When an AI model uncovers more than 10,000 high‑severity security flaws across dozens of codebases in just a few weeks, the old playbook for cybersecurity stops working. That is the reality Anthropic is confronting with Project Glasswing, a collaborative initiative that now extends to 150 new organizations after an initial pilot with 50 partners. The expansion, announced alongside a confidential S‑1 filing and a $65 billion Series H funding round, signals a deliberate bet: that giving defenders early access to frontier‑class cyber capabilities can tip the balance against attackers—but only if the rest of the industry adapts just as quickly.
The new partners span more than 15 countries and cover industries that were underrepresented in the first cohort: power grids, water systems, healthcare networks, communications infrastructure, and hardware vendors. Many are suppliers whose code is embedded in thousands of other organizations worldwide. Anthropic estimates that a major attack on any one of these partners could affect more than 100 million people, with cascading effects on national and global security. The company’s stated goal is for AI to make all software more secure, not just the software of companies that can afford top‑tier security teams. If detection becomes cheap and fast, the real bottleneck shifts to disclosure, triage, and patching.
Behind the announcement lies a broader concern: within six to twelve months, other AI developers will likely release models with similar cyber capabilities—potentially without the safeguards Anthropic has built into Claude Mythos Preview. In that world, attacks could become both more frequent and more unpredictable. The cybersecurity community has long accepted that offense tends to outpace defense, but AI may widen that gap further. As one security researcher put it in a recent interview, “Giving better tools to defenders is like issuing better armor, but attackers will also get better weapons—and they can choose when to strike.” Project Glasswing is Anthropic’s attempt to ensure that at least one group of defenders is not caught unprepared.
To support that effort, Anthropic has released Claude Security, a product built on its latest public frontier model—Claude Opus 4.8—which scans codebases and suggests patches. The company is also sharing, on request, the internal tooling it developed to help partners find vulnerabilities more quickly. These moves are meant to accelerate a process that currently takes weeks or months: identifying a flaw, verifying it, notifying the maintainer, and deploying a fix. According to a 2024 Ponemon Institute study, the average time to patch a critical vulnerability across all industries is 102 days. AI‑assisted triage could compress that timeline dramatically, but only if the ecosystem—from open‑source maintainers to enterprise security teams—adopts new workflows.
A notable shift in this expansion is the emphasis on vendors. By targeting codebases that are widely reused, Project Glasswing can multiply its impact. A single vulnerability in a popular open‑source library can ripple across thousands of downstream products. The challenge is that the people who maintain those libraries are often volunteers or small teams, already overwhelmed by the volume of reports they receive. Many of Project Glasswing’s partners now use Mythos Preview not only to find bugs but to write patches and perform pre‑release checks, reducing the burden on maintainers. The goal is not just to surface flaws faster, but to hand over a working fix that can be merged with minimal effort.
Some industry observers remain skeptical. They point out that providing AI models with advanced cyber capabilities—even to trusted partners—still creates risk. A compromised partner, an insider threat, or a model that learns to bypass its own safeguards could turn the tool against the very systems it is meant to protect. Anthropic acknowledges this tension. “Because cybersecurity has both helpful and destructive uses, making safeguards that are both strong and precise enough is a major challenge,” the company notes. To date, no AI developer has publicly demonstrated a fully reliable safeguard for offensive‑capable models. The decision to expand Project Glasswing is therefore a calculated bet that the benefits of proactive defense outweigh the risks of enabling misuse.
Looking ahead, Anthropic plans to broaden Project Glasswing further, prioritizing essential infrastructure providers, critical open‑source software maintainers, and safety testers. It also intends to scale up its Cyber Verification Program, which would grant Mythos‑class capabilities to many more organizations for specific defensive tasks. The company acknowledges that this will not be the last time a capability threshold is crossed. Frontier model releases will become increasingly high‑stakes as AI improves across domains that can empower both attackers and defenders. If Project Glasswing succeeds, it may serve as a template for how to responsibly deploy powerful technology in a dual‑use world.
The article ends with a quiet but telling detail: Anthropic has confidentially submitted a draft S‑1 to the Securities and Exchange Commission, and raised $65 billion in Series H funding at a $965 billion valuation. That financial firepower, combined with the rapid expansion of Project Glasswing, suggests that the company sees cybersecurity as both a mission and a market. For defenders watching from the sidelines, the message is clear: adapt now, or risk being overwhelmed by an AI‑driven wave of attacks that is already on the horizon.