expands its vulnerability and bug detection capabilities. This, combined with its suitability for exploit development, creates new risks for the industry: exploits for unpatched zero-day vulnerabilities can be created by non-professionals in a matter of hours. It is noted that the Mythos vulnerability detection and exploitation capabilities have reached professional levels, falling short only of the most experienced professionals.
Since opening up unrestricted access to an AI model with such capabilities requires industry preparation, it was decided to initially open a preliminary version to a select group of experts to conduct vulnerability identification and patching work in critical software products and open-source software. To fund the initiative, a $100 million token subsidy has been allocated, and $4 million will be donated to organizations supporting the security of open-source projects.
In the CyberGym benchmark, which evaluates models' vulnerability detection capabilities, the Mythos model achieved a score of 83.1%, while Opus 4.6 achieved a score of 66.6%. In code quality tests, the models demonstrated the following performance:
During the experiment, Anthropic, using the Mythos AI model, was able to identify several thousand previously unknown (0-day) vulnerabilities in just a few weeks, many of which were rated critical. Among them, they discovered a vulnerability in the OpenBSD TCP stack that had remained undetected for 27 years, allowing remote system crashes. They also discovered a 16-year-old vulnerability in the FFmpeg project's implementation of the H.264 codec, as well as vulnerabilities in the H.265 and av1 codecs, exploited when processing specially crafted content.
Several vulnerabilities were discovered in the Linux kernel that could allow an unprivileged user to gain root privileges. Chaining these vulnerabilities together allowed exploits to be created that could gain root privileges by opening special pages in a web browser. An exploit was also created that allowed code execution with root privileges by sending specially crafted network packets to a FreeBSD NFS server.
A vulnerability has been identified in a virtualization system written in a language that provides secure memory management tools. This vulnerability potentially allows for host-side code execution through manipulation of the guest system (the vulnerability is not named because it has not yet been fixed, but it appears to be present in an unsafe block in the Rust code). Vulnerabilities have been found in all popular web browsers and cryptographic libraries. SQL injection vulnerabilities have been identified in various web applications.
Source: opennet.ru
