The AI That Can Break Into Your Software Has Been Built. Here's What's Happening About It.

If you run a business, you use software. Your phone runs software. Your accountant’s software talks to your bank’s software. Your website runs on software. That software has hidden doors in it — vulnerabilities that nobody knows about yet, not even the people who wrote it.

These hidden doors are found by security researchers, by criminal groups, and now by AI. A company called Anthropic has built an AI system powerful enough to find thousands of these hidden doors automatically, across every major piece of software in common use. It found thousands of them. Real doors. In real software.

Then it told the world: we’re not releasing this AI. We think it’s too dangerous.

That’s new. That’s worth understanding.

Why Would They Withhold Something Useful?

Finding hidden doors in software sounds like a good thing. Security teams do this all the time — it’s how software gets patched and made safer. So why would a company deliberately not release something that sounds useful?

Because not everyone who finds a hidden door uses it to fix it. Some people use hidden doors to break in.

Anthropic’s logic is this: if they release the AI publicly, they hand criminals an automated tool for finding and exploiting vulnerabilities at scale. Every business that uses any software is suddenly a target — not because criminals have gotten smarter, but because they’ve been given a master key. The window between a vulnerability being found and being fixed is the dangerous period. Releasing this AI would collapse that window to nothing.

So instead, Anthropic launched something called Project Glasswing. Think of it as an early-warning club for the good guys. About fifty large organisations — Microsoft, Apple, Google, Cisco, the banks, the security firms — get access to the AI. Their job: find the hidden doors, fix them, and push the patches out before anyone with malicious intent gets there.

Anthropic is putting real money behind this: up to $100 million in usage credits for the club members, plus $4 million in grants to open-source security groups who do the unglamorous work of actually writing and testing patches.

The stated goal is straightforward: give defenders a head start.

What This Means For Your Business

If you’re a plumber, a solicitor, a freelance designer, or a small retailer, you’re probably thinking: this sounds like something that happens to big companies, not to me.

It’s not. Here’s why it should matter:

Every business runs on software. Your till system, your email, your customer database, your website, your bookkeeping tool — all of it has hidden doors. Most of the time those doors stay hidden because nobody was looking hard enough. Now AI can look very hard indeed.

The hidden doors are being catalogued whether you like it or not. Anthropic’s AI found thousands of them. The organisations in Project Glasswing now have a list. So do the people who built it. That list exists. The question is who else has it, or will have it.

Your protection depends on large organisations patching faster. When a hidden door is found in the software running your web browser or your office router, Microsoft or Apple or whoever needs to release a fix. If Project Glasswing works as intended, those fixes arrive before criminals can exploit the same vulnerabilities. If it doesn’t keep pace, the window stays open.

This is the new normal for security. The most powerful AI yet built was considered dangerous enough that its creators refused to release it. That should tell you something about where the technology is. The days when a small business could get by with basic antivirus and an IT guy who occasionally looked at things are narrowing fast.

What You Can Actually Do

This isn’t a story with a clean ending. But there are things worth knowing:

Keep your software updated. This sounds obvious. It matters more now than it did two years ago. Updates often contain patches for exactly these kinds of hidden doors. When your phone or computer prompts you to update, the delay is a risk window. Make updating a normal habit, not something you defer.

Ask your suppliers the right questions. If you’re buying software or services — an e-commerce platform, a CRM, a bookkeeping tool — ask them how they handle security updates and whether they participate in coordinated disclosure programmes. If they don’t have a clear answer, that’s information.

Back up your data. If a vulnerability is exploited before a patch is available, the damage can be significant. Current, tested backups mean you can recover without paying a ransom or losing years of records.

Understand that this will keep happening. This is the first time an AI lab has publicly withheld a model for safety reasons. It won’t be the last. The technology will keep advancing. The gap between what the most powerful AI can do and what gets released publicly is a window that will narrow or widen depending on regulatory pressure, commercial incentives, and the choices these companies make. There’s no clean solution here — just an evolving landscape worth staying aware of.

The New York Times covered this on April 7th. Anthropic’s own documentation is worth reading. The story is still unfolding.

But the practical reality for a business owner today is simple: keep your systems updated, know who your suppliers are, and don’t assume the software you rely on is as solid as it looks from the outside. The hidden doors are real. The race to close them is happening now.