Project Glasswing: What Zero-Day Discovery at Scale Means for Your Data
What Anthropic Announced
On April 7, 2026, Anthropic announced Project Glasswing, a restricted cybersecurity initiative built around Claude Mythos Preview, their most advanced AI model. The model is not publicly available. Access is restricted to a coalition of launch partners and roughly 40 organizations that build or maintain critical infrastructure software.
The launch partners include AWS, Apple, Microsoft, Google, CrowdStrike, Palo Alto Networks, Cisco, Broadcom, JPMorganChase, and the Linux Foundation. Anthropic committed $100M in usage credits and $4M in direct donations to open-source security organizations.
Mythos Preview has already identified thousands of previously unknown zero-day vulnerabilities across every major operating system and every major web browser. In one case, a researcher using the model found a bug in OpenBSD that had been present for 27 years. The model chains multiple vulnerabilities together into exploits that no single flaw would enable on its own.
Anthropic warned senior U.S. government officials that the model makes large-scale cyberattacks significantly more likely this year. According to reporting by Fortune and CNBC, Anthropic has privately communicated to officials that this class of model capability will proliferate beyond actors committed to deploying it safely.
Why This Changes the Threat Landscape
Glasswing is a signal that AI has shifted the economics of attack. Cheap models, open weights, and commodity compute mean adversaries can now generate novel malware variants, automate lateral movement, and compress dwell times from months to weeks. No signature database stays current against this velocity of change.
Every product in the current enterprise security stack relies on one of two things: behavioral signals from a running system, or a known indicator such as a file hash or malware signature. AI-generated, zero-day attacks defeat both. There is no hash to match. There is no behavior pattern in any database. The attacker's tooling has never been seen before.
Zero-days are vulnerabilities, not malware. A zero-day is a flaw in software that the developer does not know about. What follows a zero-day exploit is malware, lateral movement, data staging, and ransomware. Those post-exploitation artifacts land in the data layer. That is where the damage is done, and that is where detection must happen.
The Gap No Security Stack Covers
Enterprise security stacks protect the perimeter, endpoints, identity, and network. None of them inspect the data itself. This is not a configuration problem. It is a structural gap in the architecture of enterprise security.
| Security Layer | What It Inspects | What It Misses |
|---|---|---|
| Perimeter (Firewall, WAF) | Inbound/outbound traffic | Threats already inside |
| Endpoint (EDR, XDR) | Running processes on live servers | Threats in snapshots and backups |
| Identity (IAM, PAM) | Access and privilege | Malware in data at rest |
| Network (NDR, SIEM) | Traffic patterns and logs | Ransomware in the data layer |
| Backup (Rubrik, Veeam, Cohesity) | Known malware hashes in own backups | Zero-days. Data they do not manage. |
| Data Layer (Elastio) | Every file across live, replicated, and backup data | -- |
The attacker exploits a zero-day to get in. Once inside, they deploy ransomware, stage data for exfiltration, and encrypt files. Every one of those post-exploitation actions writes artifacts into the data layer. EDR does not see them there. SIEM does not log them. Backup vendors copy the data without verifying whether it is clean.
If your security stack does not inspect the data itself, how do you know whether your backups are already compromised?
How Elastio Addresses This Gap
Elastio performs Deep File Inspection across live data, replicated data, and backup data. It inspects the actual content of every file in the data layer to find ransomware and malware that has already landed. It does not rely on signatures, known hashes, or behavioral inference.
- Inspects the data, not the perimeterElastio hunts inside the data layer where ransomware persists and where recovery is determined. No other security control reaches this surface.
- Finds zero-day ransomwareDeep File Inspection does not need a known indicator. It examines file content directly. It finds threats that have never been cataloged.
- Works across any data surfaceLive data, replicated data, and backups. Any storage platform. Any backup vendor. One inspection engine across the full estate.
- Identifies the last clean recovery pointWhen ransomware is found, Elastio traces backward to identify the last recovery point that is provably clean. No guessing. No manual inspection under incident pressure.
Deep File Inspection examines the actual content of every file. It does not infer from entropy changes or statistical anomalies. One inspects. One infers. The detection accuracy profiles are fundamentally different.
Why Glasswing Accelerates the Need for Data-Layer Inspection
The Glasswing relevance is not about the vulnerabilities themselves. It is about volume. When AI compresses the cost of discovering and exploiting zero-days, more enterprises will be dealing with post-exploitation activity that their current stack does not inspect.
Every security tool in the stack will continue to do its job at the perimeter, endpoint, and network layers. But the volume of novel threats reaching the data layer will increase. The question shifts from “Can we block the attack?” to “Can we find what it left behind and prove we can recover clean?”
That is the question Elastio exists to answer. The Hunt Engine inspects the data layer today, across live data, replicated data, and backups. As the zero-day supply expands, every enterprise will need a security control that operates where the attacker's work ultimately lands: inside the data.
Sources
[1] Anthropic, Project Glasswing: Securing critical software for the AI era, April 7, 2026
[2] Fortune, Anthropic is giving some firms early access to Claude Mythos, April 7, 2026
[3] CNBC, Anthropic limits Mythos AI rollout over fears hackers could use model for cyberattacks, April 7, 2026
[4] CyberScoop, Tech giants launch AI-powered Project Glasswing, April 7, 2026
[5] Simon Willison, Anthropic's Project Glasswing, April 7, 2026
See How Elastio Detects This
Find out whether your data layer is inspected and your recovery is provable.
Can you prove your recovery points are clean?
Your board will ask if you can recover clean. This checklist lets you answer with evidence.
