With Project Glasswing, CSA warns IT pros to prepare for ‘flood of vulnerabilities’

The Project Glasswing invite is an exclusive one: More than 40 organizations were invited by AI giant Anthropic to test the upcoming Claude Mythos Preview, reportedly an extremely powerful LLM, against cybersecurity infrastructure and tactics.

But don’t worry—there’s still gonna be a big-time patch party to attend once all is said and done.

A strategy guide, updated on April 16 from the nonprofit Cloud Security Alliance, revealed that today’s CISOs will need to prepare for an uptick in updates as increasingly powerful LLMs uncover new and unexpected vulnerabilities in new and legacy code.

“In the near term, security organizations will likely be overwhelmed by the need to apply patches and respond to AI-discovered vulnerabilities, exploits, and autonomous attacks,” the briefing’s authors wrote.

Just winging it. In the April 7 announcement of Project Glasswing, Anthropic said its Mythos Preview model had already autonomously found “thousands of high-severity vulnerabilities, including some in every major operating system and web browser.” While Glasswing gives the major tech companies in its closed test—like Amazon Web Services, Apple, CrowdStrike, and Google—a head start on orchestrating defenses, every security pro will likely have more bugs to bandage as time goes on.

“We are going to have a flood of vulnerabilities and patches that we need to apply. I don’t care who you are, I’m going to be expecting them for my iPhone. I’m going to expect them for every piece of technology in my home that I use,” Rich Mogull, chief analyst at nonprofit Cloud Security Alliance (CSA) said, emphasizing that tech pros will also need to review assets like open-source libraries, firewalls, and operating systems as new patches arrive.

The CSA report emphasized that Anthropic’s capabilities are a “step change” in AI-driven vulnerability discovery and exploitation, citing Mythos Preview’s ability to find chained vulnerabilities featuring multiple bugs. Mogull, in an April 8 blog post, noted the model’s discovery of a 27-year-old bug in OpenBSD, an operating system specifically known for its secure design.

“This isn’t a marginal improvement. It’s in a different league,” he wrote.

While some see advanced capabilities, others have raised trust and security concerns with Mythos Preview’s closed-to-the-public model—Anthropic’s own system card revealed an early occurrence of “cover-up behavior,” as highlighted by a Transformer report, where the model injected code to grant itself unauthorized access permissions and designed the exploit to disable itself after running. Additionally, some skeptics have called the characterization of a model too dangerous to release to the public a marketing strategy.

Preparing for the flood. If Anthrophic’s autonomous capabilities develop as promised, however, the bug boom could create a structural “asymmetry,” according to the CSA memo: “Attackers gain disproportionate benefit, and current patch cycles, response processes, and risk metrics were not built for this environment.”

CISOs already had their hands full of patches before LLMs started adding to the mix:

• Verizon’s 2025 Data Breach Investigations Report found that 1 in 5 non-error, non-misuse incidents began with exploitation of software vulnerabilities.
• Almost 4 in 10 exploited vulnerabilities in 2025 were from prior-year or older vulnerabilities, according to a March blog post from Cisco.

AI-powered vulnerability discovery presents a new frontier for CISOs and security teams, according to Andrew Tannenbaum, partner and global co-head of cybersecurity at global law firm A&O Shearman.

“There’s going to be a lot of noise, and the security teams are going to be in the position of having to figure out what is important, how to prioritize and how to stay ahead of this flood of information, without completely exhausting their people and their resources,” Tannenbaum said.

CSA provided a list of recommendations to cut through the noise, including:

• Create an inventory of assets and open-source dependencies, starting with critical internet-facing systems
• Use agents to test internal codebases
• Double down on environment-hardening tactics like network segmentation and least privilege
• Update risk models, and communicating with stakeholders about potential effects on the business, reporting, and projections

(Richard Mogull offered advice on actions today’s CISOs should take to prepare.)

The flood of vulnerabilities may even change how teams are structured. CSA recommends forming a vulnerability operations (VulnOps) function. Tannenbaum sees companies potentially needing more triage, resources—and automation.

“People can’t be expected manually to keep up with automated, powerful tools that have these capabilities.”