Daily News · 4 min read

Anthropic AI Updates: May 23, 2026

anthropic claude claude-code security finance customers glasswing

1. Project Glasswing surfaces 10,000+ critical vulnerabilities in its first month, with 90.6% true-positive rate

Anthropic. An initial update on Project Glasswing reports that roughly 50 partner organizations have used the program’s Mythos Preview model to discover more than ten thousand high- or critical-severity vulnerabilities across systemically important software in the first month, with Cloudflare alone finding 2,000 bugs. An open-source sweep across more than 1,000 projects flagged 6,202 estimated high- or critical-severity issues at an independently assessed 90.6 percent true-positive rate, while Mozilla reported 271 vulnerabilities in Firefox (10x prior models) and the UK AI Security Institute called Mythos Preview the first model to solve their cyber range simulations end to end. Anthropic warns that the binding constraint has now shifted from discovery to human verification and patching, with severe bugs averaging two weeks to remediate. Source

2. Anthropic’s finance team says Claude Cowork reclaims 10 to 20 hours a week per analyst

Anthropic. Corporate finance team member Alice Fong details how Anthropic’s CFO organization uses Claude Cowork for quarterly board deck preparation (cross-slide number and narrative reconciliation as figures refresh), monthly variance commentary in an established house voice, and Claude for Excel for tracing references across tabs and diagnosing structural model issues, freeing “10 to 20 hours a week for higher-impact work.” Other functions across the org run Cowork plugins for interactive forecasting dashboards (Finance and Strategy), GL-to-subledger reconciliations (Accounting), acquisition screening reports (Corporate Development), and transfer pricing and tax questions (Tax and Treasury). Fong frames the shift as Claude holding “the integrity layer underneath the work” so analysts can focus on forward-looking judgment. Source

3. Brainlabs rolls Claude Cowork out to 1,000 marketers in four weeks with 400 employee-authored skills

Anthropic. Media agency Brainlabs deployed Claude Cowork to approximately 1,000 employees in roughly four weeks, hitting 91 percent adoption in North America, and during that window employees authored about 400 skills covering deck building, client reporting, SEO audits, and other workflow steps. The team stores its skill library in Notion alongside existing knowledge bases with GitHub as the revision system, and built a Claude-powered “skills auditor” — itself a skill — that scans the library for duplication and consolidation opportunities. Brainlabs’ CEO says SEO audit quality is now consistent across the firm via one refined skill rather than varying by strategist, freeing analysts to focus on “judgement, prioritization, and client strategy instead of mechanical assembly.” Source

4. ChatPlace doubles users with a tiered Sonnet/Haiku/Opus stack behind its Virale content agent

Anthropic. Creator-marketing startup ChatPlace built Virale, an AI agent that handles Instagram niche research, scriptwriting, image generation, chatbot creation, and publication, on a tiered architecture using Claude Sonnet 4.6 for primary content generation, Claude Haiku 4.5 for sub-agents and intent routing, and Claude Opus 4.7 for complex reasoning. Following Virale’s launch, ChatPlace’s user base doubled — including reactivation of previously churned users — and active creators report saving 15 to 20 hours per week across content production and DM management, with 15 to 40 percent revenue lifts attributed to faster lead response and more consistent posting. ChatPlace picked Claude after blind comparisons in which “nine out of ten users preferred Claude’s responses” and reports a roughly 3x internal engineering velocity gain from using Claude Code for its own platform. Source

5. Claude Code 2.1.149 adds per-category /usage breakdown, keyboard /diff navigation, and GFM task-list rendering

Anthropic. Claude Code v2.1.149, tagged 2026-05-22, adds a per-category breakdown in /usage that splits cost by skills, subagents, plugins, and per-MCP-server; keyboard navigation for the /diff detail view with arrows, j/k, PgUp/PgDn, Space, and Home/End; GitHub-flavored Markdown task list checkbox rendering for - [ ] and - [x] items; and a new enterprise managed setting allowAllClaudeAiMcps that loads claude.ai cloud MCP connectors alongside managed-mcp.json. The release also fixes a PowerShell permission-bypass where built-in cd functions could change directory undetected, a sandbox write allowlist regression that incorrectly covered the entire main repo from inside git worktrees, PowerShell prefix and wildcard allow rules failing to pre-approve native executables, and find exhausting the macOS file/vnode table on large trees. A hotfix v2.1.148 earlier the same day repaired a v2.1.147 regression where the Bash tool returned exit code 127 on every command for some users. Source