SKIP TO CONTENT
vibe coding academy
ON AIR — VIBE CODING ACADEMY · EN · LIVE
All articles
SECURITY·May 29, 2026·8 MIN READ

Project Glasswing: Claude Mythos Found 10,000+ Critical Vulnerabilities in One Month — What Vibe Coders Need to Know

By EndOfCoding

Anthropic just published the first update from Project Glasswing, and the numbers are staggering: Claude Mythos, running autonomously, identified over 10,000 high or critical severity vulnerabilities across AWS, Apple, Google, and Microsoft in a single month. Anthropic has committed $100M in credits and $4M in open-source security donations to scale this effort. For vibe coders — who are already producing code faster than security teams can review — this changes the risk equation dramatically.

What You'll Learn

You'll understand what Project Glasswing is and why it matters, how AI-powered vulnerability discovery at this scale compares to traditional security research, what the 10,000+ findings mean for codebases built with AI assistance, and concrete steps to align your vibe coding workflow with the kind of security rigor that Glasswing validates is now possible at machine speed.

What Is Project Glasswing?

Project Glasswing is Anthropic's autonomous security research program powered by Claude Mythos — their most powerful, currently research-only model. The program runs continuously, scanning partner organization codebases and infrastructure for vulnerabilities, then reporting findings to the affected organizations before public disclosure.

In its first month:

  • 10,000+ high or critical severity findings across four of the world's largest tech companies
  • Partner organizations: AWS, Apple, Google, Microsoft
  • $100M in compute credits committed to scale the project
  • $4M in donations to open-source security projects
  • All findings disclosed responsibly with 90-day coordinated disclosure windows

Why This Is a Paradigm Shift

Traditional security research is bottlenecked by human hours. A senior vulnerability researcher might find 50-100 significant findings per year. Glasswing is finding 10,000+ per month — a 100x amplification of the entire industry's research capacity.

Palo Alto Networks published corroborating data this week: AI models are now finding more CVEs per month than human security researchers for the first time in history. We've crossed a threshold.

What This Means for AI-Generated Code Specifically

The irony of this moment is sharp: AI is generating code at unprecedented speed (4% of all GitHub public commits are now from Claude Code alone), and AI is now finding vulnerabilities at unprecedented scale. The question is whether the finding-rate is keeping pace with the generation-rate.

Early Glasswing data suggests it is not — the 10,000 findings include patterns that appear frequently in AI-generated code:

Injection vulnerabilities: AI models often generate correct-looking SQL and command execution patterns that skip parameterization when inputs come from variables that 'look' safe from naming conventions.

Authentication bypass: AI-generated auth middleware that passes review but has logical edge cases — empty-string tokens accepted, expired JWTs not re-validated on sensitive routes.

IDOR at scale: API endpoints that return the right data structure but don't verify the requesting user owns the resource — a pattern AI reproduces because ownership checks are rarely in the training examples for 'create endpoint for X'.

Practical Steps for Your Vibe Coding Workflow

Step 1: Add Glasswing-Class Scanning to Your CI

You can't run Mythos yourself, but you can approximate its coverage using available SAST tools calibrated for the same vulnerability classes:

# Semgrep covers the injection/auth/IDOR patterns Glasswing targets
npx semgrep --config=auto --severity=ERROR src/

# For Node.js/TypeScript specifically
npx semgrep --config=p/nodejs-security-audit src/

Step 2: Explicitly Prompt for Security Boundaries

Add these requirements to your CLAUDE.md or system prompts:

# Security Requirements (Glasswing-Class)
- All DB queries MUST use parameterized statements — never string concatenation
- Every API route returning user data MUST include: if (record.userId !== req.user.id) throw new ForbiddenError()
- JWT validation MUST check both signature (verify()) AND expiration (exp > Date.now())
- Never log raw request bodies — they may contain PII or credentials
- File upload handlers MUST validate MIME type server-side, not from the Content-Type header

Step 3: Treat AI-Generated Auth as Untrusted Until Reviewed

The pattern Glasswing found most often in enterprise codebases: authentication logic that looks complete but has a quiet bypass. For every auth-related function your AI generates:

  1. Read it line by line — don't trust your first-pass review
  2. Test the failure cases explicitly (expired token, tampered payload, missing header)
  3. Add a comment: // Security reviewed by [your name] on [date]

This creates accountability and forces the slow review that AI-generated auth deserves.

Step 4: Monitor the Glasswing CVE Feed

As Glasswing findings move through 90-day disclosure windows, they'll appear in the NVD and GitHub Advisory Database. Subscribe to advisories for every major dependency in your stack:

# Enable Dependabot for automated CVE monitoring
# .github/dependabot.yml
version: 2
updates:
  - package-ecosystem: npm
    directory: /
    schedule:
      interval: daily
    open-pull-requests-limit: 10

For critical packages (auth libraries, ORM, HTTP servers), set interval: daily — Glasswing-class discovery means new high-severity CVEs can land any day.

Common Challenges

'10,000 vulns sounds like FUD — real companies have security teams' — AWS, Apple, Google, and Microsoft all have world-class security teams. The Glasswing findings are real, disclosed, and being patched. This isn't about companies being careless — it's about the scale of modern codebases making exhaustive human review impossible. AI finds patterns humans miss. 'My project is too small to worry about this' — The Glasswing findings predominantly affect the libraries and frameworks that small projects use. When an NPM package used by 100,000 projects has an IDOR, every project using it is affected. Your exposure is through your dependencies, not just your code. 'I'm already using a linter' — Linters catch style and syntax. SAST tools catch security vulnerabilities. They target different classes of issues. Running ESLint does not protect you from injection vulnerabilities — you need both.

Advanced Tips

Follow Anthropic's security research blog for Glasswing updates — each disclosure wave will include patterns useful for improving your own SAST configuration. Cross-reference your dependencies against the CISA Known Exploited Vulnerabilities catalog (cisa.gov/known-exploited-vulnerabilities-catalog) — these are the vulnerabilities actively being exploited in the wild, and Glasswing's partner program prioritizes the same classes. Consider running Semgrep Pro on your main repo — Glasswing's public disclosure of its rule taxonomy will likely inform a new generation of open-source security rules in H2 2026. Get ahead of it now. If you're building any kind of SaaS on AI-generated code, read the upcoming Glasswing whitepaper when it drops — the vulnerability taxonomy will be the most comprehensive public dataset of AI-generated code security failures ever published.

Conclusion

Project Glasswing is proof that AI can solve the security review bottleneck that has made 'move fast' dangerous for a decade. But that solution is being applied to enterprise infrastructure first. For vibe coders building products today, the practical takeaway is this: add automated SAST, write explicit security requirements into your AI prompts, and treat auth code as requiring human review regardless of how clean it looks. The Glasswing era is here — align your workflow with it. For a complete security checklist for AI-assisted development, see Chapter 19 of the Vibe Coding Ebook, and explore our Security Fundamentals course for the full curriculum.

Back to all articlesGet the newsletter →