Anthropic has announced a major expansion of Project Glasswing, its collaborative cybersecurity initiative, growing from approximately 50 initial partners to roughly 150 new organizations following the program's early success in detecting high-severity security vulnerabilities at scale.
The early cohort of Project Glasswing partners deployed Claude Mythos Preview to analyze their codebases, and the results have been striking: these partners have so far found more than 10,000 high- or critical-severity security flaws. This discovery rate demonstrates the transformative potential of frontier AI models for defensive cybersecurity when paired with appropriate access controls and expert oversight.
The new expansion includes organizations from more than 15 countries spanning industries including power, water, healthcare, communications, and hardware, sectors that were underrepresented in the original group. Anthropic emphasizes that a successful attack on their codebase could be catastrophic for most partners, with estimates suggesting major attacks could affect over 100 million people globally. This framing underscores the urgency of deploying AI-powered security tools to organizations that maintain critical infrastructure.
Looking ahead, Anthropic acknowledges a sobering timeline: within 6 to 12 months, many other AI companies will have Mythos-class models, potentially released without the cybersecurity safeguards that Anthropic has built into its deployment approach. This creates a window during which Anthropic's dual strategy of supporting cyberdefenders through tools and infrastructure while accelerating vulnerability patching and disclosure processes is especially critical.
The organization plans further expansions prioritizing critical infrastructure providers and open-source software maintainers. Project Glasswing represents a cornerstone of Anthropic's approach to responsible deployment of frontier capabilities, demonstrating that the most powerful AI models can be channeled toward defensive applications through careful partnership structures and access controls. The expansion comes alongside Anthropic's separate research publication mapping a year of AI-enabled cyber threats onto the MITRE ATT&CK framework, providing additional context for the evolving threat landscape that Project Glasswing aims to address.
The expansion of Project Glasswing from 50 to approximately 200 total partners represents one of the largest coordinated deployments of frontier AI for cybersecurity defense in the technology industry. The discovery of more than 10,000 high- or critical-severity security flaws by the initial cohort validates the thesis that frontier models can serve as force multipliers for security teams that are chronically understaffed and overwhelmed by the volume of code they must protect. The deliberate expansion into critical infrastructure sectors including power, water, healthcare, and communications reflects Anthropic's assessment that these industries face the most severe consequences from security breaches while having the least access to frontier AI defensive tools. Anthropic's candid acknowledgment that competitors will likely have Mythos-class models within 6 to 12 months, potentially without comparable safeguards, adds urgency to the defensive deployment timeline and underscores the window of opportunity for establishing security best practices before unrestricted frontier models become widely available.
The discovery of more than 10,000 high- or critical-severity security flaws by the initial 50 partners demonstrates the transformative potential of deploying frontier AI models for defensive cybersecurity at a scale and speed that human security teams alone cannot achieve. The expansion into critical infrastructure sectors — power, water, healthcare, and communications — addresses what security experts consider the most consequential gap in cybersecurity defense, as these sectors maintain legacy codebases that are both essential to public safety and chronically under-resourced for security review.