On April 7, Anthropic announced Project Glasswing, a coalition of 12 major technology companies marshaling a new frontier artificial intelligence (AI) model to find and fix critical software vulnerabilities before attackers can exploit them. While the announcement is framed around technology infrastructure broadly, the implications for the power sector are immediate and serious. Partner posts from Amazon Web Services (AWS), Cisco, CrowdStrike, Microsoft, Palo Alto Networks, and the Linux Foundation reinforce the urgency—and offer concrete detail on what has changed. Here’s what energy leaders should take away and what to do about it.

Anthropic’s unreleased Claude Mythos Preview model has already discovered thousands of previously unknown zero-day vulnerabilities across every major operating system and browser. One flaw it found had survived 27 years in OpenBSD, a system widely used to run firewalls and critical infrastructure. Another sat undetected in FFmpeg code that automated tools had tested five million times. The model also chained together multiple Linux kernel vulnerabilities to escalate from ordinary user access to full machine control, exactly the kind of attack path that could compromise a utility’s supervisory control and data acquisition (SCADA), distributed control system (DCS), or energy management system (EMS) environments.

Read more in Power Magazine here.

The views and opinions expressed are those of the author’s and do not necessarily reflect the official policy or position of C3.