Project Glasswing: An Initial Update
Project Glasswing: An Initial Update
Project Glasswing:初步更新
May 22, 2026 2026年5月22日
Last month, we launched Project Glasswing, our collaborative effort to secure the world’s most critical software before increasingly capable AI models can be turned against it. 上个月,我们启动了“Project Glasswing”项目,这是一项旨在保护全球最关键软件的合作计划,旨在防止日益强大的 AI 模型被用于攻击这些软件。
Since then, we and our approximately 50 partners have used Claude Mythos Preview to find more than ten thousand high- or critical-severity vulnerabilities across the most systemically important software in the world. Progress on software security used to be limited by how quickly we could find new vulnerabilities. Now it’s limited by how quickly we can verify, disclose, and patch the large numbers of vulnerabilities found by AI. 自那时起,我们与约 50 家合作伙伴利用 Claude Mythos Preview,在全球最重要的系统软件中发现了超过一万个高危或严重漏洞。过去,软件安全进展受限于发现新漏洞的速度;而现在,它受限于我们验证、披露并修复 AI 所发现的大量漏洞的速度。
In this post, we discuss what we’ve learned about this critical challenge for cybersecurity in the first weeks of Project Glasswing. We focus on the early public evidence of Mythos Preview’s performance, on the initial results of our effort to scan thousands of open-source software projects, and on what this progress means for cyberdefenders today. We also cover what to expect next from Project Glasswing, and how we’re thinking about releasing Mythos-class models in the future. 在这篇文章中,我们将讨论在 Project Glasswing 启动的最初几周里,我们对这一网络安全关键挑战的认识。我们将重点关注 Mythos Preview 性能的早期公开证据、扫描数千个开源软件项目的初步结果,以及这些进展对当今网络防御者意味着什么。我们还将介绍 Project Glasswing 的后续计划,以及我们对未来发布 Mythos 级别模型的构想。
Our early results
我们的早期成果
Our approach to discussing Mythos Preview’s findings
我们讨论 Mythos Preview 发现的方法
The software industry’s longstanding convention is to disclose new vulnerabilities 90 days after they’re discovered (or, if a patch is created before the 90 days is up, around 45 days after the patch becomes available). This allows time for end users to update their software before a vulnerability can be exploited by attackers. Our own Coordinated Vulnerability Disclosure policy takes this approach. 软件行业长期以来的惯例是在发现新漏洞 90 天后进行披露(或者,如果补丁在 90 天内完成,则在补丁发布后约 45 天披露)。这为终端用户留出了更新软件的时间,以防止漏洞被攻击者利用。我们自己的“协同漏洞披露”政策也采取了这种方法。
However, this means that disclosed vulnerabilities are a lagging indicator of the accelerating frontier of AI models’ cyber capabilities: we’re not yet at the point where we can fully detail our partners’ findings with Mythos Preview without putting end users at risk. Instead, we provide illustrative examples of the model’s performance, along with aggregate statistics on our progress to date. Once patches for the vulnerabilities that Mythos Preview has discovered are widely deployed, we’ll provide much more detail about what we’ve learned. 然而,这意味着已披露的漏洞是 AI 模型网络能力加速发展的一个滞后指标:我们目前还无法在不危及终端用户的情况下,详细说明合作伙伴使用 Mythos Preview 的发现。因此,我们提供模型性能的示例,以及我们迄今为止进展的汇总统计数据。一旦 Mythos Preview 发现的漏洞补丁得到广泛部署,我们将提供更多关于我们所学到的细节。
Evidence from our partners and external testers
来自合作伙伴和外部测试人员的证据
Project Glasswing’s initial partners build and maintain software that is fundamental to the functioning of the internet and other essential infrastructure. Fixing flaws in their code reduces risk for the many other organizations that rely on it, and therefore reduces risk for billions of end users. Project Glasswing 的首批合作伙伴负责构建和维护互联网及其他关键基础设施运行的基础软件。修复其代码中的缺陷可以降低许多依赖这些软件的组织所面临的风险,从而降低数十亿终端用户的风险。
After one month, most partners have each found hundreds of critical- or high-severity vulnerabilities in their software. Collectively, they’ve found more than ten thousand. Several have told us that their rate of bug-finding has increased by more than a factor of ten. For instance, Cloudflare has found 2,000 bugs (400 of which are high- or critical-severity) across their critical-path systems, with a false positive rate that Cloudflare’s team considers better than human testers. 一个月后,大多数合作伙伴各自在软件中发现了数百个严重或高危漏洞。总计发现超过一万个。几家合作伙伴告诉我们,他们的漏洞发现率提高了十倍以上。例如,Cloudflare 在其关键路径系统中发现了 2,000 个漏洞(其中 400 个为高危或严重级别),其误报率被 Cloudflare 团队认为优于人类测试人员。
This tallies with external testers’ experience of Mythos Preview’s performance, and with recent additional evaluations of the model: 这与外部测试人员对 Mythos Preview 性能的体验,以及最近对该模型的额外评估结果相吻合:
- The UK’s AI Security Institute reports that Mythos Preview is the first model to solve both of their cyber ranges (simulations of multistep cyberattacks) end to end; 英国人工智能安全研究所报告称,Mythos Preview 是第一个能够端到端解决其两个网络靶场(多步网络攻击模拟)的模型;
- Mozilla found and fixed 271 vulnerabilities in Firefox 150 while testing Mythos Preview—over ten times more than they found in Firefox 148 with Claude Opus 4.6; Mozilla 在测试 Mythos Preview 时,在 Firefox 150 中发现并修复了 271 个漏洞,这比他们使用 Claude Opus 4.6 在 Firefox 148 中发现的数量多出十倍以上;
- XBOW, an independent security platform, reports that Mythos Preview is a “significant step up over all existing models” on its web exploit benchmark, and provides “absolutely unprecedented precision” on a token-for-token basis; 独立安全平台 XBOW 报告称,Mythos Preview 在其 Web 漏洞利用基准测试中是“对现有所有模型的重大超越”,并提供了“绝对前所未有的逐 Token 精度”;
- ExploitBench and ExploitGym, two recently released academic benchmarks for measuring models’ exploit development capabilities, show Mythos Preview as the strongest performer. We discuss what these benchmarks tell us about the model in more detail on our Frontier Red Team blog. ExploitBench 和 ExploitGym(两个最近发布的用于衡量模型漏洞利用开发能力的学术基准)显示 Mythos Preview 是表现最强的模型。我们将在我们的“前沿红队”博客中更详细地讨论这些基准测试对该模型的意义。
More generally, we’re now seeing that patched software is being rolled out much more quickly. The latest Palo Alto Networks release included over five times as many patches as usual. Microsoft has reported that the number of new patches they’ll release will “continue trending larger for some time.” And Oracle is finding and fixing vulnerabilities across its products and cloud multiple times faster than before. 更广泛地说,我们现在看到补丁软件的发布速度快得多。Palo Alto Networks 的最新版本包含的补丁数量是平时的五倍多。微软报告称,他们发布的新补丁数量将“在一段时间内持续增加”。Oracle 发现并修复其产品和云端漏洞的速度也比以前快了数倍。
Mythos Preview has also proved useful for other kinds of security work. For example, at one of our Glasswing partner banks, Mythos Preview helped to detect and prevent a fraudulent $1.5 million wire transfer after a threat actor compromised a customer’s email account and made spoof phone calls. Mythos Preview 也被证明在其他类型的安全工作中非常有用。例如,在我们的一家 Glasswing 银行合作伙伴处,在攻击者入侵客户电子邮件账户并拨打欺诈电话后,Mythos Preview 帮助检测并阻止了一笔 150 万美元的欺诈性电汇。
Open-source software
开源软件
For the last few months, Anthropic has used Mythos Preview to scan more than 1,000 open-source projects, which collectively underpin much of the internet—and much of our own infrastructure. 在过去的几个月里,Anthropic 使用 Mythos Preview 扫描了 1,000 多个开源项目,这些项目共同支撑着互联网的大部分,以及我们自身基础设施的大部分。
So far, Mythos Preview has found what it estimates are 6,202 high- or critical-severity vulnerabilities in these projects (out of 23,019 in total, including those it estimates as medium- or low-severity). 到目前为止,Mythos Preview 在这些项目中估计发现了 6,202 个高危或严重漏洞(总计 23,019 个,包括它估计为中度或低度严重性的漏洞)。
1,752 of those high- or critical-rated vulnerabilities have now been carefully assessed by one of six independent security research firms, or in a small number of cases by ourselves. Of these, 90.6% (1,587) have proved to be valid true positives, and 62.4% (1,094) were confirmed as either high- or critical-severity. That means that even if Mythos Preview finds no further vulnerabilities, at our current post-triage true-positive rates, it’s on track to have surfaced nearly 3,900 high- or critical-severity vulnerabilities in open-source code—in addition to those it has found for Project Glasswing’s partners. To be clear, we intend to continue scanning open-source code for some time, so we expect this number to rise. 其中 1,752 个高危或严重漏洞已由六家独立安全研究公司之一进行了仔细评估,少数情况由我们自己评估。其中,90.6% (1,587) 被证明是有效的真阳性,62.4% (1,094) 被确认为高危或严重级别。这意味着,即使 Mythos Preview 不再发现更多漏洞,按照我们目前的分类后真阳性率,它有望在开源代码中发现近 3,900 个高危或严重漏洞——这还不包括它为 Project Glasswing 合作伙伴发现的漏洞。需要明确的是,我们打算在一段时间内继续扫描开源代码,因此我们预计这个数字还会上升。
One example of an open-source vulnerability that Mythos Preview detected was in wolfSSL, an open-source cryptography library that’s known for its security and is used by billions of devices worldwide. Mythos Preview 检测到的一个开源漏洞示例是在 wolfSSL 中,这是一个以安全性著称并被全球数十亿设备使用的开源加密库。