Lead Story | Intel | Dev · Cloud+DevOps · Enterprise |
|
AI Finds Thousands of Zero-Days in Critical Software — Before the Attackers Do
Anthropic’s Project Glasswing deploys Claude Mythos Preview to autonomously discover vulnerabilities that evaded human experts and automated testing for decades. The capability threshold has been crossed — the question now is who gets there first.
On April 7, Anthropic announced Project Glasswing — a controlled programme that gives a small group of critical infrastructure organizations and open-source maintainers early access to Claude Mythos Preview, the company’s most capable unreleased model. The stated goal is to let defenders find and patch vulnerabilities before adversaries with comparable AI capabilities can exploit them.
The results published by Anthropic are significant. Mythos Preview independently identified thousands of zero-day vulnerabilities across major operating systems and browsers — among them, a flaw in OpenBSD that had sat undetected for 27 years, and a vulnerability in FFmpeg that five million automated test runs failed to surface over 16 years of testing. Every finding was reported to maintainers and patched before public disclosure.
On the CyberGym vulnerability reproduction benchmark, Mythos Preview scored 83.1% — compared to 66.6% for Claude Opus 4.6. That gap is meaningful. Mythos Preview isn’t incrementally better at vulnerability research; it’s operating at a capability level that, per Anthropic’s own assessment, exceeds all but the most skilled human researchers. That assessment is part of why the model is not being made generally available.
The eleven founding Glasswing partners are: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. More than 40 additional organizations received evaluation access. Anthropic is pairing the programme with $100 million in model usage credits and $4 million in direct donations to open-source security organizations via the Linux Foundation and Apache Software Foundation.
For security teams, the dual-use reality is hard to ignore. AI that can find a decades-old flaw in FFmpeg in hours is the same category of capability an adversary could point at your environment. What Glasswing is actually doing is establishing a time advantage — not a permanent one, but a real one. The patch window created by responsible disclosure is the margin defenders are buying. Whether it’s sufficient depends entirely on how fast your organization can close vulnerabilities once they’re known.
→ Key Takeaway AI has crossed the threshold where it can find decade-old vulnerabilities that automated testing never could. Glasswing’s responsible disclosure model buys defenders a patch window — but only if your vulnerability management programme can move at the same speed. The question isn’t whether AI will be used to find vulnerabilities in your environment. It’s whether it will be used to fix them first. |
Quick Hits
| 01 |
Secure Boot Certificates Expire June 2026 — OEM Firmware Is the Blocker
Three core Windows Secure Boot certificates expire in June 2026 — Microsoft Corporation KEK CA 2011, Microsoft Corporation UEFI CA 2011, and Microsoft Windows Production PCA 2011 — with the Windows bootloader certificate following in October. Systems that miss the June deadline lose the ability to receive boot-level security updates going forward. The critical constraint is OEM firmware: Windows can’t apply the replacement certificates until each device has received an OEM firmware update first. Microsoft distributed the new certificates in the February 2026 cumulative update, but they remain dormant on any machine whose firmware hasn’t been updated. The Windows Security app (April 2026 and later) now shows green, yellow, or red status icons for certificate readiness — use it to identify gaps in your fleet. Act now: OEM firmware lead times can be long, and June is closer than it looks. Microsoft TechCommunity →
| Action Required | IT Ops · Cloud+DevOps |
|
| 02 |
Malicious npm Package Targeted Cursor, Claude, and Windsurf API Keys — DPRK-Linked
A malicious npm package named gemini-ai-checker — published March 20, 2026, presented as a Gemini token verification utility — was specifically built to steal API credentials from AI coding environments. The payload accessed directories used by Cursor, Claude, Windsurf, PearAI, Gemini CLI, and Eigent AI, extracting developer API keys, conversation logs, and source code. Two companion packages on the same Vercel infrastructure rounded out the campaign; combined downloads exceeded 500 before gemini-ai-checker was pulled just before April 1. Researchers at CyberAndRamen traced technical fingerprints — including Socket.IO usage patterns, module structure, and obfuscation style — to OtterCookie, a JavaScript backdoor analyzed by Microsoft in March 2026 and assessed with moderate-to-high confidence as a DPRK Contagious Interview campaign tool. If your developers use any of these AI coding environments, rotate all stored credentials now. CyberAndRamen →
|
CVE Watch
|
Patch of the Day
| CVE-2026-3502 | CVSS 7.8 HIGH |
TrueConf Client Update Mechanism Exploited to Deploy Havoc C2 — Operation TrueChaos
TrueConf Client (through build 8.5.3.884) applies application updates without performing integrity verification on the downloaded package. If adversaries have established access to the on-premises TrueConf server, they can swap the legitimate update for any executable of their choosing — which connected clients download and run silently, achieving arbitrary code execution at the client’s privilege level. Check Point Research documented active exploitation as part of Operation TrueChaos, a campaign attributed with moderate confidence to a Chinese-nexus threat actor targeting government networks in Southeast Asia. The attacker weaponized the update mechanism to deploy the Havoc post-exploitation implant via DLL side-loading, then conducted hands-on-keyboard reconnaissance, persistence, and privilege escalation across compromised endpoints. CISA added CVE-2026-3502 to the Known Exploited Vulnerabilities catalog on April 2, 2026, confirming active exploitation. CISA also issued a patch deadline of April 16, 2026, for US federal civilian agencies.
| Vendor: TrueConf · Patched: Update beyond build 8.5.3.884 (patch released March 2026) · CISA KEV: Yes — added April 2, 2026 · Source: Check Point Research — CVSS by Check Point / NVD |
|
Compliance Tip of the Day
|
NIST CSF 2.0 — DE.CM — Detect: Continuous Monitoring
When AI Can Find a 16-Year-Old Bug in Hours, Your Patch Cadence Is a Strategic Choice — Not a Schedule
DE.CM asks whether your organization has continuous visibility into vulnerabilities before attackers can exploit them. Project Glasswing changes what “before” means. An AI system finding a decade-old FFmpeg vulnerability that survived five million automated test runs compresses the discovery-to-exploit timeline in ways that traditional monthly scan cadences were never designed for. Your monitoring assumptions — patch window, mean time to remediate, quarterly review cycles — were built for a world where humans found vulnerabilities at human speed. Concrete action (DE.CM-08): Review your vulnerability management SLA. If your current process assumes a 30-day or 90-day remediation window for critical findings, stress-test that assumption against a world where the same finding could be weaponized the day it becomes public. Determine whether your highest-priority attack surface — internet-facing systems, identity infrastructure, build pipeline — warrants a shorter-cycle scan and patch commitment, independent of vendor patch schedules.
|
|
HARDENED | This newsletter does not constitute professional security advice. Security configurations and threat landscapes vary by organization. Consult a qualified security professional for implementation guidance specific to your environment. How we work: HARDENED uses AI agents for research, drafting, and automation. Every issue is reviewed by humans before publication. If you spot an error, reply directly — we correct the record promptly. Sources: Anthropic (Project Glasswing), anthropic.com/glasswing · Anthropic Red Team (Claude Mythos Preview), red.anthropic.com/2026/mythos-preview/ · Microsoft TechCommunity (Secure Boot certificate expiry, April 2026), techcommunity.microsoft.com · CyberSecurityNews (gemini-ai-checker), cybersecuritynews.com · CyberAndRamen (OtterCookie analysis, April 4, 2026), cyberandramen.net · Check Point Research (Operation TrueChaos), research.checkpoint.com · CISA KEV catalog (CVE-2026-3502, added April 2, 2026), cisa.gov/kev · NVD (CVE-2026-3502), nvd.nist.gov · NIST CSF 2.0, nist.gov/cyberframework |
|
