Anthropic Expands Claude Mythos AI Preview to 1 Project Glasswing

Anthropic has significantly expanded the reach of Project Glasswing, its collaborative AI-driven cybersecurity initiative, extending Claude Mythos Preview to approximately 150 new organizations.

This expansion follows several weeks of close collaboration with existing partners, the broader security industry, open-source software maintainers, and the US government.

Project Glasswing was first announced in early April 2026, when roughly 50 initial partner organizations gained access to Claude Mythos Preview to scan their codebases for security vulnerabilities.

Those early partners collectively identified more than 10,000 high- or critical-severity security flaws, underscoring the raw detection power of Mythos-class AI models when applied to enterprise and infrastructure codebases.

The newly onboarded organizations span more than fifteen countries, with most providing critical infrastructure services that extend well beyond their home nations. Industries that were underrepresented in the initial cohort, including power, water, healthcare, communications, and hardware, are now integrated into the program.

A substantial portion of the new partners are vendors and nonprofits that maintain widely used codebases relied upon by other organizations globally, including national governments.

Anthropic’s assessment of risk is stark: for most Project Glasswing partners, a successful cyberattack on their codebase could affect more than 100 million people, with significant consequences for both global and national security. Each new organization must meet Anthropic’s security requirements before receiving access to models.

Claude Mythos Preview Capabilities

Beyond raw vulnerability detection, partners are now deploying Claude Mythos Preview across a broader range of defensive tasks. These include automated patch writing, pre-release security checks to prevent vulnerabilities from entering production, penetration testing simulations, threat detection and response automation, and rebuilding legacy codebases in memory-safe languages.

Mythos Preview also represents a critical warning signal for the industry. Anthropic estimates that within six to twelve months, competing AI companies will develop Mythos-class models, potentially releasing them without sufficient safeguards to prevent offensive misuse.

This timeline creates an urgent window for cyberdefenders to adapt their tooling and operational norms before the threat landscape shifts dramatically.

To help scale these defensive capabilities beyond Project Glasswing’s direct partners, Anthropic is releasing on request to trusted security teams the tools developed to support the program’s vulnerability detection workflows.

The company has also launched Claude Security, a product built on its frontier public models, including Claude Opus 4.8, designed to scan codebases and suggest patches for organizations outside the program.

Anthropic is also in active discussions with third parties to substantially scale up the review and patching of vulnerabilities in open-source software, including the development of standardized best practices for disclosing findings to open-source maintainers to streamline triage and remediation.

Anthropic acknowledges that hundreds of thousands of organizations will ultimately need access to Mythos-level capabilities to address the full scope of the coming threat environment.

The company is working toward a general access release, but notes that highly robust safeguards preventing offensive misuse, which neither Anthropic nor other AI developers have fully developed yet, must be in place first.

In parallel, Anthropic plans to further scale its Cyber Verification Program, which would grant Mythos-class capabilities to additional organizations for specific defensive tasks.

The long-term goal of Project Glasswing remains unchanged: to shift AI’s role in cybersecurity from finding vulnerabilities to a full-cycle model covering disclosure, patching, and deployment, ultimately securing a permanent advantage for defenders.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.