amine.dev

The AI That Found Bugs Humans Missed for 27 Years

Date Published

Abstract blue network lines representing AI security

Something in the Anthropic release this week stopped me mid-scroll. Not a new model, not a pricing update. A number: 27. As in, a 27-year-old vulnerability in OpenBSD, found and confirmed by an AI. Gone. Patched. After nearly three decades of surviving every audit, every pen test, every automated scanner that came along.

That's what Project Glasswing is about. And I think it's one of the more consequential things happening in AI right now, even if it's not getting the headlines it deserves.

The capability that changed everything

Claude Mythos Preview is the model at the centre of Glasswing. Anthropic describes it as operating at a level that rivals expert human security researchers in finding and understanding vulnerabilities. That's not marketing language. The results back it up.

A 16-year-old flaw in FFmpeg. Survived five million automated tests. Found by Claude. Linux kernel vulnerabilities that would give an attacker complete system compromise. Also found by Claude. These aren't edge cases, they're some of the most hardened, widely-audited codebases in the world.

The thing that hits me about this isn't just the AI part. It's what it says about the limits of the tools we've relied on for decades. Fuzzing, static analysis, manual review, all of it combined. Still missed these bugs. The attack surface we thought was clean... wasn't.

Dark abstract wavy pattern

Why the framing matters as much as the tech

Anthropic is transparent about something uncomfortable: these capabilities exist. The question isn't whether AI can find and exploit vulnerabilities at scale. It can. The question is who controls that capability first.

Glasswing is a bet on defenders. $100M in model usage credits. $4M in direct donations to open-source security organisations. A coalition that includes AWS, Apple, Google, and Microsoft. The idea is to give the defence side a head start before adversaries get equivalent tools.

I think that's the right call. It's also a harder sell than it looks. Coordinating this many organisations around anything is hard. Getting them to agree on vulnerability disclosure timelines, patch sequencing, and information sharing is genuinely difficult. The fact that Glasswing exists as a functioning initiative, not just an announcement, is worth noting.

Glowing light decorations in dark space

What this means if you're running infrastructure

I spend a lot of time with teams managing enterprise networks. MSPs, financial services, critical infrastructure. For those teams, Glasswing is both reassuring and clarifying about something uncomfortable.

Reassuring: the bugs being found are getting patched. If the FFmpeg flaw that survived 16 years and five million automated tests is now gone, that's a real win for everyone running software that touches FFmpeg. The defence is working.

The uncomfortable part: the same capability that found these bugs is available, in some form, to people who don't have Anthropic's intentions. The window between 'AI can do this at expert level' and 'adversaries have a model that can do this' is not large. Glasswing is a coordinated effort to make sure defenders patch faster than attackers can exploit.

Most organisations I work with aren't thinking about this yet. Not in a meaningful way. They're thinking about AI for productivity, maybe for some automation. The idea that the threat model for their infrastructure has fundamentally changed because of AI capabilities, that conversation hasn't started.

Outer space abstract representing scale and depth

Where I land on this

Glasswing is the kind of initiative that only makes sense if you believe the capability is coming regardless. Anthropic clearly does. So do I. The choice isn't 'should AI be able to find critical vulnerabilities.' It's 'do you want that capability in defenders' hands or attackers' hands first.'

The 27-year number will stay with me. Not because it's a failure, those bugs existed long before AI. But because it's a marker. Before Glasswing, that vulnerability might have survived another decade. After Glasswing, that decade is gone. The speed of this is going to force a lot of security conversations that have been deferred.

If you're thinking through what this means for your team's security posture, or how to start the conversation internally, get in touch.