Project Glasswing

Project Glasswing represents a watershed moment in AI-powered cybersecurity. Launched by Anthropic in April 2026, it is built around Claude Mythos Preview — a frontier model so capable at finding software vulnerabilities that Anthropic privately briefed senior US officials before making it available. The model has already discovered over 10,000 high or critical-severity security flaws, including vulnerabilities in every major operating system and web browser. This is not incremental improvement over existing security scanning tools — it is a qualitative leap in what automated vulnerability detection can achieve.

The initiative is structured as a partner program rather than a commercial product, reflecting the dual-use nature of the technology. With $100 million in usage credits distributed among 150+ partner organizations across 15+ countries, Glasswing brings together the world's largest technology companies — AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, Microsoft, NVIDIA, and Palo Alto Networks — in a shared defensive effort. An additional $4 million in donations supports open-source security groups, recognizing that much of the world's critical infrastructure runs on community-maintained code.

The restricted access model is both Glasswing's limitation and its most responsible design decision. Claude Mythos Preview can autonomously discover and weaponize zero-day vulnerabilities, making uncontrolled release a serious security risk. By limiting access to vetted partner organizations with legitimate defensive needs, Anthropic ensures the technology strengthens defenses rather than enabling attacks. For enterprise security teams and open-source maintainers who can access the program, Glasswing is the most powerful vulnerability detection tool available. For everyone else, its existence represents a fundamental shift in the AI security landscape — proof that AI models have surpassed most human experts at finding software vulnerabilities.