Anthropic Scales Mythos to 150 New Partners as ‘Project Glasswing’ Targets Critical Infrastructure
Table of Contents
Bridging the Gap in Critical Infrastructure
Anthropic is aggressively widening the perimeter of Project Glasswing, announcing Tuesday that its Mythos model is now being deployed across 150 additional organizations in more than 15 countries. While the initial rollout focused heavily on the tech sector’s inner circle, this expansion signals a strategic pivot toward industries where software failures have immediate, physical-world consequences: power grids, water treatment facilities, healthcare systems, and telecommunications.
The move comes at a precarious moment for global cybersecurity. As the barrier to entry for sophisticated exploits drops due to generative AI, the demand for “defensive AI”—models capable of finding bugs before bad actors do—has skyrocketed. By integrating Mythos into the operational workflows of hardware and utility providers, Anthropic is attempting to prove that AI can act as a systemic shield rather than just a productivity tool.</n
However, access is not open-ended. Anthropic confirmed that all new partners must clear rigorous security screenings before gaining access to the model. This gated approach is a direct response to the inherent “dual-use” nature of Mythos; a model capable of finding a critical zero-day vulnerability in a water treatment plant’s software is, by definition, a tool that could be used to crash that same plant if it fell into the wrong hands.
The 10,000-Flaw Benchmark
The scale of the problem is becoming clearer as Project Glasswing matures. Since its inception, Anthropic reports that partners have uncovered more than 10,000 high or critical security flaws using the Mythos model. This volume of discovery underscores a sobering reality: the existing codebase of the modern world is riddled with vulnerabilities that human auditors have simply missed for decades.
The stakes are not merely corporate. Anthropic estimates that a single major coordinated cyber attack targeting these types of vulnerabilities could impact over 100 million people. This estimate provides the necessary context for why the White House has spent recent months in closed-door meetings with Big Tech executives and financial institutions, debating the guardrails for the deployment of models with advanced cybersecurity capabilities.
The coalition of partners already includes a who’s who of the silicon and security world, including Apple, Nvidia, Microsoft, CrowdStrike, and Palo Alto Networks. While Anthropic has declined to name the 150 new organizations joining the fold, the shift toward hardware and utility sectors suggests a move toward protecting the “hard” layer of the internet—the physical infrastructure that keeps cities running.
Timing the Market and the IPO
The timing of this expansion is likely not accidental. The news arrives just 24 hours after Anthropic announced that Mythos would be available within the European Union, navigating the complex regulatory waters of the EU AI Act. More significantly, the company has officially filed its IPO prospectus with the SEC.
By filing for an initial public offering, Anthropic is attempting to outpace OpenAI in a race for institutional legitimacy and capital. For potential investors, the success of Project Glasswing serves as a critical proof-of-concept. It transforms Anthropic from a company that simply builds a “better chatbot” into a fundamental layer of global security infrastructure.
The core challenge remaining is the trust deficit. Many cybersecurity experts have long warned that the capabilities of Mythos were already “out there” in the wild, and that formalizing them into a product could inadvertently provide a blueprint for attackers. Anthropic’s bet is that the speed of AI-driven defense can outrun the speed of AI-driven offense—a gamble that now extends to the very power and water systems that sustain the modern economy.
