Notifications
Clear all
Topic starter
06/06/2026 2:34 am
TL;DR: Anthropic’s Project Glasswing shows a model finding zero-day vulnerabilities autonomously across production systems, with benchmark success jumping from 2 to 181 exploit completions and 29 register-control wins, according to WitnessAI’s analysis of Anthropic’s findings. The security problem is no longer discovery scarcity but governance for machine-speed exploitation, where runtime controls, AI visibility, and agent oversight become decisive.
NHIMG editorial — based on content published by WitnessAI: Anthropic’s Project Glasswing and the emerging AI security challenge
By the numbers:
- A 17-minute average window separates public AWS credential exposure from attacker access attempts, dropping to 9 minutes in some cases.
Questions worth separating out
Q: How should security teams govern AI systems that can act without human approval?
A: Security teams should govern autonomous AI the same way they govern other high-risk identities, but with runtime enforcement instead of periodic review.
Q: Why do autonomous AI systems create new identity governance risk?
A: Autonomous systems create identity risk because they can choose actions, select tools, and execute before a human can intervene.
Q: What do security teams get wrong about AI exploit discovery?
A: Teams often assume exploit discovery remains a scarce human activity, but the article shows machine-speed discovery and chaining across real software surfaces.
Practitioner guidance
- Inventory all AI-connected execution paths Map where models can read code, invoke tools, access repositories, or trigger downstream actions.
- Separate model visibility from model authority Do not let read access, write access, and action authority move together by default.
- Test runtime governance against autonomous behaviour Simulate a model that chains actions without waiting for a human checkpoint, then verify whether logging, containment, and revocation still work.
What's in the full analysis
WitnessAI's full article covers the operational detail this post intentionally leaves for the source:
- The exact benchmark comparisons between Mythos Preview and prior model generations across exploit-development tasks.
- The specific operating-system, browser, and library findings that illustrate how the model moved across attack surfaces.
- The vendor's breakdown of coalition participation, funding commitments, and early-access defensive research support.
- The article's practical framing for security teams evaluating runtime AI governance and deployment risk.
👉 Read WitnessAI’s analysis of Anthropic Project Glasswing and AI exploit discovery →
AI security governance is changing fast. Are your controls ready?
Explore further
06/06/2026 4:20 am
Autonomous vulnerability discovery collapses the scarcity assumption behind defensive security. For decades, security programmes assumed exploitable flaws were expensive to find and therefore reasonably scarce. This article shows that a model can independently locate and weaponise bugs across major software surfaces, which makes discovery cost a structural variable rather than a specialist skill. The implication is that defenders can no longer rely on attacker friction as a control.
A few things that frame the scale:
- 85% of organisations lack full visibility into third-party vendors connected via OAuth apps, with 38% having no or low visibility and 47% having only partial visibility, according to The State of Non-Human Identity Security.
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared with nearly 1 in 4 for securing human identities, which shows the confidence gap is already structural.
A question worth separating out:
Q: Which frameworks should organisations use for autonomous AI governance?
A: Use OWASP agentic and LLM guidance for application risk, NIST AI RMF for governance structure, and MITRE ATLAS for adversarial technique mapping. Then translate those frameworks into operational controls that restrict tool access, define approval boundaries, and produce auditable runtime evidence. Frameworks help classify the risk, but enforcement must happen in execution.
👉 Read our full editorial: AI vulnerability discovery is outpacing enterprise security controls
