Anthropic Scales Project Glasswing: Claude Mythos Preview Now Reaches Critical Infrastructure Partners
Table of Contents
Expanding the Perimeter of AI Safety
Anthropic is widening the circle of organizations granted access to Claude Mythos, its latest frontier model designed with specialized capabilities in cybersecurity. In a move that signals a shift from general corporate testing to critical infrastructure defense, the company has invited approximately 150 additional organizations to join Project Glasswing.
When Project Glasswing first launched in early April, it functioned as a closed-door preview for a select group of roughly 50 partners. That initial cohort read like a directory of the modern cloud and hardware stack, including NVIDIA, Microsoft, Amazon, Broadcom, CrowdStrike, and Apple. The goal was to stress-test a model that Anthropic believes has reached a tipping point in coding capability—one where the AI can outperform the vast majority of human security researchers in identifying and exploiting software vulnerabilities.
The expansion of the project now targets a more diverse set of industries, moving beyond the Silicon Valley ecosystem into the foundational services that sustain national security. The new invitees span more than 15 countries and include public utilities—specifically power, water, and telecommunications providers—as well as large-scale healthcare systems.
The High Stakes of Autonomous Vulnerability Research
The strategic pivot toward utilities and healthcare is not coincidental. According to Anthropic, the common thread among these new partners is the scale of potential disaster should their codebases be breached. The company estimates that a successful major attack on many of these partners could impact more than 100 million people, creating ripple effects that transcend corporate loss and enter the realm of national security crises.
By granting these entities early access to Mythos, Anthropic is essentially providing a sophisticated, AI-driven “red team” tool. This allows these organizations to find and patch zero-day vulnerabilities before malicious actors—potentially using similar AI tools—can exploit them. However, the barrier to entry remains high; each organization must pass a rigorous security audit by Anthropic before the model is deployed within their environment.
The Tension Between Public Release and Global Risk
While the industry is eager for the capabilities Mythos offers, Anthropic is maintaining a cautious stance on a general public release. The company has stated it is working to deploy “highly robust safeguards” to prevent the model’s cyber-offensive capabilities from being weaponized. This creates a paradoxical tension: the more powerful the model is at finding bugs for defenders, the more dangerous it becomes if the same logic is used by adversaries.
This technical volatility has already spilled over into the political arena. In May, the existence of Claude Mythos reportedly influenced the Trump administration’s approach to AI regulation. Reports suggest the president was poised to sign an executive order establishing a federal framework for sharing AI-identified vulnerabilities with critical institutions before such models hit the open market. However, the signing ceremony was abruptly postponed, allegedly due to pushback from both the tech lobby and the president himself.
As Project Glasswing grows, the focus remains on whether a controlled preview can actually mitigate the systemic risks of AI-driven hacking, or if the gap between “safe” private use and “dangerous” public availability is too wide to bridge effectively.
