Anthropic published its first Project Glasswing update one month after launch, and the numbers reframe how fast AI-assisted security is moving. Claude Security in public beta has been used to patch more than 2,100 enterprise vulnerabilities. Scans across 1,000+ open-source projects surfaced 6,202 severe vulnerabilities at a 90.6% independently-validated true-positive rate. And the previously-indefinite restriction on Mythos-class models has softened into a roadmap: general release once the safeguards catch up.
The Numbers That Matter
Claude Security, launched in February as a research preview, is now in public beta for Claude Enterprise customers (with Team and Max access flagged as next). The product scans codebases for vulnerabilities and proposes targeted patches for human review. The three-week tally Anthropic reported: 2,100+ patches accepted into production codebases, with enterprises moving faster on their own code than the open-source ecosystem can move on shared infrastructure.
The open-source side is the harder problem. Across more than 1,000 projects underpinning critical global infrastructure, Claude Opus 4.7 surfaced 6,202 severe-or-critical vulnerabilities. After independent validation, 90.6% were true positives—a precision number that's high enough to act on but also high enough to overwhelm volunteer maintainers, who Anthropic reports are taking roughly two weeks per critical fix.
Mythos Moves Toward Daylight
The bigger structural news is buried in the update's closing section. When Anthropic first described Mythos-class models, the framing was that they were too capable to release—offensive cyber capabilities significant enough that a public launch could cause real-world harm before safeguards existed. The May 22 update changes that framing. "Mythos-class models could reach the public once the right safeguards are in place", and "in the near future, once we've developed the far stronger safeguards we need, we look forward to making Mythos-class models available through a general release."
Parallel reporting points to a commercial designation already taking shape: claude-mythos-1-preview, with access scoped to Claude Code and a revamped Claude Security dashboard. That places Mythos 1's debut as a gated capability inside two products developers already use, before any broader API surface opens.
Why Anthropic Is Pushing Forward Now
The reasoning is uncomfortable but consistent. Anthropic's argument: models as capable as Mythos Preview will soon be trained by multiple labs whether anyone likes it or not. If a similarly capable model is released without safeguards, exploiting flawed software becomes dramatically cheaper for anyone in the world. Project Glasswing exists to establish an asymmetric defensive advantage—use the capability to patch critical infrastructure first, on a faster timeline than attackers can build comparable capability elsewhere.
To accelerate that, Anthropic shipped supporting infrastructure alongside the update: a Cyber Verification Program for partners, open-sourced custom instructions and threat-modeling frameworks, and continued compute expansion through the SpaceX Colossus partnership announced earlier this month. Next steps include expanding Glasswing to US and allied governments.
What's Live Today
For developers and security teams, three things are actually shippable right now. Claude Security is in public beta for Enterprise. Anthropic's threat-modeling frameworks and custom instructions are open-source on the Glasswing project page. And the Cyber Verification Program is open for security vendors and partners who want to validate findings inside their existing pipelines. Mythos 1 access remains gated; the public timeline is "near future" without a date.
Why It Matters for Web Developers
Two takeaways for anyone shipping production code. First, the bar for "we'll get to the security backlog eventually" just dropped sharply. A model that surfaces 90%+ true-positive severe findings makes the cost of triage less than the cost of being the next post-mortem. If you're on Claude Enterprise, turning Claude Security on against your repo is a measurable risk reduction this week, not a roadmap item.
Second, the Mythos rollout signals where the frontier of agentic coding is heading. The same capability that finds and patches vulnerabilities at scale is the capability that scans your commits for secrets, audits dependencies before you publish, and—if you're a maintainer—triages incoming reports with enough precision to be useful instead of noise. The economics of OSS security maintenance change when the bottleneck shifts from "finding bugs" to "merging fixes."