Anthropic launches Project Glasswing cybersecurity initiative, gives Nvidia, Google, Apple, and Microsoft access to Claude Mythos Preview
The restricted AI model can autonomously find critical vulnerabilities across major operating systems and browsers — and Anthropic is keeping it locked away from the public for safety reasons.
Anthropic announced Project Glasswing on April 7, a cybersecurity initiative that gives a select group of major technology companies and financial institutions private access to Claude Mythos Preview — a powerful AI model the company has developed specifically to find and exploit software vulnerabilities. Partners including Google, Amazon Web Services, Apple, Microsoft, JPMorgan, Broadcom, Cisco, and Palo Alto Networks, along with approximately 40 other organizations that develop or maintain critical software infrastructure, will use the model to examine their systems for security flaws with minimal human oversight.
The capabilities of Mythos Preview are striking by current benchmarks. Anthropic's blog post stated that in recent weeks the model identified "thousands of high-severity" vulnerabilities, including across all major operating systems and web browsers, in many cases without human involvement.
Newton Cheng, who leads the cyber division of Anthropic's frontier red team, told The Verge that the model is designed to give defenders a significant edge against malicious actors — but acknowledged that its offensive potential is also the reason Anthropic is keeping it under strict access controls.
Anthropic is subsidizing initial use of Mythos Preview through up to $100 million in usage credits to Glasswing partners, plus $4 million in direct contributions to the Linux Foundation and the Open Source Security Foundation. The company said it is also in ongoing discussions with U.S. government officials about the model's offensive and defensive capabilities.
The existence of Mythos Preview had already leaked via a data breach attributed to a human error by an Anthropic contractor, making Monday's announcement partially a formalization of a model whose existence was already known. Anthropic's head of product management, Dianne Penn, said the company was "taking steps to solidify our processes" following the incident, which she confirmed was not linked to any software vulnerability.
Read the original reporting at The Verge.
