TL;DR
- Restricted Rollout: Anthropic has expanded Claude Mythos access to about 150 organizations in more than 15 countries.
- Security Gate: New Project Glasswing participants must meet security requirements before receiving the vulnerability-hunting model.
- Safeguard Test: Cloudflare found stronger vulnerability research capability, but also inconsistent refusal behavior.
- Maintainer Pressure: AI-generated findings need triage-ready evidence before they reach open-source project queues.
Anthropic is expanding access to its Claude Mythos AI model through Project Glasswing, giving about 150 additional organizations in more than 15 countries access to a restricted cyber model. Wider access moves Mythos closer to infrastructure codebases where one software flaw can affect utilities, networks, medical systems, hardware suppliers, and downstream software users.
New participants span power, water, healthcare, communications, hardware, and key software maintenance. Anthropic estimates that a major attack on many Project Glasswing partners could affect more than 100 million people, so access remains tied to security requirements rather than treated as a general Claude feature.
What the Expansion Adds
Project Glasswing began with roughly 50 partners, when vetted government and industry teams received Claude Mythos Preview for defensive code review. Restricted Mythos Preview access established the program’s core tradeoff: give capable defenders stronger tools while limiting who can use them and how findings move through reporting channels.
Initial partners reportedly have found more than 10,000 high- or severe security flaws during Project Glasswing.
Anthropic’s stated goal is to give defenders a permanent advantage, but the larger cohort turns that ambition into an infrastructure test because utilities, hardware vendors, healthcare systems, and software maintainers often sit upstream of many other organizations. The new participants must satisfy security requirements before getting Mythos access.
Project Glasswing also covers key software maintenance organizations, making the review layer part of how a vulnerability-hunting model reaches codebases that many downstream users depend on.
One weak maintainer workflow can delay patches for dependent services.
Why Safeguards Shape the Rollout
Cloudflare tested Claude Mythos on its own repositories and found a stronger vulnerability-research tool than previous general-purpose frontier models. The company pointed Mythos at more than fifty repositories, giving the expansion an independent practitioner benchmark alongside Anthropic’s official numbers.
“Mythos Preview is a real step forward, and it’s worth saying that plainly before getting into anything else.”
Cloudflare, infrastructure and security company (via Cloudflare)
Cloudflare found that Mythos could combine multiple attack primitives into working proof code, then generate, compile, run, and revise tests for suspected vulnerabilities. For defenders, that workflow supports high-volume review and raises the burden on validation and access control.
For attackers, the same proof-building ability explains why access cannot become ordinary developer tooling.
Equivalent defensive tasks sometimes produced different outcomes because Mythos had inconsistent organic refusals depending on framing and run conditions. Human approval, partner vetting, and post-identification validation become part of the safety model rather than optional administrative steps.
Partner vetting and human review already sit around Mythos use before partners receive the model. Open-source maintainers face a concrete constraint: AI-assisted vulnerability hunting needs triage-ready submissions and post-identification validation before partner findings can reach project queues without flooding maintainers.
How Anthropic Fits the Cyber-Model Race
OpenAI’s restricted cyber-model access for GPT-5.5-Cyber gives Anthropic a direct peer for keeping frontier cyber models inside vetted defender programs before any broader release. Anthropic also widened Mythos threat-sharing rules before this larger Project Glasswing rollout.
Operating discipline matters more than feature parity. Anthropic has to prove that infrastructure and software-maintenance partners can find flaws faster without burying maintainers under weak submissions or letting proof-generation capability move outside controlled environments.
Open-source maintainers are the clearest pressure point because AI-generated vulnerability submissions can add triage volume to projects with limited security staff.
Vulnerability Reporting Is the Next Test
Anthropic says future Project Glasswing additions will include key infrastructure providers, open-source maintainers, and safety testers.
Anthropic also plans reporting practices for vulnerabilities in more open-source projects as AI-generated findings reach more maintainers.
Reporting practices are the next operational test. They must define triage-ready evidence before the 150-organization Project Glasswing cohort pushes AI-generated submissions into queues for software-infrastructure defense.
