Anthropic has launched Project Glasswing, a restricted cybersecurity initiative that gives a small group of partners and more than 40 organizations that build or maintain critical software access to Claude Mythos Preview.
Claude Mythos is an unreleased model that the company said has already found thousands of high-severity vulnerabilities. Anthropic also said it does not plan to make Mythos Preview generally available.
That restricted access spans Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks.
Anthropic said the work will focus on local vulnerability detection, black-box testing of binaries, securing endpoints and penetration testing, with participants using the model to scan and secure both first-party and open-source systems.
Benchmark claims and capability jump
Anthropic tied the launch to what it described as a sharp jump in model capability. In its announcement, the company said Mythos Preview can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.
In a separate technical post, Anthropic said the model identified and exploited zero-days in every major operating system and web browser during testing, including a 27-year-old OpenBSD flaw, a 16-year-old FFmpeg flaw and chained Linux kernel vulnerabilities that have since been reported and patched.
Anthropic also published benchmark results that put Mythos Preview ahead of Claude Opus 4.6 on several coding and cyber evaluations, including 83.1% versus 66.6% on CyberGym vulnerability reproduction, 77.8% versus 53.4% on SWE-bench Pro and 93.9% versus 80.8% on SWE-bench Verified.
Alongside those results, Anthropic said it will hold back general release while it works on safeguards to detect and block dangerous outputs, then test those safeguards first on an upcoming Claude Opus model.
Open-source money and maintainer strain
The initiative incorporates a significant open-source and software-supply-chain funding mechanism.
Anthropic said it is committing up to $100 million in usage credits and $4 million in donations, including $2.5 million to Alpha-Omega and OpenSSF through the Linux Foundation and $1.5 million to the Apache Software Foundation.
The Linux Foundation said open source is the dominant form of software consumed in enterprise today, and said maintainers are already under strain from heavier pull-request volume, AI-generated bug reports, supply-chain attacks and increasingly sophisticated campaigns to compromise code.
Disclosure rules and live deployment
Anthropic also outlined a more formal disclosure process for vulnerabilities found through Mythos Preview.
In its Frontier Red Team post, the company said it is publishing SHA-3 commitments for vulnerabilities and exploits it already holds and will release the underlying details after responsible disclosure is complete, no later than 90 plus 45 days after reporting them to the affected party.
The initiative has already transitioned from the pilot phase into active defensive operations. Anthropic said some partners have been using Mythos Preview for several weeks, and AWS said it has already applied the model to critical AWS codebases, where it identified additional opportunities to strengthen code.
AWS also said it has given early access to a select group of AWS customers that are deploying Mythos Preview in their own security workflows.
Government signals and what comes next
Separate U.S. government guidance has also focused on AI in critical systems. In December, NSA, CISA and partner agencies said integrating AI into operational technology introduces new safety and security risks, and said operators should establish governance and assurance frameworks, keep humans in the loop for critical decisions and implement fail-safe mechanisms.
Anthropic said it has been in ongoing discussions with U.S. government officials about Mythos Preview’s offensive and defensive cyber capabilities.
It also said Project Glasswing will produce practical recommendations on vulnerability disclosure, software updates, open-source and supply-chain security, secure-by-design practices, standards for regulated industries, triage scaling and patch automation.
Partner statements describe the program as an early evaluation channel alongside its defensive use.
JPMorganChase said Project Glasswing offers an early-stage opportunity to evaluate next-generation AI tools for defensive cybersecurity across critical infrastructure, while Cisco said providers need new approaches and customers need to be ready to deploy them.
Anthropic said the initiative will run for months, invites broader industry participation and will publish a public report within 90 days as the next concrete milestone.