Project Glasswing Finds 56% of AI-Linked Attackers Reached Medium Risk or Higher
Updated
Updated · Anthropic · Jun 2
Project Glasswing Finds 56% of AI-Linked Attackers Reached Medium Risk or Higher
3 articles · Updated · Anthropic · Jun 2
Summary
832 banned accounts analyzed from March 2025 to March 2026 showed AI use is raising cyber risk: the share rated medium risk or higher climbed to 56% in the second half from 33% earlier.
560 of the 832 accounts—67.3%—used AI to prepare attacks such as writing malware, while 54 actors, or 6.5%, used it for lateral movement inside compromised networks.
AI use is also shifting deeper into intrusions: account discovery rose 8.9% while AI-assisted phishing fell 8.6%, suggesting less-skilled actors can now perform post-compromise tasks once reserved for more advanced operators.
The report says traditional measures such as technique counts or interface used no longer reliably indicate danger, because low-skill actors averaged about 16 techniques versus 20 for the most skilled.
Project Glasswing says MITRE ATT&CK does not yet capture agentic orchestration behaviors seen in a disrupted November 2025 espionage case, and Anthropic is adding safeguards while discussing framework updates with MITRE.
Hackers now use AI to autonomously find critical software flaws. Who is winning the AI arms race?
With AI automating cyberattacks, are human defenders and traditional security playbooks now obsolete?
When an autonomous AI agent causes a catastrophic data breach, who is legally responsible?
Project Glasswing Uncovers 10,000+ Critical Vulnerabilities: How AI Is Reshaping Cybersecurity and Triggering a Patch Gap Crisis
Overview
Project Glasswing, launched in April 2026 with around 50 organizations, quickly saw strong engagement as members adopted the Mythos Preview AI at scale. This rapid adoption enabled partners to share crucial information and best practices, while also working with third parties to efficiently triage the AI’s findings. The swift and coordinated response to newly identified threats highlights the urgent need for proactive cybersecurity measures. Project Glasswing’s rapid deployment and immediate triaging efforts suggest that significant vulnerabilities were discovered, demonstrating the power of collaboration and advanced AI in addressing evolving cyber risks.