The First Real Counterattack

How Project Glasswing flips the AI security equation — and why it matters for every engineer alive A 27-year-old bug was sitting in OpenBSD. Not theoretical. Not a minor edge case. A high-severity zero-day, invisible to every security audit, every static analyzer, every fuzzer that had ever touched that codebase. For 27 years, it waited. Claude Mythos found it in a matter of hours. That single fact is all you need to understand why Anthropic just launched Project Glasswing — and why I think it's one of the most important things that happened in tech this year. The problem nobody wanted to say out loud For the last two years, the cybersecurity industry has been tiptoeing around an uncomfortable truth: AI is already better than almost any human at finding and exploiting vulnerabilities. Not eventually. Now. The window between vulnerability discovery and exploitation has collapsed. What used to take a skilled attacker months — reconnaissance, fuzzing, exploit development, chaining bugs —