An AI model developed by Anthropic has identified more than 10,000 high- or critical-severity vulnerabilities in essential software within its first month of operation. Launched on April 7, 2026, Project Glasswing utilizes the Claude Mythos Preview AI to autonomously scan codebases for security flaws. Notably, the AI discovered a 27-year-old remote crash vulnerability in OpenBSD and a 16-year-old flaw in FFmpeg, both of which had previously evaded detection. The project also uncovered thousands of zero-day vulnerabilities across major operating systems and web browsers. Cloudflare, a partner in the initiative, reported finding approximately 2,000 bugs, with 400 classified as high or critical severity. The false-positive rate was significantly lower than traditional methods. To date, only one vulnerability has been publicly disclosed with a CVE identifier: CVE-2026-4747. The consortium supporting the project includes major tech companies such as AWS, Apple, Microsoft, and Google, with IBM joining on May 19, 2026. Anthropic has committed up to $100 million in compute credits and $4 million in grants to bolster open-source security efforts, aiming to preemptively address vulnerabilities before they can be exploited by AI-powered offensive tools.