Claude Mythos Finds Bugs Like a Senior Dev Finds Excuses to Skip Standup

A bug in OpenBSD. It had been there for 27 years. 27 years of code reviews, security audits, version updates. Nobody caught it. Another one in FFmpeg, 16 years old, after 5 million automated fuzzing iterations. Still standing. Then an AI model showed up, read the code, and found them. Without being told where to look. This is Project Glasswing . And it changes a few things. What Glasswing Found (and Nobody Else Did) Anthropic just published results from Claude Mythos Preview , a model specialized in vulnerability detection. The findings speak for themselves. A flaw in OpenBSD's TCP SACK implementation dating back to 1999. A signed integer overflow allowing remote denial-of-service. The kind of bug that survived hundreds of reviews, dozens of major releases, thousands of pairs of eyes. Still there. A defect in FFmpeg's H.264 decoder, 16 years old. A sentinel collision causing an out-of-bounds write. Automated tools never caught it. Not for lack of trying: 5 million fuzz tests . Zero res