Why is Glasswing still a big deal
VulnCheck’s findings reframe Glasswing’s capabilities. The limited number of directly attributable CVEs is just one way of measuring its impact. Industry observers are interpreting Mythos much differently.
Melissa Bischoping, a SANS Technology Institute board member and senior Director of security and product research at Tanium, thinks Mythos potential lies elsewhere. According to a breakdown of the Claude Mythos Preview System Card, which Bischoping and her colleagues at Tanium reviewed, the model achieved an unseen exploit success rate. “Jumping from near-zero success to ~72% on the same class of targets suggests exploit development is no longer a high-skill, high-effort bottleneck,“ she said, adding that it’s only a matter of time before every other model catches up.
While Mythos is being regulated under Glasswing, it has already shown the world what is possible. “The gap between frontier models and open-weight models has compressed from more than a year to a matter of weeks, which means this level of capability is poised to spread rapidly, likely without the same safety guardrails,” Bischoping noted.
