Anthropic Warns AI-Powered Cyberattacks Will Surge Within 24 Months

The post Anthropic Warns AI-Powered Cyberattacks Will Surge Within 24 Months appeared on BitcoinEthereumNews.com.

Zach Anderson
Apr 10, 2026 23:18

Anthropic releases security guidelines as Project Glasswing reveals frontier AI models can now find and exploit vulnerabilities faster than human defenders.

Anthropic dropped a sobering assessment this week: within two years, AI models will uncover vast numbers of software vulnerabilities that have sat unnoticed in code for years—and chain them into working exploits. The company’s security teams released detailed defensive recommendations alongside Project Glasswing, their initiative to deploy Claude Mythos Preview’s capabilities for cyber defense. The math here isn’t complicated. If attackers can use frontier models to automate vulnerability discovery and exploit generation, the window between a patch dropping and a working exploit appearing shrinks dramatically. Anthropic’s security engineers have watched this happen in their own testing. What Their Research Actually Found According to Anthropic’s technical findings, AI models excel at recognizing signatures of known vulnerabilities in unpatched systems. Reversing a patch into a working exploit—exactly the kind of mechanical analysis these models handle well—used to require specialized skills. Now it’s becoming automated. The company noted that publicly available models below Mythos capability levels can already find serious vulnerabilities that traditional code reviews missed for extended periods. Mozilla Firefox vulnerabilities discovered through AI scanning serve as one documented example. The Defensive Playbook Anthropic’s recommendations prioritize controls that hold even against attackers with unlimited patience and AI assistance. Friction-based security measures—extra pivot hops, rate limits, non-standard ports—lose effectiveness when adversaries can grind through tedious steps automatically. Their top priorities: Patch velocity matters more than ever. Internet-facing applications should receive patches within 24 hours of an exploit becoming available. The CISA Known Exploited Vulnerabilities catalog should be treated as an emergency queue. Anthropic recommends using EPSS (Exploit Prediction Scoring System) for prioritizing everything else. Prepare for 10x vulnerability…

Leave a Reply

Your email address will not be published. Required fields are marked *

Filed under: News - @ April 11, 2026 3:16 am