Anthropic announced the launch of Project Glasswing on April 7, 2026, a cybersecurity initiative designed to protect critical software infrastructure through the private evaluation of its unreleased “Claude Mythos Preview” model. The project establishes foundational partnerships with technology leaders including Amazon, Microsoft, and Apple to address the dual-use nature of advanced AI coding capabilities.
This coalition responds to an immediate need for defensive safeguards as generative models gain the ability to autonomously identify and exploit software flaws. Anthropic is withholding its most capable model from the public to prevent it from supercharging cyberattacks, opting instead for a controlled defensive rollout among a closed group of 40 organizations. The private evaluation period serves as a buffer for “agentic” AI models, which can act independently to perform complex tasks. The autonomous nature of the Mythos model acts as the primary catalyst for this industry-wide defense project, as its ability to navigate systems without human intervention presents a novel threat to existing security protocols.
The Glasswing Coalition: Big Tech and Cybersecurity Partners
The coalition includes Amazon.com, Microsoft, and Apple, each of which will receive early access to the Claude Mythos Preview model for internal security auditing. These partners represent the backbone of global computing infrastructure, providing the operating systems and cloud environments where critical software resides. By involving these specific firms, Anthropic ensures that the model’s defensive capabilities are tested against the most widely used enterprise platforms in the world.
Beyond hardware and cloud providers, the initiative incorporates specialized cybersecurity vendors such as CrowdStrike and Palo Alto Networks. These firms will use the advanced model to refine their threat detection algorithms and automated response systems. Platform giants Google and Nvidia are also participating, bringing massive scale to the project’s testing environment and ensuring the model is compatible with diverse hardware architectures.
The operational implications of giving these companies early access are significant, as it allows them to patch vulnerabilities before they can be exploited by malicious actors using similar AI tools. This proactive approach turns a potential offensive weapon into a defensive shield by allowing defenders to see through the “eyes” of the AI. The project’s scale, involving 40 organizations that manage critical infrastructure, suggests a broad effort to harden the digital ecosystem against sophisticated, automated threats.
Anthropic’s strategy emphasizes a collaborative nature, requiring participants to share their findings across the group. Even though these companies are often direct industry competitors, the shared risk of AI-driven attacks has necessitated a unified defense. According to Anthropic, this collective intelligence approach helps build a more resilient infrastructure that no single company could achieve in isolation.
Claude Mythos Preview: Capabilities and Identified Risks
Anthropic describes Claude Mythos as its “most capable yet for coding and agentic tasks,” emphasizing the model’s ability to act autonomously within a digital environment. Unlike previous iterations that required constant human prompting, Mythos can navigate complex codebases and execute multi-step processes to achieve a specific goal. This autonomy allows the model to perform deep security audits that were previously too labor-intensive for human teams to conduct at scale.
Technical testing of the model has already yielded significant results, including the identification of thousands of high and critical-severity vulnerabilities in operating systems and web browsers. These flaws, if left unpatched, could provide entry points for state-sponsored hackers or criminal enterprises. Reports from Reuters and Bloomberg indicate that the model’s ability to scan for these weaknesses exceeds the speed and accuracy of traditional automated scanning tools.
One landmark discovery during the testing phase was a 16-year-old vulnerability in the FFmpeg open-source library, a critical tool used for audio and video processing across millions of devices. The discovery of such a long-standing bug highlights the model’s capacity to find “hidden” flaws that have escaped human notice for nearly two decades. This finding is considered a significant milestone for AI-driven security auditing, proving that autonomous models can analyze legacy code with high precision.
In addition to the FFmpeg discovery, Mythos identified a critical bug in an unnamed virtual machine monitor program, a type of software used to run multiple operating systems on a single physical server. The “agentic” nature of Mythos is central to these successes, as the model can simulate the behavior of an attacker to find pathways through a system. However, this same autonomy increases the risk profile, as a model capable of finding these bugs could also be instructed to exploit them if it fell into the wrong hands.
Vulnerability in Global Finance: The Banking Sector Focus
The banking industry has emerged as a primary focus for Project Glasswing, with JPMorgan Chase serving as a key private evaluator of the Mythos model. Financial institutions are particularly susceptible to AI-boosted hacking due to the complexity of their internal networks. These organizations must protect massive amounts of sensitive data while maintaining high-speed transaction systems that cannot afford downtime.
A significant challenge facing the sector is the “legacy tech” problem, where banks run technology stacks that integrate modern tools with software that is decades old. According to TJ Marlin, the chief executive of enterprise AI security firm Guardrail Technologies, this mix of state-of-the-art and antiquated systems creates unique vulnerabilities. Older software often lacks the security features of modern code, making it a “soft target” for an autonomous model like Mythos that can quickly find and bridge gaps between different eras of technology.
The threat Mythos poses to banks is distinct from other sectors because of the potential for cascading failures across the global economy. If a model can autonomously navigate a bank’s legacy systems to manipulate transactions or steal data, the speed of the attack could outpace traditional human-led defenses. This risk has prompted high-level government intervention to ensure the financial sector is prepared for the arrival of more powerful AI models.
The international government response has included meetings between officials from the United States, Canada, and Britain with top banking leaders to discuss AI-driven threats. This trilateral cooperation is necessary because the financial system is interconnected across borders, meaning a vulnerability in one nation’s banking infrastructure could impact others. These discussions focus on creating a standardized framework for how banks can use defensive AI to protect their legacy stacks without introducing new risks.
Market Impact and the AI Threat Landscape
The launch of Project Glasswing follows a period of increasing concern regarding AI-enabled cybercrime. Anthropic previously disclosed that it had identified exploits involving 30 global organizations, demonstrating that the threat is no longer theoretical. As AI models become more adept at coding, the barrier to entry for launching sophisticated cyberattacks is lowering, allowing less-skilled actors to perform high-level hacks.
Industry data supports the urgency of Anthropic’s initiative, with a joint study by IBM and Palo Alto Networks showing that 67% of executives have already been targeted by AI-boosted attacks. This high targeting rate underscores the necessity of the $100 million in usage credits Anthropic is providing to partners for defensive work. These credits allow organizations to run the Mythos model at scale to find and fix vulnerabilities before they are used against them.
Financial markets have reacted sharply to the news of Mythos’s capabilities and the subsequent launch of Glasswing. Shares of major cybersecurity firms, including Palo Alto Networks and CrowdStrike, saw volatility following initial reports that the model could identify vulnerabilities more effectively than existing software. This reaction suggests that investors now view defensive AI capabilities as a market-moving variable, as the effectiveness of traditional security products is called into question by autonomous AI.
The necessity of defensive AI tools is further highlighted by the speed at which these threats evolve. By providing early access to a select group, Anthropic aims to tip the scales back in favor of defenders. This market shift indicates that the cybersecurity industry is moving toward a model where AI is used to fight AI, making the development of defensive models a critical competitive advantage for tech firms.
Funding Defense: Credits, Donations, and Open-Source Support
Anthropic has committed significant financial resources to ensure that the benefits of Project Glasswing extend beyond its immediate corporate partners. The company is providing $100 million in usage credits specifically for defensive cybersecurity work, allowing non-profits and smaller organizations to access the Mythos model. This funding is intended to democratize access to advanced security tools that would otherwise be cost-prohibitive.
In addition to usage credits, Anthropic is providing $4 million in direct donations to open-source security organizations. These groups are responsible for maintaining the foundational software that much of the internet relies on, such as the FFmpeg library. By supporting these organizations, Anthropic addresses the “tragedy of the commons” in software security, where critical public-interest infrastructure is often underfunded and under-guarded.
The strategic importance of supporting open-source security cannot be overstated, as a single bug in a widely used library can have global consequences. Private-sector funding plays a vital role here, as companies like Anthropic have the resources to identify these flaws but rely on open-source maintainers to implement the necessary patches. This partnership ensures that the discoveries made by the Mythos model lead to actual security improvements for the general public.
This funding model also evaluates the role of private-sector responsibility in the AI age. By investing in the security of the broader ecosystem, Anthropic is attempting to mitigate the negative externalities of its own technology. This approach suggests that the future of software infrastructure security will rely on a hybrid model of private funding, AI-driven auditing, and community-led maintenance.
The Future of Responsible AI Disclosure
Project Glasswing marks a shift in how advanced AI models are released to the world, with Anthropic confirming that the Claude Mythos Preview will not be made generally available to the public. This restricted release strategy is intended to ensure that the model’s most powerful capabilities are used exclusively for defense. Anthropic has pledged to share ongoing findings with the broader industry, creating a feedback loop that helps all organizations stay ahead of emerging threats.
The initiative sets a new precedent for “responsible disclosure” in the age of agentic AI. Rather than releasing a tool and hoping for the best, the company is actively managing the model’s deployment to minimize harm. This controlled approach may serve as a blueprint for other AI developers as they create models with increasingly autonomous and potentially dangerous capabilities. By prioritizing the security of critical infrastructure, Project Glasswing aims to ensure that the next generation of AI serves as a guardian rather than a threat to the digital world.
