Anthropic has unveiled a new AI model, Claude Mythos Preview, capable of identifying hundreds of previously unknown high-severity vulnerabilities, including more than 500 zero-day flaws in open-source software during testing. The model demonstrated the ability to autonomously analyze codebases and surface security weaknesses at scale, significantly accelerating vulnerability discovery.
Testing also showed the model could identify vulnerabilities across major operating systems, web browsers, and widely used software, with some findings involving long-standing flaws that had gone undetected for years.
Due to these capabilities, Anthropic has restricted access to 40 technology companies, including Apple, Amazon and Microsoft, under its “Project Glasswing” initiative rather than releasing the model publicly. The limited group of organizations will use the model to find and patch security vulnerabilities in critical software programs.
Anthropic said the controlled rollout is intended to evaluate both defensive and offensive implications of AI-driven vulnerability discovery, while working with the select partners to manage risks associated with misuse of the technology.
“The goal is both to raise awareness and to give good actors a head start on the process of securing open-source and private infrastructure and code,” Jared Kaplan, Anthropic’s chief science officer said.
Nick Mo, CEO & Co-founder, Ridge Security Technology Inc.:
“You can also look at this from another angle: try using Claude to write some code and see how many bugs, or even new zero-days, it produces. Claude Code is already making developers many times more productive than before, which means the number of potential vulnerabilities being introduced is also many times greater. It’s writing code and writing vulnerabilities at the same time. No wonder they’re rushing to get security companies involved first. Digging holes and filling them simultaneously, the question is just which side is faster.”
Noelle Murata, Sr. Security Engineer, Xcape, Inc.:
“Anthropic’s Claude Mythos Preview has effectively industrialized zero-day discovery, identifying over 500 high-severity vulnerabilities in core open-source software that escaped decades of human and automated scrutiny. These findings include a 27-year-old remote crash bug in OpenBSD and a 16-year-old flaw in FFmpeg, surfaced by a “hypothesize-and-verify” loop that autonomously confirms exploits before reporting them.
“To manage this massive “vulnerability debt,” Anthropic launched Project Glasswing, a restricted partnership with 40 tech giants like Microsoft and Apple to coordinate global patching. By pledging $100 million in compute credits to open-source maintainers, the initiative aims to bridge the gap between AI-driven discovery and the human speed of remediation, ensuring that the “Glasswing 40” don’t become the only secure entities on an otherwise broken Internet.
“If Project Glasswing is a “cyber-nuke,” Anthropic is attempting to ensure the “mutually assured destruction” of bugs happens in a controlled vacuum before it hits the production Internet.”
Steven Swift, Managing Director, Suzu Labs:
“Anthropic has a reputation for exaggerating the capabilities of their models, especially around their ability to find novel vulnerabilities. For example, their models have struggled with line(s) of code that could be vulnerable, but only if you ignored the preceding lines of code, that properly handled the risk and left no residual vulnerability.
“Looking at what they’ve published so far in their Mythos Preview, they’re again making big claims. Particularly of note, is that the community is not being given access to the model at this time. That means it isn’t possible to audit big claims, and we’re left with Anthropic asking us to trust them, despite having established a pattern of misrepresentation and exaggeration on many of their other publications.
“Let’s take a closer look at what they’re claiming, and what they’re willing to provide details on. The claim is that Mythos can find and fix novel vulnerabilities in secure code bases, that have been competently hardened via legacy tooling and review processes. To provide evidence of this capability they describe the finding vulnerabilities in the following software packages: OpenBSD, FFMPEG codec H.264, an undisclosed VMM, and “several thousand more.”
“They estimate they spent $20,000 to find the OpenBSD bug, though they said that was the total run, which found other bugs as well.
“Great, we have two specific vulnerabilities that they’ve specifically chosen to highlight.
“They accurately highlight the difference between vulnerability – a POTENTIAL weakness. And an exploit, a functioning piece of code that takes advantage of one or more vulnerabilities.
“We then move on to exploit development, which is COMPLETELY different than discovering vulnerabilities. Exploits are just code. If you provide any major LLM a sufficient detail of how an exploit works, it should be able to generate a functioning exploit. This is not new. It however relies on two things 1) sufficient detail for the exploit 2) sufficient detail for the system that is being exploited.
“They describe writing an exploit for FreeBSD which did not require human-in-the-loop interactions. However, they point out that Opus was also able to exploit the same vulnerability, though it did require such human input.
“Additionally, when looking at the Linux kernel, they admit that they were not able to create functioning exploits with the “vulnerabilities” that were discovered.
“They also go into great detail about a kernel exploit that Claude wrote. But for this exploit to be possible, they had to provide it PREVIOUSLY DISCOVERED context from a fuzzer. That is again, very much NOT Mythos discovering and exploiting a vulnerability. But merely demonstrating that if you provide sufficient context, these models can write code. This is the capability that they chose to highlight with the longest and most detailed technical breakdown. And while the exploit that was eventually developed is claimed to elevate privileges to root, it needs to be emphasized again here. Mythos did not “discover” this vulnerability. It merely wrote some code, after being provided sufficient technical information into its context as to what code it should write.
“Anthropic knows what they’re doing. They’re making big claims, because attention is good for their business model. They’re providing just enough detail so that their claims look convincing at first glance. But when you look closer, claims lack substance and rely on implications that all of the examples related prove their claims. This lets the reader naturally jump to conclusions that aren’t explicitly stated, but are easy to make. And they bury this under a lengthy, fairly technical document. Making it yet more challenging for readers to decipher.”
Sunil Gottumukkala, CEO, Averlon:
“Mythos Preview signals that zero-day discovery is becoming cheaper, faster, and more scalable. Researchers have already shown earlier models can help find serious vulnerabilities, but this represents a real capability jump. Even with restricted access, the broader implication is clear: we should expect more dangerous vulnerabilities to be found across major software platforms, and many organizations still don’t patch fast enough to keep up.
“Once a patch is released, adversaries often move quickly to reverse engineer it and build exploits. At that point, the impact extends well beyond the small group with direct access to the model, potentially increasing overall breach volume.”
Joshua Marpet, Senior product security consultant, Finite State:
“Anthropic limiting Mythos access to top defenders via Project Glasswing is a fantastic first step, but it needs to be codified and expanded. Expect a new model to completely break the security landscape every six to twelve months.
“The speed of this evolution is staggering. Three years ago, LLMs barely wrote functional code. Today, they’re autonomously surfacing zero-days at scale. Tomorrow, they’ll be pointed directly at compiled binaries and firmware, exploiting the products we actually ship, not just source repositories. What does this look like five years from now?
“Future breakthroughs won’t always come with responsible disclosure. The next leap in offensive AI will easily emerge from adversaries with zero intention of giving us a “head start.”
Security teams are already drowning. When adversaries start using autonomous agents to uncover zero-days, manual triage will completely break. We must shift immediately to defensive systems that cut through the noise and automatically prioritize real, reachable exposure.
“We have to think beyond corporate consortia. We need a completely new wing of the intelligence community, agencies where humans and autonomous AI agents work side-by-side to acquire, analyze, and counter advanced adversary models.
“The offensive landscape just went autonomous. We can no longer fight machine-speed threats with manual, point-in-time reviews. Defense must become as continuous and autonomous as the attacks coming our way.”
Bad guys are going to use this technique to pwn you. Thus you really need to put the time and effort into making sure that everything that you use is as secure as possible. And then you need to keep going back and reconfirming that you are still secure because the bad guys are going to do the same thing.
Samsung Unveils Galaxy A57 5G and Galaxy A37 5G
Posted in Commentary with tags Samsung on April 9, 2026 by itnerdSamsung today announced the new Galaxy A57 5G and Galaxy A37 5G, the latest Galaxy A series devices that bring Samsung’s newest mobile innovations — including enriched Awesome Intelligence — to more users worldwide. The latest Galaxy A series reflects Samsung’s commitment to expanding AI capabilities across more devices and empowering more users to harness the power of intuitive AI that simplifies everyday tasks. Galaxy A57 5G and Galaxy A37 5G strengthen the experiences users rely on every day with upgrades to performance, camera and display, alongside durability and security features. With long-term security support, the new Galaxy A series is built for the long-haul. Leading the lineup is the Galaxy A57 5G, featuring a slimmer, more refined design and upgraded AI-powered capabilities that make it the most powerful Galaxy A series device yet.
Enriched Awesome Intelligence Designed for Everyday Life
Through the latest One UI 8.5, Galaxy A57 5G and A37 5G extend Samsung’s latest AI innovations to more users, with Awesome Intelligence that helps people get more things done with ease while unlocking new ways to create and stay productive.
Voice Transcription is new to the Voice Recorder app, making it easier to revisit important details from meetings, lectures or calls by quickly transcribing and translating call recordings or turning voicemail audio into text. AI Select is easier to access with a long press on the Edge Panel, surfacing relevant actions directly on the screen to extract text or create content without manually selecting items. AI Select also supports Drag & Drop in Multi-Window layout, allowing users to easily move images into Samsung Notes or Photo Editor for faster editing and improved productivity.
Awesome Intelligence makes everyday photo editing easier than ever. Object Eraser now delivers more natural results when removing unwanted distractions, like a passerby in the background or clutter in a café. On Galaxy A57 5G, Best Face supports more photos and continuous shooting, making it easier to capture the perfect group photos where everyone looks their best. Fan favourite tools like Filters and Edit Suggestions help users quickly refine and share moments without extra effort, while Galaxy A57 5G also features Auto Trim for even easier video editing.
Circle to Search with Google adds multi-object recognition so users can easily explore multiple items in an image at once — from an outfit to surrounding accessories — all in one search.
The new Galaxy A series expands Awesome Intelligence experiences with a choice of agents designed to simplify everyday tasks from search to organizing plans or easily adjusting settings. As a conversational device agent, upgraded Bixby lets users intuitively control Galaxy settings and features using natural language, while Gemini navigates complex tasks across native Galaxy apps and select third-party apps to support faster, more intuitive interactions.
Awesome Camera to Capture Clearer Photos and Videos, Day or Night
As AI becomes more deeply integrated into mobile experiences, camera performance remains essential to delivering the everyday usability and satisfaction users expect.
Galaxy A57 5G and A37 5G deliver brighter, clearer visuals powered by the upgraded camera hardware and an improved Image Signal Processor (ISP). The devices feature a versatile triple-camera system, led by a 50MP main sensor, delivering sharp, detailed images across a wide range of lighting conditions without the need for manual adjustments.
When the lights go down, the Galaxy A57 5G and A37 5G camera adapts seamlessly with Nightography, capturing clear and true-to-life photos and videos even in low light conditions.
Galaxy A57 5G takes photography a step further with enhanced image processing that sharpens detail and reduces noise for even clearer, more vibrant results. It delivers rich contrast and balanced colour even in challenging light, and with a faster shutter speed, users can instantly capture fleeting moments faster and with improved clarity.
Galaxy A57 5G and A37 5G also benefit from AI-based subject recognition and scene optimization to balance portraits, preserve natural skin tones and create clearer background separation. When the moment calls for a wider perspective, the ultra-wide lens captures more in every group photo or landscape view, while the 5MP macro camera reveals fine details up close for added creative flexibility.
Performance for Streaming and Multitasking
Galaxy A57 5G delivers an improved design and performance, combining upgraded CPU, GPU and NPU to deliver improved performance with its sleek and light form. Built for smooth streaming, scrolling and content creation, its refined design features a glossy finish and distinctive triple-camera island for a standout modern look that feels comfortable in-hand.
Despite its slimmer profile, Galaxy A57 5G packs powerful performance. Its 5,000mAh battery supports up to two days of use — powering everything from filming and editing to viewing on the go. Super Fast Charging 2.0 reaches up to 60% in around 30 minutes for a quick boost before heading out, while a 13% larger vapor chamber helps sustain performance during extended gaming or recording. Slimmer bezels and a bright Super AMOLED + display with Vision Booster on both models ensure an immersive, clear viewing experience indoors and outside.
Built for everyday use, Galaxy A57 5G and A37 5G are rated IP68 for water and dust resistance, adding protection in real-world environments and offering users peace of mind when accidents happen.
Long-Term Support and Foundational Security
Galaxy A57 5G and A37 5G reinforce Samsung’s commitment to device longevity, giving users the confidence to rely on their device for years to come.
Samsung provides a fortified layer of device safety, transparency and user choice with Knox Vault, a hardware-based, tamper-resistant security solution. Galaxy A series offers users holistic protection through innovative security and privacy features including Security & Privacy Dashboard, Auto Blocker, Private Sharing, Theft Protection as well as the new Private Album, a Gallery feature that allows users to lock away personal media quickly and easily. Unlike traditional safeguards, the latest A series devices also proactively notify users about potential risks with Privacy Alerts, which are intelligent notifications that offer clearer insight and control over location permissions or suspicious monitoring of sensitive data. Together, these enhancements make security feel as intuitive as the rest of the experience, making device protection easier than ever for everyone.
Availability
Galaxy A57 5G and A37 5G will be available starting April 9 in select markets. Galaxy A57 5G will be offered in Awesome Navy, while Galaxy A37 5G comes in Awesome Charcoal. For added peace of mind, Samsung Care+ offers comprehensive coverage optimized to users’ device needs, including tailored benefits that help protect the device’s value.
Leave a comment »