Anthropic has announced Project Glasswing, a cybersecurity initiative that combines a yet-to-be-released cutting-edge AI model – Claude Mythos Preview – with a coalition of twelve major technology and finance companies. It will be one of the industry’s largest efforts in cybersecurity, in an effort to find and fix software vulnerabilities in the world’s most critical infrastructure before adversaries can exploit them.
Project Glasswing has curious motivations. Anthropic ensures that its most powerful cyber AI model it’s too dangerous to publish and hence the focus has changed towards an ambitious and community project that has the objective of controlling its scope. The initiative brings back to the foreground today one of the great challenges of the current technology industry, AI and cybersecurity, and the role of AI in cyberattacks, allowing malicious campaigns that are increasingly more advanced, cheaper and more accessible.
Among the partners for the launch of the projectinclude large organizations such as Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic says it has also expanded access to more than 40 additional organizations that develop or maintain critical software, and is committing up to $100 million in usage credits for Claude Mythos Preview across the initiative, along with $4 million in direct donations to open source security organizations.
The announcement comes at a time of great momentum – and great scrutiny – for the Californian AI startup. The company announced last weekend that its annualized revenue rate has surpassed 30 billion dollars (compared to $9 billion at the end of 2025) and that the number of business customers spending more than $1 million a year now exceeds 1,000, doubling in less than two months. The company simultaneously announced a multi-gigawatt computing deal with Google and Broadcom. Bloomberg reported that Anthropic had hired a top Microsoft executive, Eric Boyd, to lead its infrastructure expansion.
Proyecto Glasswing
The initiative is categorically different from a revenue milestone or computing agreement. It is Anthropic’s most ambitious attempt to transform cutting-edge AI capabilities – capabilities that, as we said, the company itself describes as dangerous – into a defensive advantage before those same capabilities are extended to hostile actors.
At the center of the project is Claude Mythos Preview, a general-purpose scanning model that Anthropic says has already identified thousands of high-severity zero-day vulnerabilities—flaws previously unknown to software developers—across all major operating systems and web browsers, along with a variety of other critical software.
Therefore the startup will not make the model available to the public in general. “We do not plan to make the preview version of Claude Mythos available to the general public due to its cybersecurity capabilities”said Newton Cheng, head of Anthropic’s Frontier Red Team cybersecurity team, in an interview with VentureBeat. “However, given the pace of AI advancement, it will not be long before such capabilities spread, possibly beyond the actors committed to their safe implementation. The consequences for the economy, public safety and national security could be serious«.
This statement is striking coming from the company that created the model and brings up the criticism of some analysts for the lack of control of large artificial intelligence models. Anthropic argues, in essence, that the tool it created is powerful enough to transform the cybersecurity landscape, and that the only thing responsible is to keep it restricted, giving defense systems at least a head start.
The technical results reinforce this statement. According to the press release, Mythos Preview managed to find thousands of vulnerabilities and develop numerous related exploits, completely autonomously and without human intervention. Anthropic has revealed some of them in the OpenBSD operating system, in the FFmpeg video library and even in the Linux kernel. The three vulnerabilities have been notified to the corresponding authorities and have already been corrected, but many more remain.
How to manage 0-Days
Finding thousands of zero-day vulnerabilities at once sounds impressive. However, managing them responsibly is a logistical nightmareand one of the harshest criticisms security researchers have raised about AI vulnerability discovery. Flooding open source software maintainers, many of whom are unpaid volunteers, with an avalanche of critical bug reports could do more harm than good.
Anthropic has created a specific classification system to manage this issue. They will be classified first and then the most serious ones will be sent to professional human evaluators hired to assist in the disclosure process, manually validating each bug report before sending it. This system is designed to avoid precisely the scenario that maintainers fear most: an automatic avalanche of unverified reports.
Once Anthropic has access to the source code, the company aims to include a candidate patch in each report, tagged by its provenance (meaning the maintainer knows the patch was written or reviewed by a model), and offers to collaborate on a production-quality fix, since the Project Glasswing model can also write patches that will be subject to the same scrutiny.
Regarding disclosure timelines, Anthropic claims to follow a coordinated framework with its partners for vulnerability disclosure. Once a patch is available, the company usually waits 45 days before publishing all technical detailsthus giving vendors time to implement the solution before information about the exploit becomes public.
How to improve trust in AI… and in the companies that manage it
The irony of a company claiming to have built the most capable cyber model ever created, while simultaneously suffering a series of embarrassing security flawshas not gone unnoticed by observers. In late March, a draft of a blog post about Mythos was left in a public, unprotected data repository, a CMS misconfiguration that exposed approximately 3,000 internal resources, including what appeared to be strategic plans for the model’s launch.
Days later, on March 31, anyone running npm install on Claude Code downloaded the entire original Anthropic source code (512,000 lines) for approximately three hours due to a packaging error, an incident that attracted a lot of attention in the developer community.
When asked why partners and governments should trust Anthropic as a custodian of a model the company says has unprecedented cyber capabilities, his executives were blunt: ““Security is fundamental to the way we develop and distribute and the bugs discussed were human errors in the publishing tools, not flaws in our security architecture.” The startup says it has implemented changes to prevent these cases from happening again.
Partners of the Glasswing Project
The breadth of the coalition is notable. It includes direct competitors, along with leading cybersecurity companies, financial institutions, and the head of the world’s largest open source ecosystem, the Linux Foundation. Additionally, several partners have been testing the Mythos Preview model on their own infrastructure for weeks.
Necessity achieves union. CrowdStrike CTO Elia Zaitsev described the initiative in terms of reducing timelines: «The time between the discovery of a vulnerability and its exploitation by an adversary has been drastically reduced; “What used to take months now happens in minutes thanks to AI.”.
AWS Vice President and CISO Amy Herzog said her teams have already been testing Mythos Preview on critical codebases, where the model “it is already helping us strengthen our code”. For his part, Microsoft’s global CISO, Igor Tsyganskiy, pointed out that, when tested with CTI-REALM, Microsoft’s open source security benchmark, «Claude Mythos Preview showed substantial improvements compared to previous models».
Perhaps the most telling comment came from Jim Zemlin, executive director of the Linux Foundation, who pointed out the fundamental asymmetry that has plagued the security of open source software for decades: «In the past, security expertise has been a luxury reserved for organizations with large security teams. “Open source software maintainers, whose software underpins much of the world’s critical infrastructure, have historically been forced to resolve security issues on their own.” The Glasswing project, he stated, “offers a viable way to change this situation”.
Defense before attack
The biggest question Project Glasswing raises is not whether Mythos Preview capabilities are real—partner endorsements and patched vulnerabilities suggest they are—but how much time defenders really have before similar capabilities become available to adversaries.
The head of cybersecurity at Anthropic was sincere: “Cutting-edge AI capabilities are likely to advance substantially in the coming months. Given the pace of progress in AI, it will not be long before such capabilities spread, possibly beyond the actors committed to their safe implementation..
However, Project Glasswing seems like an important step to give defenders a lasting advantage in the next era of AI-driven cybersecurity. As the startup points out, the initiative is only a starting point. No organization can solve these cybersecurity problems alone. In the medium term, the company has proposed that an external independent body could be the ideal environment to continue working on large-scale cybersecurity projects.
Great AI models, such as Claude Mythos himself, have already demonstrated their ability to autonomously decipher systems that until now were considered the most secure on the planet. And, attention, Q-Day, the moment when a quantum computer will be able to decipher the cryptography that protects the entire corporate digital infrastructure, is scheduled for 2029. Coordination and union will be mandatory.
