Anthropic Expands Project Glasswing as Claude Mythos Preview Reaches 150 More Organizations

Anthropic is expanding Project Glasswing, its AI-focused cybersecurity program, to approximately 150 additional organizations across more than 15 countries. The move gives more vetted partners access to Claude Mythos Preview, an unreleased frontier model designed to help find and fix serious software vulnerabilities.

The expansion follows the first phase of Project Glasswing, which started in April with roughly 50 partners. Anthropic says the new group includes organizations in power, water, healthcare, communications, hardware, and other sectors that were not heavily represented in the first cohort.

Anthropic said in its Project Glasswing expansion announcement that each new organization must meet its security requirements before gaining access. The company is limiting access because Claude Mythos Preview can help defenders find vulnerabilities, but similar capabilities could also help attackers if released without strong safeguards.

Why Anthropic Is Expanding Project Glasswing

Project Glasswing aims to help critical software providers detect vulnerabilities before increasingly capable AI models become widely available. Anthropic says many of the new partners maintain codebases used by other organizations, including governments, which raises the broader security impact of their software.

The company estimates that for most Project Glasswing partners, a major cyberattack on their codebase could affect more than 100 million people. That makes the program more than a private AI testing effort. It also gives governments, infrastructure providers, and software vendors a controlled way to prepare for a faster vulnerability discovery environment.

Anthropic’s initial Project Glasswing update said its roughly 50 first partners had already used Claude Mythos Preview to find more than 10,000 high- or critical-severity security flaws. The company said the challenge is shifting from finding bugs to verifying, disclosing, patching, and deploying fixes quickly.

Key Project Glasswing Expansion Details

Item	Details
Program	Project Glasswing
Model	Claude Mythos Preview
New partners	Approximately 150 additional organizations
Total partner base	Roughly 200 organizations after the expansion
Countries covered	More than 15 countries
Newly emphasized sectors	Power, water, healthcare, communications, and hardware
Initial results	More than 10,000 high- or critical-severity flaws found by early partners
Access model	Restricted to organizations that meet Anthropic’s security requirements

What Claude Mythos Preview Can Do for Defenders

Claude Mythos Preview is not a normal public Claude release. Anthropic describes it as a powerful, unreleased frontier model with especially strong computer security capabilities. The company launched Project Glasswing after concluding that AI had reached a level where models could significantly improve vulnerability discovery.

Partners are using the model for more than scanning. Anthropic says some organizations now use Mythos Preview to write patches, run pre-release security checks, simulate penetration testing, automate threat detection and response, and help rebuild legacy codebases in memory-safe languages.

Those use cases show why the expansion matters. If AI can find serious bugs faster than human teams can process them, organizations need new workflows for triage, disclosure, patch review, and deployment.

How the Program Connects to Claude Security

Anthropic is also making some defensive capabilities available outside the Project Glasswing partner list. Its Claude Security product is available in public beta for Claude Enterprise customers and can scan codebases, validate findings, and suggest patches for human review.

Claude Security is not the same as unrestricted Mythos Preview access. It gives more organizations a way to apply AI to code security while keeping review and approval in the hands of security teams.

The product focuses on workflows that teams already use, including vulnerability findings, patch suggestions, exports, scheduled scans, and integrations with tools such as ticketing or messaging systems. Anthropic’s Claude Security page says every suggested patch still requires human approval.

Open-Source Software Remains a Major Focus

Anthropic says open-source software creates one of the hardest scaling problems for AI-assisted security. Many critical projects are maintained by small teams that already face a growing load of vulnerability reports, including low-quality AI-generated submissions.

In its Project Glasswing research update, Anthropic said Mythos Preview had scanned more than 1,000 open-source projects and estimated thousands of high- or critical-severity findings. It also said independent security firms helped assess a subset of those findings.

The company said it is working with third parties to scale vulnerability review and patching in open-source software. It also wants clearer best practices for reporting AI-discovered issues to maintainers so they can triage and fix problems without being overwhelmed.

Why Anthropic Is Keeping Mythos Preview Restricted

Anthropic says models with Mythos-level cyber capabilities could become more common within six to 12 months. That timeline creates pressure for defenders to adapt quickly, but it also raises the risk that similar models could help attackers discover and exploit vulnerabilities at scale.

For that reason, Anthropic is not making Mythos Preview generally available yet. The company says robust safeguards for preventing misuse remain an unsolved challenge across the AI industry.

The Anthropic announcement says the company wants to move toward general access for Mythos-level capabilities, but only with stronger protections. Until then, it plans to expand Project Glasswing and its Cyber Verification Program for specific defensive tasks.

What This Means for Cybersecurity Teams

Project Glasswing points to a practical shift in software security. Teams may soon find more serious vulnerabilities than they can manually verify and patch. That means security programs need stronger prioritization, better coordination with engineering teams, and faster patch deployment processes.

• Organizations should prepare for higher volumes of AI-discovered vulnerability reports.
• Security teams need clear rules for validating AI findings before filing bugs.
• Engineering teams should define patch review workflows before emergency volumes rise.
• Open-source maintainers need reporting standards that reduce noisy submissions.
• Critical infrastructure operators should treat software supply chain risk as a board-level issue.

The long-term goal is not only faster bug discovery. Anthropic wants AI to support the full security cycle, including finding, verifying, disclosing, fixing, and deploying patches. The company argues that this broader workflow will matter more as AI tools become stronger and cheaper.

FAQ