Mythos Preview - Project Glasswing

Detailed Analysis

Anthropic launched Project Glasswing on April 7, 2026, granting restricted access to its unreleased Claude Mythos Preview model — its most advanced general-purpose frontier system — to over 40 cybersecurity organizations for the purpose of identifying and remediating software vulnerabilities in critical infrastructure. The initiative represents a deliberate departure from standard product release practices: rather than making the model broadly available, Anthropic has selectively deployed it to a curated network of launch partners including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks, as well as dozens of additional entities responsible for maintaining foundational software systems. Participants access the model via the Claude API, Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry, at a pricing structure of $25 per million input tokens and $125 per million output tokens, underwritten in part by Anthropic's $100 million in usage credits and $4 million in donations to open-source security organizations.

The core rationale for withholding general availability of Claude Mythos Preview centers on a dual-use dilemma that Anthropic has publicly acknowledged as defining the initiative's scope. The model demonstrates the ability to detect thousands of high-severity and zero-day vulnerabilities across major browsers, operating systems, and open-source codebases — performance that reportedly surpasses all but the most elite human security researchers. That same capability, in adversarial hands, could be weaponized to accelerate exploitation of the very vulnerabilities defenders are racing to patch. Anthropic has framed Project Glasswing explicitly as a defensive-first deployment, designed to ensure that the model's most dangerous capabilities are directed toward protection before they become accessible to malicious actors through general release or model replication.

The initiative reflects a broader and increasingly urgent trend in AI-enabled cybersecurity: the compression of the vulnerability discovery-to-exploitation window. What once took threat actors months now takes minutes, a shift driven in large part by the same class of capable AI systems that defenders are only now beginning to harness systematically. Project Glasswing positions Anthropic as arguing that the appropriate response to this asymmetry is not to delay AI development, but to deliberately sequence it — deploying maximum capability to defenders first, then expanding access as safeguards mature. Anthropic has indicated it plans to eventually enable broader access to Mythos-class models once enhanced safety measures are in place, framing the current restricted deployment as a transitional phase rather than a permanent posture.

The scale and composition of the partner network signals that Anthropic is treating Project Glasswing as an industry-coordination effort as much as a product deployment. By including hyperscalers, enterprise software vendors, financial institutions, hardware manufacturers, and open-source foundations simultaneously, the initiative attempts to address the systemic and cross-sector nature of critical infrastructure risk rather than treating it as any single organization's responsibility. The explicit inclusion of the Linux Foundation and open-source security groups — supported by direct financial donations — acknowledges that a substantial portion of the world's critical software is maintained outside of well-resourced commercial entities, a vulnerability in the broader security ecosystem that AI-enabled analysis may be uniquely positioned to address at scale. Anthropic's framing of the project as a call for collective action among AI developers, software firms, researchers, and governments suggests the company views Project Glasswing as a template for how frontier AI capabilities should be governed and deployed in high-stakes domains going forward.