# Project Glasswing Update: The Bottleneck Is Moving From Discovery to Patching > Source: > Published: 2026-05-25 06:55:08+00:00 Last month, I wrote that [Project Glasswing](https://eido-askayo.blogspot.com/2026/04/claude-mythos-preview-most-important-ai.html) mattered less as a model announcement and more as a **deployment signal**. Anthropic had a frontier model with unusually strong cyber capability, and instead of shipping it broadly, it wrapped it in a controlled defensive program. The new [initial update for Project Glasswing](https://www.anthropic.com/research/glasswing-initial-update) makes that decision easier to understand. It does **not** prove vulnerability research is a solved problem. But it does show something important: **AI-assisted vulnerability discovery is scaling faster than the human systems that verify, disclose, patch, and deploy fixes.** Anthropic says its approximately 50 partners have already found **more than 10,000 high- or critical-severity vulnerabilities** across systemically important software. The public examples are notable: Those are big numbers. But there is an important caveat. Anthropic also says disclosed vulnerabilities are a **lagging indicator** because coordinated disclosure intentionally delays technical details until patches are ready or widely deployed. That means the real story is not just the count. It is the change in the operating constraint. Progress on software security used to be limited by how quickly we could find new vulnerabilities. Now it’s limited by how quickly we can verify, disclose, and patch the large numbers of vulnerabilities found by AI. The strongest section in Anthropic's update is not the benchmark language. It is the open-source pipeline. Anthropic says Mythos Preview scanned **more than 1,000 open-source projects** and estimated **23,019** total vulnerabilities, including **6,202** it initially rated as high or critical. So far, **1,752** of those estimated high- or critical-severity findings have been manually assessed by outside security firms or Anthropic. Of that assessed subset, **90.6%** were valid true positives, and **62.4%** were confirmed as high- or critical-severity. That is strong evidence. But it is not the same as saying all 6,202 findings are already confirmed high-severity bugs. Anthropic says the project is still on track to surface **nearly 3,900 high- or critical-severity open-source vulnerabilities** at current post-triage rates, even if it stopped finding new ones today. And this is where the bottleneck shift becomes concrete. Anthropic says several maintainers have asked it to **slow down disclosures** because they need more time to design patches. It also says a high- or critical-severity bug found by Mythos Preview takes **about two weeks on average** to patch. Anthropic estimates it has disclosed **530** high- or critical-severity bugs to maintainers so far. **75** have been patched, and **65** have public advisories. So the tension is not “responsible disclosure is bad.” The tension is that **responsible disclosure, maintainer capacity, and patch deployment were built for a slower discovery regime.** This is the part I think is easiest to miss if you only read the headline numbers. Last month, the Glasswing story was partly about model capability and partly about release governance. This month, it is also clearly a **workflow** story. Anthropic says it is making some of the tools used with Mythos Preview available to qualifying security teams: **skills**, a **harness** that maps a codebase and coordinates scanning subagents, and a **threat model builder** that helps prioritize work. That lines up with what [Cloudflare wrote](https://blog.cloudflare.com/cyber-frontier-models/) after using Mythos Preview on more than 50 internal repositories. Cloudflare's point is blunt: pointing a generic coding agent at a large repository is the wrong shape for serious vulnerability research. What worked better was a harness built around many narrow parallel tasks, independent validation, deduplication, reachability tracing, and structured reporting. That is a useful correction to a lot of current AI-security discussion. The capability is not just “better model.” It is **model + harness + validation + triage workflow**. Anthropic's update is more practical than dramatic. The immediate lesson is not that every organization needs Mythos Preview tomorrow. It is that teams should assume the volume of plausible findings will keep rising, and prepare their processes accordingly. Cloudflare adds an important nuance here: faster patching alone is not enough if your regression, validation, and rollout systems cannot absorb the pace safely. That is another reason the harness story matters. There is still a lot we cannot independently inspect yet. Anthropic is deliberately withholding many technical details until patches are deployed, which is the right thing to do under coordinated disclosure. So outside observers should avoid two mistakes at the same time: The public evidence is already strong enough to support a narrower conclusion: **AI is not removing the need for expert security work. It is increasing the rate at which expert security work needs to happen.** My previous Glasswing post was mostly about **controlled release**. This update is about **operational strain**. Anthropic, Cloudflare, and Mozilla are all pointing at the same shift from different angles: AI-assisted systems can now surface, validate, and prioritize vulnerabilities faster than many teams can absorb them. That does not mean cyber defense is solved. It means the bottleneck is moving, and the teams that adapt their triage, patching, and validation workflows first will have a real advantage.