When the Model Finds 27-Year-Old Bugs: Anthropic's Project Glasswing

When the Model Finds 27-Year-Old Bugs: Anthropic's Project Glasswing Anthropic just released their most powerful model yet. But you can't have it. Claude Mythos isn't another chatbot update. It's a cybersecurity research tool that found thousands of high-severity vulnerabilities—including one in OpenBSD that had been sitting there for 27 years. The decision to restrict access wasn't marketing theater. It's a genuine acknowledgment that the capability gap has widened fast enough to warrant pause. What Mythos Can Actually Do The technical details in Anthropic's announcement are striking: Wrote a browser exploit chaining four vulnerabilities together Achieved remote code execution on FreeBSD's NFS server via a 20-gadget ROP chain split across packets Found local privilege escalation on Linux by exploiting race conditions and KASLR bypasses Discovered a 27-year-old TCP vulnerability in OpenBSD that could crash any server with malformed packets For comparison: Claude Opus 4.6 had a near-0%