Anthropic's Project Glasswing update states that Claude Mythos Preview and approximately 50 partners identified more than ten thousand high- or critical-severity vulnerabilities in foundational software within one month (https://www.anthropic.com/research/glasswing-initial-update). Cloudflare reported 2,000 bugs, including 400 high- or critical-severity, with a false positive rate deemed superior to human testers.

The UK AI Security Institute evaluation showed Mythos Preview as the first model to complete both cyber range simulations end to end; Mozilla documented 271 fixes in Firefox 150, exceeding results from Claude Opus 4.6 by over ten times (https://www.anthropic.com/research/glasswing-initial-update). XBOW and academic benchmarks ExploitBench and ExploitGym listed the model as the top performer on exploit development tasks.

The post identifies the new constraint as verification, disclosure, and patching speed under the standard 90-day coordinated vulnerability disclosure policy, rather than discovery rate, with patched software now deploying faster across partners.