Inflection Point — April 2026

entityOS Security

The internet must
become closed.

Project Glasswing confirmed what many have suspected: AI has crossed a threshold where it can find and exploit vulnerabilities in every major operating system and browser — autonomously, at scale. The open, anonymous internet is no longer a viable foundation for critical software. The answer is cryptographic identity for every connection, every actor, every request.

Read the Case See the Architecture

Catalyst Project Glasswing

Vulnerabilities Found Thousands, zero-day

Systems Affected Every major OS + browser

entityOS Response Stage 1 → 2 → 3

Listen — Defending Networks Against Autonomous AI Hackers

Scroll Down

The Inflection Point

AI can now outcode your best security engineers.

In April 2026, Anthropic's Project Glasswing announced that Claude Mythos Preview — a frontier AI model — had autonomously found thousands of critical zero-day vulnerabilities across every major operating system and web browser. Some had survived decades of human review and millions of automated security tests. This is the threshold moment: the cost of finding and exploiting software vulnerabilities has collapsed.

Threshold Crossed

Frontier AI has reached a level where it surpasses all but the most skilled humans at finding and exploiting software vulnerabilities — and the capability is proliferating rapidly.

No System Is Safe

Every major OS, every major browser, every significant piece of infrastructure contains flaws. The question is no longer whether vulnerabilities exist — it is who finds them first.

Decades-Old Bugs Found

Mythos Preview found a 27-year-old flaw in OpenBSD and a 16-year-old bug in FFmpeg that had survived five million automated test runs. Human review timescales are no longer adequate.

Fully Autonomous

The model identified nearly all vulnerabilities and developed many exploits entirely without human steering. No operator fatigue. No oversight gaps. Constant, scalable attack surface scanning.

"AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities... The fallout — for economies, public safety, and national security — could be severe."

Anthropic — Project Glasswing, April 2026

The Core Problem

The open internet was built for trust. That era is over.

The internet's foundational assumption — that anonymous connections should be permitted until proven harmful — made sense when attacking systems required rare human expertise. It does not make sense when AI can scan, find, and exploit vulnerabilities at machine speed and scale.

The Open Internet (Current Default)

Anonymous by design

Any IP can reach any service — identity is optional
Attackers are indistinguishable from legitimate users until after the breach
Vulnerability scanning can be performed from any location, continuously
AI tools can autonomously probe millions of endpoints at zero marginal cost
Defender response time measured in days; attacker exploitation time now in minutes

Viable when attackers were few and slow. Not viable when attackers are AI.

The Closed Internet (Required Future)

Identity-first by default

Every connection presents cryptographic proof of identity before any data flows
Unidentified actors cannot reach services — the attack surface is closed by default
Every request carries a verified workload identity tied to a specific entity
AI-driven scanning hits a wall at the identity boundary — no cert, no connection
Breach blast radius is bounded: identity revocation is immediate and propagating

Viable at scale with mTLS and cryptographic identity infrastructure.

~$500B Estimated annual global cost of cybercrime — before AI-augmented attacks scale

83.1% Claude Mythos Preview score on CyberGym vulnerability reproduction benchmark

27 yrs Age of the oldest vulnerability found by Mythos Preview — in one of the world's most security-hardened operating systems

Project Glasswing

What the AI already found.

Three examples from Anthropic's Frontier Red Team that illustrate why the old security model cannot hold. Each represents a class of vulnerability that AI will now find routinely — in your systems, before your team does.

27 yrs OpenBSD — Firewall OS

Remote crash, no authentication

A vulnerability that allowed an attacker to remotely crash any machine running OpenBSD — used to run firewalls and critical infrastructure — simply by connecting to it. Survived 27 years of expert human review.

16 yrs FFmpeg — Universal Video Stack

Five million automated tests. Never caught.

A flaw in a single line of code in FFmpeg — used by innumerable pieces of software to handle video — that automated testing tools had hit five million times without ever detecting it. Mythos Preview found it immediately.

0-day Linux Kernel — World's Servers

Chained vulnerabilities → root access

The model autonomously found and chained together multiple vulnerabilities in the Linux kernel — escalating from ordinary user access to complete control of the machine. No human steering required.

CyberGym Benchmark — Cybersecurity Vulnerability Reproduction

Claude Mythos Preview

83.1%

Claude Opus 4.6

66.6%

The Defender's Response

Same capability. Opposite direction.

The same AI capabilities that make attacks more potent make defences more powerful. Project Glasswing is proof: AI used proactively found and patched thousands of flaws before attackers could exploit them. The answer is not to slow AI — it is to point it in the right direction, behind cryptographic identity walls.

Proactive Defence

Scan your own systems first

The Glasswing coalition — AWS, Apple, Cisco, Google, Microsoft, NVIDIA and others — is using Mythos Preview to find and patch vulnerabilities in their own codebases before adversaries can exploit them. This is the correct use of AI-augmented cyber capability: defender advantage through speed.

Identity Walls

Close the attack surface

AI-driven attack tools can only exploit what they can reach. Cryptographic identity — enforced via IP allowlisting and mTLS — closes the attack surface before the scan can begin. A service that requires a certificate cannot be reached by an anonymous AI probe.

Continuous Rotation

Short-lived credentials everywhere

When AI can find and exploit a vulnerability in hours, long-lived credentials become liabilities. Short-lived credentials — rotated automatically every 1–24 hours — limit the window of exposure for any credential compromise to hours, not months.

The entityOS Architecture

Building the closed internet, layer by layer.

entityOS Security implements the closed internet in three progressive stages — each adding a deeper layer of cryptographic identity that AI-driven attacks cannot bypass.

STAGE 01 IP Allowlisting Close the network perimeter. Deny all by default — permit only known, trusted source IPs and CIDRs. Eliminates public exposure for private services and stops anonymous AI scanners at the network boundary. Fast to deploy; the essential first layer. Read Guide →

STAGE 02 mTLS + X.509 Identity Add cryptographic identity to every connection. Every caller must present a certificate signed by your CA — anonymous connections are rejected before any application logic is touched. Even actors inside the network boundary must prove who they are, not just where they are. Read Guide →

What This Means For You

Every entity is now a target. Every entity needs identity.

The Glasswing threshold does not only affect large technology companies. Any organisation running software — which is every organisation — is now operating in an environment where AI-augmented attackers can find and exploit vulnerabilities at a scale and speed that human security teams cannot match.

Organisations

Your software surface is larger than you think

Every internal API, every cloud service, every third-party integration is a potential entry point. AI tools do not discriminate by organisation size — they scan everything reachable. The immediate priority is to make your services unreachable to anonymous callers.

Deploy IP allowlisting on all internal services today

Begin PKI planning — choose your CA before you need it

Use AI for proactive vulnerability scanning of your own code

DAOs & Collectives

On-chain identity is not enough — connections need identity too

Blockchain-based identity provides strong proof of ownership and governance rights. But the network connections between wallets, nodes, and APIs are still exposed to the open internet threat model. On-chain identity must extend to mTLS-protected service connections and KERI-anchored communication channels.

Protect node APIs with IP allowlisting and mTLS

Bind KERI AIDs to service certificates for end-to-end identity

Audit smart contract interfaces for anonymous reachability

Developers

The security model changes when your tools can find what you cannot

AI-assisted development generates code faster than human review can evaluate it. AI-assisted security scanning can now audit that code more thoroughly than any human team. The two must be paired: every codebase that uses AI to build must also use AI to secure — and the resulting software must run behind cryptographic identity walls.

Run AI vulnerability scanning on every PR, not just releases

Design services to require mTLS from day one, not as retrofit

Use entityOS cert-manager patterns for automated rotation

Individuals

Personal digital identity is not optional in the closed internet

The closed internet requires every actor to carry cryptographic identity — not just organisations and services. Individuals will need portable, self-sovereign identity credentials to participate in a system that requires proof of who they are at every connection. KERI-based self-certifying identifiers provide the foundation for individual digital identity that is independent of any central authority.

Establish a KERI AID as your foundational digital identity

Issue device-bound certificates for all your personal services

Move personal data to entityOS-managed closed infrastructure

The Imperative

The open internet had a good run.
The closed internet starts now.

Project Glasswing is not a warning about the future. It is a description of the present. The transition to cryptographic identity for every connection is not a long-term aspiration — it is an immediate operational requirement.

entityOS Position

The appropriate response to the Glasswing moment is to accelerate, not wait. Stage 1 — IP allowlisting — can be deployed today. Stage 2 — mTLS with X.509 identity — should be in planning this quarter. The organisations that move now will be the ones that maintain a defender advantage as AI capabilities continue to advance.

Stage 1 — IP Allowlisting Stage 2 — mTLS + X.509 Project Glasswing

The internet mustbecome closed.