NextFin News - A coalition of the world’s largest technology rivals, including Apple, Microsoft, Google, and Nvidia, has formed an unprecedented "cybersecurity Manhattan Project" to defend global infrastructure against a new generation of autonomous AI threats. The initiative, dubbed Project Glasswing, was triggered by the discovery of a frontier AI model so potent that it can identify and exploit critical software vulnerabilities that have remained hidden from human experts for decades.
At the heart of the project is Claude Mythos Preview, an unreleased model developed by Anthropic. According to data released by the company on Tuesday, Mythos Preview has already identified thousands of high-severity "zero-day" vulnerabilities across every major operating system and web browser. The model’s capabilities represent a "stark fact," according to Anthropic: AI has reached a threshold where it can surpass all but the most elite human hackers in finding and weaponizing software flaws. In one instance, the AI autonomously discovered a 27-year-old vulnerability in OpenBSD, a system renowned for its extreme security hardening, which allowed for remote system crashes.
The scale of the coalition—which also includes Amazon Web Services, Broadcom, Cisco, CrowdStrike, JPMorganChase, and the Linux Foundation—underscores the perceived existential risk to the digital economy. Anthropic is committing $100 million in usage credits for Mythos Preview to allow these partners to scan and secure their own codebases before the technology inevitably proliferates to adversarial actors. "The window between a vulnerability being discovered and being exploited by an adversary has collapsed," stated Elia Zaitsev, CTO of CrowdStrike. "What once took months now happens in minutes with AI."
The decision to withhold Mythos Preview from the general public marks a significant shift in the AI arms race. Anthropic CEO Dario Amodei noted that while the model was not specifically trained for cybersecurity, its advanced reasoning and coding skills—scoring 93.9% on the SWE-bench Verified benchmark compared to 80.8% for the previous top-tier model, Claude Opus 4.6—made it a "weapons-grade" tool by default. Internal testing revealed that even engineers without security training could use the model to develop fully functional exploits for remote code execution in a matter of hours.
However, the initiative is not without its skeptics. Some industry observers have raised concerns that Project Glasswing could evolve into a "security cartel," potentially locking out smaller startups from the high-level defensive tools necessary to compete in an AI-driven landscape. There is also the inherent risk of "model leakage"; once a tool with these capabilities exists and is shared among 40-plus organizations, the probability of it falling into the hands of state-sponsored hackers or cybercriminal syndicates increases significantly.
From a market perspective, the project signals a fundamental change in how enterprise software will be maintained. Anthony Grieco, Senior Vice President at Cisco, argued that "the old ways of hardening systems are no longer sufficient." The financial implications are vast, as the global cost of cybercrime is already estimated at $500 billion annually. If Project Glasswing succeeds, it could establish a new standard for "AI-native" security; if it fails to stay ahead of adversarial models, the infrastructure underpinning global banking, energy, and telecommunications remains profoundly vulnerable.
The technical data suggests the gap between defenders and attackers is narrowing. In the CyberGym vulnerability reproduction benchmark, Mythos Preview achieved an 83.1% success rate, a massive leap from the 66.6% recorded by Opus 4.6. This rapid advancement suggests that the "cat-and-mouse" game of cybersecurity is moving from human-led research to machine-speed execution. For the tech giants involved, the $4 million in direct donations to open-source security organizations like the Apache Software Foundation is a drop in the bucket compared to the potential cost of a systemic failure in the Linux kernel or major cloud infrastructures.
Explore more exclusive insights at nextfin.ai.
