Overview
- Anthropic announced on Tuesday that it is widening Project Glasswing to about 150–200 vetted organisations in more than 15 countries, and has invited EU cybersecurity agency ENISA and NATO-linked bodies to join the program.
- Claude Mythos is built to scan large codebases, autonomously surface novel zero‑day flaws and produce working exploit demonstrations, and Anthropic reports Mythos flagged roughly 23,019 candidate flaws in 1,000+ open‑source projects with an estimated 6,202 high or critical issues.
- Project Glasswing partners have already reported finding more than 10,000 high‑ or critical‑severity vulnerabilities and independent sampling showed validation rates above 90 percent for reviewed findings.
- Anthropic requires new partners to meet strict security criteria, says it will only broaden customer access after additional safeguards are in place, and filed confidentially for an IPO the day before announcing the expansion.
- Security teams face a growing remediation bottleneck because verification, coordinated disclosure and patch deployment lag discovery, a gap that regulators, governments and rival AI developers are racing to address as similar 'Mythos‑class' tools emerge within months.