Claude Mythos Gets Powerful Expansion To 150 Groups

Claude Mythos is moving deeper into cybersecurity, but Anthropic is keeping access tightly controlled.

Anthropic is expanding Claude Mythos Preview through Project Glasswing to more cybersecurity and infrastructure partners.
Ojas Srivastava

Claude Mythos is being opened to more organizations through Anthropic’s Project Glasswing, a controlled program aimed at finding and fixing serious software vulnerabilities.

Gizmodo reported that Anthropic is expanding access to Claude Mythos Preview through Project Glasswing, giving about 150 new organizations in more than 15 countries access to the cybersecurity model. Anthropic’s own update said the new partners include organizations in power, water, healthcare, communications and hardware.

Anthropic said the new group includes vendors that maintain codebases used by many other organizations, including governments. The company also said a major attack against most of these partners could affect more than 100 million people, with national and global security consequences.

The goal is defensive. Claude Mythos is meant to help trusted partners scan codebases, find flaws and patch them before attackers do. Anthropic said earlier Project Glasswing partners had already found more than 10,000 high- or critical-severity security flaws.

There is a strong case for that approach. Cybersecurity teams are under pressure to respond faster as attackers use automation. Cloudflare, one of the early Project Glasswing users, said Mythos Preview was strong at exploit chain construction and proof generation. In simple terms, Claude Mythos could help connect several small bugs into a working attack path and then test whether the flaw was real.

But the same capability creates risk. Cloudflare also said Mythos Preview did not have the additional safeguards seen in generally available models, and that its refusal behaviour was inconsistent in legitimate research settings. Gizmodo also reported that Anthropic found the model was better at spotting vulnerabilities than patching them, and that letting the model write patches could break other parts of a codebase.

That is why the rollout is limited. Claude Mythos is not being released like a normal chatbot. Anthropic says Project Glasswing partners must meet security requirements before getting access. The company is trying to give defenders stronger tools without handing the same capabilities to every attacker at once.

The AI Decode recently covered how Anthropic’s valuation has overtaken OpenAI on paper. The Claude Mythos rollout shows why investors and governments are watching Anthropic closely. Its models are now moving into sensitive areas such as critical infrastructure, cybersecurity and national risk.

For now, Claude Mythos looks like both a useful defensive system and a difficult policy problem. The open question is whether controlled access can work once similar cyber-capable AI models become cheaper, faster and easier to copy.

Leave a Comment