Anthropic is expanding Project Glasswing, its restricted AI cybersecurity initiative, to roughly 200 total partner organizations after launching the program in April with approximately 50 members.
Claude Mythos Preview, the AI model powering Project Glasswing, will be made available to around 150 additional organizations as part of the expansion, Anthropic said. Access requires clearing a set of security criteria Anthropic has established. The incoming partners operate across more than 15 countries and bring coverage to sectors — among them energy, water utilities, healthcare, communications, and hardware — that had limited representation when the program first launched.
In preparing the rollout, Anthropic worked alongside the U.S. government, the security industry at large, open-source software maintainers, and organizations already inside the program, the company said. The expansion also includes government organizations, according to Reuters. Anthropic declined to name the new partners, though cloud data management platform Rubrik said it was among the new group, according to CNBC.
Across all organizations in the program since its April debut, over 10,000 vulnerabilities rated high- or critical-severity have been uncovered, according to Anthropic. Were a major cyberattack to strike the partner ecosystem, the company estimates the number of people affected could exceed 100 million.
Anthropic has revised the program's disclosure rules in recent weeks, allowing partners to share vulnerability findings with outside parties — including regulators, industry groups, open-source maintainers, and the public — provided responsible-disclosure standards are observed. The previous policy had required partners to keep findings inside the program.
The expansion follows a period of broad concern about Mythos's capabilities. As Quartz has previously reported, major U.S. banks with access to the model scrambled to address a wave of vulnerabilities it surfaced, with findings shared downstream to community and regional banks that lacked direct access. Treasury Secretary Scott Bessent and then-Federal Reserve Chair Jerome Powell convened a meeting with bank CEOs to discuss the cybersecurity risks the model posed.
Rival AI providers are likely to reach comparable capability levels within roughly six to twelve months, Anthropic warned, and there is no guarantee those future models will carry equivalent protections against misuse. The company said it plans to expand Project Glasswing further, with future additions to prioritize essential infrastructure providers, maintainers of critical open-source software, and safety testers. Anthropic also said it is working toward making Mythos-class capabilities available more broadly, pending the development of stronger safeguards.
