A FIELD REPORT FROM THE AGI COLD WAR

GLASSWING

The day defense became the moat.

APRIL 2026 · ACRA INSIGHT · CONTEXT JAMMING
I · THE 27-YEAR BUG

A machine found a flaw that outlived four presidents.

In the winter of 2026, a machine did something no human had done in twenty-seven years. It read a piece of software called OpenBSD — the operating system beloved by paranoid sysadmins and the people who run firewalls for nuclear facilities — and found, sitting inside its TCP stack, a flaw so elemental that two carefully shaped packets could knock the whole thing over.

The bug had been there since the Clinton administration. It had survived the dot-com crash, the rise of the smartphone, four presidents, and what one engineer estimated was probably five million automated fuzzing runs. The machine found it on its lunch break.

The compute bill came to less than fifty dollars.

$0
COMPUTE COST TO FIND IT
$0
TO FIND DOZENS MORE
0 YRS
AGE OF THE FFMPEG BUG FOUND NEXT
II · THE NINETY-X LEAP

THE 90× GENERATION

OPUS 4.6
0
WORKING FIREFOX EXPLOITS
MYTHOS
0
WORKING FIREFOX EXPLOITS
BENCHMARK
Δ
SWE-bench Pro
Opus 4.653.4%
Mythos77.8%
+24.4%
SWE-bench Verified
Opus 4.680.8%
Mythos93.9%
+13.1%
CyberGym (reproductions)
Opus 4.631.2%
Mythos82.4%
+51.2%
AISI Expert CTF
Opus 4.612%
Mythos73%
+61.0%

Not a scaling-law improvement. A phase transition.

III · CHAINING

VULNERABILITY CHAINING

MEDIUM · 01MEDIUM · 02MEDIUM · 03MEDIUM · 04FULL ROOT
  • 01Two minor Linux kernel bugs braided into a full root compromise in an afternoon.
  • 02Four medium-severity Firefox flaws composed into a Just-In-Time heap spray — escaping the renderer and the OS sandbox in a single chained maneuver.
  • 03An FFmpeg parsing quirk plus a codec invariant, chained to remote code execution.
In the world Mythos inhabits, there is no such thing as a low-severity bug.
IV · THE MARKET REACTS

THE SaaSPOCALYPSE

Two trillion dollars of enterprise value, exhaled.

01TRIThomson Reuters−18.0%
02RELXRELX (LexisNexis)−14.0%
03WKWolters Kluwer−13.0%
04IGVIGV · Software ETF−20.4%
05TEAMAtlassian−35.0%
06CRMSalesforce−28.0%
Goldman compared the trajectory of enterprise software stocks to American newspapers in the early 2000s — meaning the decline does not end until earnings have collapsed.
— Goldman Sachs, research note
V · TREASURY PANIC

The quiet meeting the public never saw.

On a Tuesday in early spring, Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell summoned the chief executives of America's largest banks to an emergency meeting.

The agenda did not concern interest rates or the yield curve. It concerned a single terrifying question — and the consensus answer, according to two people in the room, was "not enough."

IN THE ROOM
  • Brian Moynihan
    Bank of America
  • Jane Fraser
    Citigroup
  • David Solomon
    Goldman Sachs
  • Ted Pick
    Morgan Stanley
  • Charlie Scharf
    Wells Fargo
  • Jamie Dimon
    JPMorgan Chase
    via letter
AGENDA · SINGLE ITEM

CAN OUR DECADES-OLD MAINFRAMES SURVIVE A WEEKEND WITH MYTHOS?

VI · PROJECT GLASSWING

THE TWELVE

A gated, curated, almost feudal coalition of twelve launch partners — permitted to use Mythos for exclusively defensive purposes.

$100M model credits$4M direct grants$25 / 1M input tokens$125 / 1M output tokens

Conspicuously absent: the U.S. Department of Defense.

VII · THE PENTAGON FEUD

THE PENTAGON FEUD

  1. FEB 2026

    Hegseth calls Anthropic

    The Secretary of Defense tells Anthropic its model will be made available to the military "for all lawful purposes," including two the Constitution explicitly forbids: autonomous lethality and mass domestic surveillance. Anthropic says no.

  2. 3 MAR 2026

    Supply-chain designation

    Invoking 10 U.S.C. § 3252 — a statute normally reserved for hostile-nation telecom equipment — the DoD formally designates Anthropic a "Supply-Chain Risk to National Security." First time ever applied to an American firm.

  3. 9 MAR 2026

    Anthropic sues

    Filings in both the Northern District of California and the D.C. Circuit. First Amendment retaliation, Due Process, and APA claims.

  4. LATE MAR 2026

    Preliminary injunction

    A federal judge in San Francisco grants the injunction, noting the government's behavior looks like "classic First Amendment retaliation."

  5. ONGOING

    The case continues

    Fortune 500 CISOs, European data regulators, Swiss private banks, and Middle-Eastern sovereign wealth funds have chosen the vendor the Pentagon blacklisted.

VIII · THE MAP

THREE STRATEGIES

01

ANTHROPIC

CARTEL

02

OPENAI

DEMOCRACY

03

GOOGLE DEEPMIND

EMPIRE

VEHICLE
Project Glasswing · 12 gated partners
VEHICLE
Trusted Access for Cyber · thousands of users
VEHICLE
SAIF 2.0 · invisible default in Google Cloud
MODEL
Claude Mythos Preview
MODEL
GPT-5.4-Cyber
MODEL
Big Sleep · CodeMender
PHILOSOPHY
Centralize defense in a feudal coalition.
PHILOSOPHY
Democratize defense to vetted individuals and orgs.
PHILOSOPHY
Internalize defense into the cloud substrate itself.
MOAT
Trust. Indispensability. Refusal.
MOAT
Volume. Reach. Reverse-engineering advantage.
MOAT
Owning roughly a third of world cloud compute.
IX · THE AGENTIC SOC

WHAT THE CISO MUST DO NOW

Three pillars of the agentic SOC.

01

PREEMPTIVE INVALIDATION

Patches must run at machine speed.

Finding-to-fix is easier for an AI than finding-to-exploit. Triage committees are dead. Remediation must be continuous, automated, and instantaneous.

02

DYNAMIC OBFUSCATION

The map must expire before the chain completes.

Static defense-in-depth collapses against autonomous chain reasoning. Infrastructure must mutate — hyper-segmentation, ephemeral compute, continuous key rotation.

03

SYNTHETIC IDENTITY VALIDATION

Authorization is no longer the question.

The question is whether the entity in the session is human — or a synthetic agent three steps into a chained exploit. Behavioral telemetry recalibrated for AI cadence.

We thought we were building a conscience. It turned out we were also building a microscope.
— A researcher involved in the Mythos work

Teaching a machine to find the exact edge where a rule breaks is teaching it, in some very deep sense, to find the exact edge where anything breaks. The immune system was a side effect.

ACRA INSIGHT // CONTEXT JAMMING

DISPATCH № 013APRIL 2026
METHODOLOGY

Field reporting draws on Anthropic's Project Glasswing disclosures, the Claude Mythos Preview System Card, reporting from VentureBeat, the Guardian, the Washington Post, Lawfare, and SecurityBoulevard, and evaluations published by the UK AI Security Institute.

SOURCES
  • · Anthropic · Mythos Preview system card
  • · UK AI Security Institute · expert CTF protocol
  • · SWE-bench Pro / Verified · benchmark set
  • · CyberGym · vulnerability reproduction suite
  • · 10 U.S.C. § 3252 · supply-chain designation filings
Secure the human signal.
© ACRA INSIGHT · ALL RIGHTS RESERVED