So something pretty big happened in the cybersecurity world last week, and I think most people in India either haven’t heard about it, or if they have, they don’t fully understand why it matters. Let me try to explain it in a way that actually makes sense.
Anthropic — the company that makes Claude, the AI assistant — announced on April 7, 2026 that they’ve built a new AI model called Claude Mythos. And this model is apparently so good at finding security holes in software that Anthropic decided: we can’t release this to the public. Not yet, maybe not ever. Instead, they quietly gave access to a small group of big companies — Microsoft, Google, Apple, Amazon Web Services, Cisco, Nvidia, JPMorgan Chase, the Linux Foundation, and a few others — and basically said: here, use this to find the problems in your own software before someone bad gets hold of something like this.
They called this effort Project Glasswing.
The short version is this. Mythos can find security holes in software — holes that nobody knew existed — completely on its own. Then it writes working code to actually exploit those holes. And it can do this across every major operating system, every major web browser, and a lot of the core software that runs the internet. They found thousands of these vulnerabilities. Over 99% of them are still not fixed as of the announcement, because Anthropic is doing the responsible thing and notifying the affected companies one by one.
If you’re wondering why this is a big deal, stick with me.
What Even Is a Zero-Day Vulnerability?
Okay, quick explanation before we get into the scary stuff.
When software gets written, sometimes there are bugs in it. Some bugs just crash the app. Others — the really dangerous kind — can let a hacker break into your computer, steal your data, or take over entire systems. These dangerous bugs are called vulnerabilities.
A “zero-day” is a vulnerability that nobody knows about yet. Not the company that made the software, not the security researchers who study it, nobody. So there’s zero days of warning before it could be used against you.
Finding zero-days is hard. Really hard. It usually takes months of work by expert security researchers, and the good ones get paid serious money for it — sometimes in the hundreds of thousands of dollars for a single vulnerability in an important product. Governments buy them. Intelligence agencies stockpile them. There’s a whole underground market for this stuff.
What Mythos did was find thousands of these, autonomously, in weeks.
What Mythos Actually Did (And It’s Genuinely Wild)
This part is where it gets a bit technical, but in simple words.
Anthropic’s security team ran Mythos against some of the most well-tested software in the world — stuff that has had automated tools (called fuzzers) running against it for years, millions of hours of automated testing. Mythos still found bugs those tools had completely missed.
One example they published: a 16-year-old bug in FFmpeg’s video processing code. FFmpeg runs on basically every platform that deals with video — your phone, streaming services, you name it. The bug was introduced in a commit from 2003 and exposed further in 2010. Every security scanner, every human reviewer, every fuzzer for over a decade: missed it. Mythos found it.
Another one: a 17-year-old remote code execution bug in FreeBSD’s NFS server. Without any human involvement after the first prompt, Mythos identified the bug and wrote a full working exploit. An unauthenticated attacker could have used it to get complete root access to the server. CVE-2026–4747.
For the browser people: Mythos chained together four separate vulnerabilities in a major web browser to write an exploit that escaped both the browser sandbox and the operating system sandbox. To understand how hard that is — browser companies specifically design those sandboxes to be nearly impossible to escape. A human researcher would need months to find four vulnerabilities and figure out how to chain them.
The scariest thing Anthropic mentioned: their engineers “with no formal security training” asked Mythos to find remote code execution vulnerabilities overnight and woke up the next morning to a complete working exploit. So this isn’t just a tool for expert hackers. A random person with access to it could use it as a weapon.
They also mentioned something they’re keeping quiet about — over 99% of the vulnerabilities Mythos found are still unpatched. They’re working through coordinated disclosure, which means notifying each software owner privately so they can fix it before details go public. But that takes time. A lot of time.
Why Didn’t Anthropic Just Release It?
This is the part I think a lot of people don’t fully appreciate about Anthropic’s decision.
They could have. They could have made this thing available in the API and made a lot of money from security researchers and companies using it. Instead they said no.
Their stated reason is pretty honest: the same thing that makes Mythos good at finding and fixing vulnerabilities also makes it extremely good at exploiting them. Once something like this is available to everyone, it’s also available to criminals, nation-state hackers, ransomware gangs. The window between a vulnerability being discovered and being exploited by attackers has already been shrinking. According to Sergej Epp’s Zero Day Clock an industry tracker for this sort of thing the average time-to-exploit now sits under 20 hours. Mythos could compress that even further.
So instead of releasing it, they formed Project Glasswing. The idea is: give this to the companies who own the most critical software in the world, let them use it to find and fix their own bugs, and buy the world some time before models with similar capabilities inevitably end up in the wrong hands.
Is it a perfect solution? No. Tom’s Hardware (among others) pointed out that Anthropic’s announcement had some marketing flavor to it, and that not all the “thousands of vulnerabilities” are necessarily critical or exploitable in practice. Fair point. But even accounting for some skepticism, the core capability is clearly real — the specific technical examples they published are documented with CVE numbers and confirmed patches.
Also worth mentioning: Anthropic accidentally leaked details about Mythos a month before the official announcement because someone stored internal documents in a publicly accessible cache. Then they had a second incident where about 2,000 source code files from Claude Code were exposed for roughly three hours. So they’ve had a bit of a rough few weeks on the operational security front, which is at least a bit ironic given what Mythos is for.
Where Does India Fit Into All This?
Okay, so this is what I really want to talk about.
India is in a genuinely tricky spot here, and I don’t think it’s getting enough attention.
We have spent the last five to seven years building out a massive digital infrastructure. UPI, DigiLocker, Aadhaar, ONDC, government portals for everything from land records to ration cards. Hundreds of millions of Indians now interact with digital systems daily who never did before. That is actually great. But there’s a problem hiding underneath all of it.
A lot of the software running these systems is old. Some of it is very old. Many Indian banks still operate on decades-old platforms that were never designed to withstand modern cyber threats. Some banks continue using software without multi-factor authentication, meaning a simple password guess can grant access to sensitive systems. That’s not a conspiracy theory that’s from a legal analysis by Dr. Prashant Mali, a practicing cyber law expert, published late 2025.
Cybersecurity budgets at many Indian financial institutions often represent less than 1% of total IT expenditure which is, honestly, shocking when you think about how much money flows through these systems every day. The RBI has been pushing banks to do better, and they did increase regulatory pressure in 2025, but the gap between policy and practice is still pretty wide.
The numbers paint a rough picture. According to the Reserve Bank of India, reported cyber fraud cases in the banking sector jumped by nearly 40% in the first half of 2025 compared to the same period in 2024. In the first half of 2024 alone, India experienced 593 cyberattacks, including 388 data breaches, 107 data leaks, and 39 ransomware incidents.
And that’s with the current generation of attack tools. Before Mythos. Before AI-powered vulnerability discovery became this good.
The specific risk for India from something like Mythos or from attackers eventually getting similar capabilities is the combination of old software, large attack surface, and genuinely inadequate defenses in critical sectors. Over 265 million malware detections have been recorded in India’s 2025–2026 threat landscape, with trojans and file infectors making up 70% of all detections, and supply chain and vendor portal attacks being the preferred entry point for India’s banking sector.
Government portals are a particular concern. A lot of them run on software that hasn’t been updated in years, built by vendors who may not even exist anymore, on frameworks with known vulnerabilities that nobody got around to patching. If a Mythos-class model ever got pointed at India’s government digital infrastructure specifically, the results could be pretty bad. I’m not trying to be dramatic, that’s just the math.
The Legacy System Problem Is Worse Than You Think
Here’s a thing most tech coverage glosses over when talking about India’s cybersecurity.
The problem isn’t just that systems are old. It’s that updating them is genuinely hard. A government banking portal that was built in 2009 on a specific version of Java might have 15 years of business logic baked into it. You can’t just swap it out over a weekend. Every change requires testing, approvals, procurement processes, and political sign-off. I know someone who worked on a state government IT project and told me the software they were maintaining was last significantly updated in 2014 and runs on a server that they’re literally afraid to restart because nobody’s sure it’ll come back up. That’s not unique.
So when Mythos-level tools start finding zero-days in old codebases the kind of deeply buried bugs that survived 15 years without anyone noticing Indian institutions running those old codebases are going to be exposed to vulnerabilities they can’t quickly patch even if they wanted to.
The Cloud Security Alliance put it plainly in their April 2026 briefing: defenders still operate patch cycles, risk models, and detection systems built for human-speed threats. Those systems were not designed for an environment where the average time-to-exploit now sits under 20 hours.
Twenty hours. Think about that for a second. A vulnerability gets announced, and within 20 hours, someone’s building an exploit. India’s government IT departments don’t work on 20-hour timelines. Neither do most banks.
Is Project Glasswing Actually Enough?
This is the honest question, and the honest answer is: probably not on its own.
Project Glasswing is a good start. Giving defensive access to companies like Microsoft and Google makes sense — they own huge chunks of the world’s core software infrastructure. If Mythos helps them find and fix deep bugs in Windows, Linux, Chrome, and AWS before those bugs get weaponized, that protects everyone downstream, including India.
But here’s what Project Glasswing doesn’t cover: the thousands of custom applications built by Indian banks, government departments, state utilities, and telecom companies. Microsoft patching Windows helps, but it doesn’t help a public sector bank running a custom Java application from 2011 with a login page that still doesn’t have HTTPS properly configured. That software isn’t in scope for Glasswing.
Security researchers note that the most immediate consequence of Mythos is simply more CVEs. Models will discover zero-days, prove their exploitability, and responsibly disclose them to software vendors and open source project maintainers. Every vulnerability discovered will eventually become a public CVE with a patch but attackers will invest in patch-diffing immediately, leading to exploitation in the wild of a higher number of recently published vulnerabilities.
So the volume of known, patched vulnerabilities is about to go way up. That’s good from a “the bugs get fixed” standpoint. It’s bad from a “now there are a lot more targets that know they have a problem but haven’t patched yet” standpoint. And organizations that are slow to patch — which, as we discussed, includes a lot of India’s public sector — are going to be sitting in that gap between “patch released” and “patch applied” for a long time.
What Should Actually Change
I’ll be direct here because I think the “what should India do” conversation often devolves into generic advice.
The most concrete thing: India needs to treat software updates in critical infrastructure as a security emergency, not an IT department to-do item. The RBI has been moving in the right direction by tightening audit requirements, but “conduct frequent security audits” is not the same as actually patching things. CERT-In issued multiple advisories in 2025 about specific ransomware and phishing campaigns targeting Indian banks — but advisories are only useful if someone reads them and acts on them.
Second: the multi-factor authentication gap is embarrassing and fixable. According to the Indian Cybercrime Coordination Centre, only 25% of users utilize two-factor authentication. That’s a behavioral and awareness problem as much as a technical one, and it’s fixable without a massive infrastructure overhaul. Banks should make it mandatory, not optional. Several don’t.
Third: and this is the harder one India needs a version of what Anthropic is doing with Glasswing but for domestic critical infrastructure. CERT-In, or the Ministry of Electronics and Information Technology, should be working with AI security tools now to audit the most vulnerable government and banking software before Mythos-level capabilities become widely available. That window is open right now. It won’t be open forever.
The Tom’s Hardware criticism of Anthropic’s announcement is worth keeping in mind too not all of the “thousands of vulnerabilities” will be critical, and some skepticism about scale is reasonable. But even the verified examples are serious enough. A 17-year-old root access bug in a file server protocol. A video codec vulnerability from 2003. These things exist in software that runs everywhere, including in India.
Anthropic said something when they published Mythos’s capabilities that I keep coming back to. They didn’t train Mythos to be good at hacking. It got good at hacking as a side effect of getting better at coding and reasoning. As they put it: “The same improvements that make the model substantially more effective at patching vulnerabilities also make it substantially more effective at exploiting them.”
That’s the thing about this moment. We’re not dealing with a purpose-built cyberweapon. We’re dealing with a general-purpose AI that became a cyberweapon as a byproduct of becoming smarter. And the next one the one after Mythos will be smarter still.
So What Now?
Project Glasswing is a real and meaningful effort. Anthropic made a defensible call keeping Mythos restricted. The Glasswing partners Microsoft, Google, Apple, and others will find and fix a lot of bugs in the software that India and the rest of the world depends on.
But the protected zone only extends so far. India’s banking system, government portals, and critical infrastructure largely sit outside it. And the threat environment is getting harder, not easier.
The good news, I guess, is that this is all happening openly. Anthropic published their findings. CERT-In is watching. Security researchers are talking about it. The window to act is still open. The Cloud Security Alliance specifically recommends that organizations which haven’t yet integrated language models into their vulnerability management workflows start now with currently available frontier models, which are already capable of finding high- and critical-severity bugs in web applications, cryptography libraries, and the Linux kernel.
India’s public sector IT doesn’t need to wait for Mythos. Current Claude models found over 500 high-severity vulnerabilities in open source software before Mythos even existed. The tools are already there. The question is whether the organizations that most need to use them actually will.
I’m not particularly optimistic about the speed of that change, honestly. But I’m hoping to be wrong.