#AnthropicLaunchesGlasswingProgram Anthropic launches Project Glasswing: A $100M AI-powered cybersecurity coalition

Tech giants unite behind unreleased "mythical" Claude model to uncover critical software vulnerabilities before attackers exploit them

Anthropic has launched Project Glasswing, an industry-wide cybersecurity initiative that brings together major technology companies to defend critical software infrastructure using the company's most powerful—and most closely guarded—AI model yet .

The initiative, announced April 8, centers on Claude Mythos Preview, a new frontier model that Anthropic describes as having reached a level of coding capability where it can "surpass all but the most skilled humans at finding and exploiting software vulnerabilities" . Rather than releasing the model publicly, Anthropic is making it available exclusively to vetted partners under strict access controls.

A who's who of tech and security

The founding coalition includes 12 organizations: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks, and Anthropic itself . Approximately 40 additional organizations that build or maintain critical software infrastructure will also receive access .

Anthropic is committing up to $100 million in usage credits** for the preview model and **$4 million in direct donations to open-source security organizations, including $2.5 million to Alpha-Omega and OpenSSF and $1.5 million to the Apache Software Foundation .

What Claude Mythos Preview discovered

In recent weeks, Anthropic deployed Claude Mythos Preview to scan major operating systems, browsers, and other critical software. The results were striking :

Discovery Details
OpenBSD vulnerability A bug that existed for 27 years in one of the world's most security-focused operating systems
FFmpeg vulnerability A flaw that survived 16 years and 5 million automated test executions without detection
Linux kernel chain Multiple vulnerabilities connected autonomously, enabling privilege escalation from user to root

The model has identified thousands of high-severity vulnerabilities across every major operating system and web browser, according to Anthropic . All discovered vulnerabilities have been reported to maintainers and patched.

Why this matters: The AI cybersecurity threshold

Anthropic's rationale for Project Glasswing reflects a sobering assessment: AI models capable of discovering and exploiting software vulnerabilities are no longer theoretical .

"The window between a vulnerability being discovered and being exploited by an adversary has collapsed—what once took months now happens in minutes with AI," said Elia Zaitsev, CTO of CrowdStrike, which is participating as a founding security member .

The global financial cost of cybercrime is estimated at roughly $500 billion annually . Anthropic argues that the same capabilities that make AI dangerous in malicious hands are invaluable for defense—but defenders need access first.

"We are entering a phase where cybersecurity is no longer bound by purely human capacity," said Igor Tsyganskiy, EVP of Cybersecurity at Microsoft .

How Project Glasswing works

The initiative operates on multiple levels :

· Launch partners receive Claude Mythos Preview access for defensive security work, including local vulnerability detection, binary black-box testing, endpoint security, and penetration testing
· Open-source maintainers gain access through the Linux Foundation and Apache Software Foundation, addressing a critical gap where infrastructure code often lacks dedicated security resources
· Information sharing is required—partners must share findings with the broader industry

Cisco's Anthony Grieco framed the urgency directly: "AI capabilities have crossed a threshold that fundamentally changes the urgency required to protect critical infrastructure from cyber threats, and there is no going back" .

Limited access by design

Notably, Anthropic has stated it does not plan to make Claude Mythos Preview available to the general public . The decision reflects concern about the model's potential misuse for offensive cyber operations.

"We've been in ongoing discussions with US government officials about Claude Mythos Preview and its offensive and defensive cyber capabilities," Anthropic confirmed in its announcement .

Following the research preview period, the model will be available to participants at commercial rates: $25 per million input tokens and $125 per million output tokens, accessible through Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry .

What's next

Anthropic has committed to publishing a public report within 90 days disclosing the vulnerabilities discovered and proposing industry-wide recommendations, including automated patching and supply chain security improvements .

The company acknowledges this is only the beginning. "Frontier AI capabilities are likely to advance substantially over just the next few months," Anthropic wrote. "For cyber defenders to come out ahead, we need to act now" .