Glasswing enables Anthropic to gain the upper hand, and DeFi security mode faces a rewrite

Labs must pick a side on offensive AI

Anthropic is rolling out a Claude Mythos preview via Project Glasswing—this is not just a safety product, but an explicit public signal: AI can discover and exploit vulnerabilities at scale, and the real question is who gets it first and how they’ll use it.

• Anthropic teams up with Apple, Google, and Microsoft to do “coordinated patching,” shaping a responsible image. But the same capability can both find holes and punch holes.
• Mythos demonstrates how to chain-exploit a OpenBSD vulnerability from 27 years ago—what human researchers needed weeks to do is dramatically compressed.
• The public debate is clearly split: some believe AI will strengthen defense; security researchers (such as Alex Stamos) warn that open-source models will most likely reproduce these capabilities within 6 to 18 months. After the Solana Drift incident, it quickly rolled out a STRIDE validation plan, reflecting an industry shift from “audit + prayers” to “active verification.”

The core issue being overlooked: the industry is fixated on discussing grand AI risks, but it underestimates the network threats right in front of it. In reality, Anthropic has already commercialized defensive tooling; OpenAI hasn’t aligned in that direction yet; and Meta’s open-source strategy makes enterprise buyers more cautious about compliance and controllability.

• DeFi’s “transparency” is turning into a liability: when Mythos can conduct targeted probing of TLS and AES-GCM-type libraries at a marginal cost of under $50, protocols with a combined TVL of more than $200 billion need to reassess their security model.
• NEAR and RNDR jumped in the short term after the Glasswing message, but then faded; without actual AI security integration, chasing these coins is just buying a headline.
• A large-firm alliance helps Anthropic fortify its moat, while also increasing the difficulty for other labs and open-source paths to catch up.

The real variable isn’t the release itself, but the ripple effects

The claim that “Glasswing changes everything” is overstated—Anthropic hasn’t publicly released Mythos, so the direct impact is limited. The key is how the industry moves afterward:

• Solana’s rapid response (reported by Decrypt) shows that a single major signal is enough to push the ecosystem toward a new security paradigm;
• Oh secured $7.5 million in funding to develop a “de-censorship” model, reflecting the long-term tension between “control and openness”;
• Multiple security researchers give probabilities of 70% to 80%: within a year, competing models will match Mythos’s core capabilities. This means regulators will get involved eventually, but not ahead of the attack curve.

What it means for different participants:

• Investors: the opportunity isn’t in message-driven bounce-backs, but in AI security products that have already entered enterprise evaluation and procurement workflows;
• Builders: those who ignore the risks of “AI + security” integration will be eliminated—you need to plan ahead for on-chain/cross-chain capabilities that enable continuous validation and automated repair.

Conclusion: Glasswing gives Anthropic and other closed-model labs first-mover and narrative advantages in AI security; enterprises that complete defensive AI integration earlier are the ones that will benefit most; open-source projects and protocols that fall behind will keep getting left exposed.

• Significance：High
• Categories：Industry Trend, AI Safety, Partnership

Judgment： Research and deployments that get involved in “AI + DeFi security” are still in an early-stage value window. Builders and long-/mid-term funds benefit the most; short-term traders who only chase the headlines have already moved too late.