Anthropic has announced a major expansion of Project Glasswing, its joint-industry initiative to identify and remediate critical software vulnerabilities using AI, extending access to Claude Mythos to approximately 150 organizations spanning more than 15 countries.
The expanded program now covers critical infrastructure operators across five core sectors: power grids, water utilities, healthcare systems, communications networks, and hardware manufacturers. What every participating organization shares, according to Anthropic, is a profile where a successful cyberattack on their codebase could affect more than 100 million people -- making vulnerability detection a public safety priority, not merely an IT one.
Claude Mythos, described by Anthropic as its most capable model to date, was purpose-tested for vulnerability research before the program launched. In early trials, the model identified thousands of previously unknown zero-day vulnerabilities across weeks of automated analysis -- a depth and pace that no human security team could realistically replicate. Beyond identification, the model helps prioritize findings based on exploitability and potential blast radius, feeding actionable intelligence to remediation teams.
The announcement landed just one day after Anthropic filed confidentially for an initial public offering, following a $65 billion funding round at a valuation approaching $1 trillion. While Glasswing is framed as a safety-first initiative, demonstrating that Claude Mythos has real-world enterprise security applications at national scale adds credibility to the company's commercial positioning ahead of its eventual public debut.
Anthropic acknowledged that its initial Glasswing partners did not fully represent the breadth of infrastructure sectors most exposed to catastrophic attacks. Power, water, and healthcare infrastructure -- all newly included in today's expansion -- were notably absent from early cohorts. The company is also expanding geographically, with new participants joining from regions where cybersecurity capacity has historically lagged investment levels.
Project Glasswing works through a model-assisted workflow where Claude Mythos analyzes codebases at scale, surfacing vulnerability chains that traditional static analysis and human review typically miss. The AI-generated findings are then reviewed by human security teams at each partner organization before remediation begins, maintaining human oversight in the loop.
Why It Matters
Deploying frontier AI models directly inside vulnerability detection pipelines for critical infrastructure is a meaningful escalation in AI's role in national and public security. For enterprise security teams, Glasswing offers a live template for what AI-augmented red teaming and continuous vulnerability management could look like at scale -- and a preview of the standards regulators may eventually require.