Anthropic's Project Glasswing has uncovered more than 10,000 software vulnerabilities using artificial intelligence, the company announced. The AI-driven detection system found the flaws at a speed that outstrips the ability of human teams to patch them, underscoring a growing gap in cybersecurity defenses.
How Project Glasswing works
Project Glasswing uses a custom AI model trained to scan code for security weaknesses. According to Anthropic, the tool can identify bugs and misconfigurations in hours that would take human reviewers weeks or months. The 10,000-plus vulnerabilities were discovered across a range of software projects, though the company did not disclose which specific applications or vendors were affected.
The patching bottleneck
The rapid detection rate creates a new problem: humans can't keep up. Once a vulnerability is found, it still requires manual verification, prioritization, and a fix. With thousands of flaws piling up faster than developers can address them, the security industry faces what Anthropic calls an urgent need for scalable solutions. The company suggests that automation must extend beyond detection into triage and remediation.
Why scale matters now
Traditional vulnerability scanning often misses subtle or context-dependent flaws. Project Glasswing's AI, by contrast, analyzes code holistically and catches issues that static analysis tools might overlook. But without a matching speed-up in patching, the discoveries risk becoming a backlog rather than a safety net. Cybersecurity experts note that unpatched vulnerabilities are a primary entry point for attackers, and the window for exploitation is shrinking as AI accelerates both offense and defense.
Anthropic hasn't released details on how it plans to address the patching gap. The company says it is exploring partnerships with software vendors and security firms to integrate its detection outputs into existing workflows. For now, the 10,000 vulnerabilities remain a stark reminder that AI's ability to find problems has outpaced the industry's capacity to fix them.
