Expanding Project Glasswing

Anthropic News · 2026-06-02

Anthropic expands Project Glasswing from roughly 50 to 200 partner organizations across critical infrastructure sectors in 15+ countries, using Claude Mythos Preview to scan codebases after initial partners already surfaced over 10,000 high- or critical-severity vulnerabilities.

Open original ↗

Appears in

AI as Attack Tool and Attack Target: May 2026 Cybersecurity Moment

Extraction

Topics: ai-cybersecurityvulnerability-scanningcritical-infrastructureclaude-mythosai-safety

Claims

Project Glasswing partners have already identified more than 10,000 high- or critical-severity security flaws using Claude Mythos Preview.
Anthropic is expanding the program to approximately 150 new organizations, reaching roughly 200 total partners across 15+ countries, covering power, water, healthcare, communications, and hardware sectors.
Within 6 to 12 months, Anthropic expects many other AI companies to have Mythos-class models and potentially release them without adequate misuse safeguards.
The current bottleneck in AI-assisted cybersecurity is verifying, disclosing, and patching vulnerabilities, not finding them.
Anthropic has released Claude Security, using frontier models like Claude Opus 4.8, for codebase scanning and patch suggestions available beyond the Glasswing program.

Key quotes

Cheap, fast AI models with powerful cyber capabilities are around the corner. We want Project Glasswing to spur institutions toward operating norms that reflect this reality.

Within 6 to 12 months, we expect that many other AI companies will have Mythos-class models, and they could release them without safeguards that prevent misuse.

If we're successful, we hope to enable a permanent advantage for defenders.