Anthropic widens Mythos access to about 200 partners

Anthropic said on June 2, 2026, that it has broadened Project Glasswing — the controlled program that gives vetted partners access to its security‑focused Claude Mythos Preview model — to roughly 200 organisations across more than 15 countries.

Project Glasswing was launched in April to let a small group of companies and agencies use Mythos to scan codebases, surface critical software flaws and help triage fixes before attackers exploit them. Anthropic frames the effort as a defensive, early‑access experiment rather than a public product release.

The company said the expansion moves the program from about 50 initial partners to roughly 200 total participants by adding some 150 organisations in the latest round. Anthropic has also set aside substantial model credits and funding to support the work.

Reports and people familiar with the matter say the new cohort includes organisations and agencies from countries that are part of the Five Eyes intelligence partnership — such as Canada, Australia and New Zealand — and that the EU’s cyber‑security agency ENISA and NATO have been offered access through the initiative. Anthropic has not published a detailed list of new members.

Anthropic says the new participants come from critical sectors: energy, water, healthcare, communications and hardware maintainers that other organisations depend on. Media reporting also lists large technology and infrastructure firms among those involved, though many company names remain unconfirmed by Anthropic.

Anthropic and its early partners have said Mythos found thousands of high‑ and critical‑severity flaws in tests and partner scans. Anthropic’s public updates and independent reporting put that figure in the low‑to‑ten‑thousands range, a scale that has driven both interest and caution.

That potency is the reason Anthropic has restricted access. The company and outside researchers say Mythos can do more than detect bugs: it can sketch exploit chains and, in some cases, generate working proof‑of‑concept exploits if misused. Anthropic’s staged rollout is intended to give defenders an advantage while they study safe procedures.

The expansion arrives amid signs of intense government interest and regulatory scrutiny. EU officials have sought access and ENISA has been reported as in talks; U.S. government agencies have also collaborated with Anthropic on the program’s rollout. At the same time, policymakers are debating how to let defenders use powerful models without increasing misuse risks.

Project Glasswing has not been free of operational problems. In April, Anthropic investigated reports that Mythos was accessed via third parties by unknown or unauthorized users, an episode that underlines how tightly these tools must be controlled. Security researchers and policy groups have cited that event in calls for robust guardrails.

Security groups that have reviewed the Mythos precedent say the episode is a test case for governing future frontier models that can both defend and attack. Cloud Security Alliance and other analysts have urged clear disclosure practices, coordinated vulnerability disclosure and stronger access controls as these models spread.

Operationally, Anthropic says partners are using Mythos to run large‑scale scans of code repositories, to triage findings with human teams, and to share fixes with open‑source maintainers and vendors. That workflow — model plus human review plus coordinated patching — is central to Anthropic’s argument for controlled release.

The broader signal is that frontier generative models are moving from research curiosities into practical defensive tools for national‑scale cyber risk. The Anthropic expansion shows both the potential to surface longstanding, hidden bugs at scale and the governance challenge of keeping such capabilities in responsible hands. Observers say the next months will test whether access controls, disclosure norms and international cooperation keep pace with the technology’s power.