Anthropic said Tuesday it is expanding Project Glasswing to about 150 additional organizations in more than 15 countries, opening use of its restricted Claude Mythos Preview cybersecurity model. The expansion raises the defensive program from roughly 50 partners to about 200 after each new participant clears security requirements, the company stated. The new cohort spans power, water, healthcare, communications and hardware; Anthropic estimates that, for most partners, a major attack on their codebase could affect more than 100 million people.

Key Takeaways

AI-generated summary, reviewed by an editor. More on our AI guidelines.

Rollout moves beyond launch group

Anthropic launched Project Glasswing in April with named participants including Amazon Web Services, Apple, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks. The company also added more than 40 organizations that build or maintain critical software infrastructure. In the June 2 expansion, Anthropic wrote that many new participants are vendors, including companies and nonprofits, whose codebases are relied on by organizations around the world, including governments.

The wider rollout follows earlier federal testing of Mythos against Microsoft software and weeks of debate in Washington over federal review of cyber-capable models before public release. Reuters reported that Anthropic declined to identify the new organizations and, citing an Anthropic spokesperson, stated that the expansion includes government organizations.

Findings now outpace patching

Anthropic's initial Glasswing update stated that partners had found more than 10,000 high- or critical-severity security flaws since the April launch. In a separate open-source scan, Anthropic disclosed that Mythos flagged 6,202 high- or critical-rated potential vulnerabilities, with 1,752 assessed by independent security firms or by the company.

Anthropic framed verification, disclosure and patching as the bottleneck. It estimated that it had disclosed 530 high- or critical-severity bugs from the open-source process to maintainers, with 75 patched, 65 public advisories and another 827 confirmed vulnerabilities awaiting disclosure. The company put the average patch time for a high- or critical-severity bug found by Mythos at two weeks.

UK institute measured capability and limits

The United Kingdom's AI Security Institute (AISI) reported in April that Mythos Preview succeeded on expert-level capture-the-flag tasks 73% of the time. On "The Last Ones," a 32-step corporate-network attack simulation, the model finished end to end in 3 of 10 attempts and averaged 22 completed steps.

The institute also described limits to those results. Its evaluation ranges lacked active defenders, defensive tooling and penalties for actions that would trigger alerts. AISI noted that Mythos did not complete its operational-technology range called Cooling Tower, though that did not necessarily show the model was bad at operational-technology attacks; it got stuck on information-technology sections of the range.

Europe seeks a review role

Dark Reading quoted European Commission spokesperson Thomas Regnier on June 1 saying the Commission had held several productive meetings with Anthropic and welcomed potential future use by the European Union Agency for Cybersecurity, known as ENISA. The outlet reported that ENISA's terms were still under negotiation.

Anthropic says it plans to expand Project Glasswing again while it works on safeguards for a broader Mythos-class release. For outside observers, the open questions are whether Anthropic names any new participants, explains the security requirements and updates the patching data from its vulnerability-disclosure process.

Frequently Asked Questions

What is Project Glasswing?

Project Glasswing is Anthropic’s restricted cybersecurity program for using Claude Mythos Preview to find and help fix software vulnerabilities in critical systems.

How many organizations is Anthropic adding?

Anthropic says it is adding about 150 organizations in more than 15 countries, taking the program from roughly 50 partners to about 200.

What is Claude Mythos Preview?

Claude Mythos Preview is Anthropic’s restricted frontier model for cybersecurity work. Sources describe it as able to find and help exploit software vulnerabilities.

Why is the rollout restricted?

Anthropic says Mythos-class capabilities need stronger safeguards before broader release because the same tools can help defenders and attackers.

What did AISI find about Mythos?

The UK AI Security Institute reported strong cyber-test results, including 73% on expert CTF tasks, but said its ranges lacked active defenders and alert penalties.

AI-generated summary, reviewed by an editor. More on our AI guidelines.

Washington Wants Access. OpenAI Faces Numbers. Agents Need Boundaries.
San Francisco | Tuesday, May 5, 2026 Washington is relearning a word it tried to retire: review. The White House calls it model safety, but the sharper ask is first access, especially when a cyber-ca
The Implicator
The Government Wants Model Safety. It Also Wants First Access.
On Friday, April 17, Dario Amodei met White House chief of staff Susie Wiles and Treasury Secretary Scott Bessent to talk about a model his company would not release. Anthropic had limited Mythos to a
The Implicator
OpenAI Ships GPT-5.4-Cyber, Expands Trusted Access to Thousands of Defenders
OpenAI on Tuesday unveiled GPT-5.4-Cyber, a variant of its flagship model fine-tuned for defensive security work, and opened tiered access to thousands of verified defenders through its Trusted Access
The Implicator
AI News

San Francisco

Editor-in-Chief and founder of Implicator.ai. Former ARD correspondent and senior broadcast journalist with 10+ years covering tech. Writes daily briefings on policy and market developments. Based in San Francisco. E-mail: editor@implicator.ai