One day after filing its IPO application, Anthropic announced a massive expansion of its Glasswing Project to 150 organizations spread across more than 15 countries. This industrial initiative leverages Claude Mythos Preview to detect software vulnerabilities.
Launched in April of last year, the model was initially available to around fifty firms, largely based in the United States, due to the model’s advanced coding capabilities and the risk of repurposing it for hacking.
Prudence was warranted. The UK-based AI Security Institute (AISI), a government research body tasked with testing frontier AI models, evaluated Claude Mythos and concluded that the model could execute sophisticated cyberattacks that would have required several days’ work by professionals.
This sparked anxiety among non-American players (banks, regulators, governments) who pressed for access to the model or briefings on what Anthropic had uncovered.
Europe Joins the Circle
The roster of new beneficiaries testifies to a carefully calibrated widening strategy. Among the newly authorized countries are members of the Five Eyes intelligence alliance (Canada, Australia, New Zealand) as well as France, Germany, Italy, Switzerland, the Netherlands, Spain, Belgium, Sweden, India, Japan and South Korea.
NATO and the European Cybersecurity Agency ENISA have also been included in the program. On the corporate side, the American developer Okta and South Koreas Samsung, SK Hynix and SK Telecom are among the new entrants.
The expansion deliberately covers sectors that were underrepresented in the first wave. The new Glasswing members operate in fields such as energy, water, health, communications, and computer hardware.
According to Anthropic, the common thread among all these partners is that an attack on their code could be catastrophic, with potential impacts affecting more than 100 million people and significant implications for national and global security.
A Race Against the Clock
Behind this accelerated opening lies a sense of urgency. Since the launch of Claude Mythos, Glasswing partners have uncovered more than 10,000 high- or critical-severity security flaws. That is as many vulnerabilities that could be exploited by malicious actors.
But the window for technological exclusivity is closing quickly. Anthropic estimates that many other AI companies will have models comparable to Mythos within six to twelve months, with the risk that they deploy them without the guardrails needed to prevent abuse. A prospect that justifies moving swiftly and broadly rather than maintaining a solitary lead.
OpenAI has already rolled out its GPT-5.5, with similar capabilities, to a larger roster of trusted partners. Cybersecurity experts expect that other frontier models will soon reach the same level.
What a Year of AI-Driven Cyber Threats Reveals
To support its assessment, Anthropic publishes an unprecedented threat map, the fruit of a year of observation. The analysis of 832 accounts banned for malicious activity between March 2025 and March 2026, confronted with the MITRE ATT&CK framework, confirms the fears of experts.
First takeaway: malicious actors use AI in the most advanced phases of their operations—the stages that demand the highest level of technical skill. Between the first and second halves of the period studied, the share of actors deemed medium or high risk rose from 33% to 56%. A progression that underscores accelerating momentum.
Second shift: cyberattacks are becoming more autonomous. What now distinguishes the most threatening actors is their ability to build architectures that let AI chain the stages of an attack with minimal human intervention.
The third alarm signal may be the most structural. MITRE ATT&CK does not yet capture the behaviors that make AI-assisted attackers dangerous: autonomous orchestration, real-time decision-making, and execution without human input.
Anthropic says it is in discussions with MITRE to evolve this framework. A move that would also position the company as the architect of new security standards in the AI era.
