Anthropic Expands Project Glasswing to 150 New Organisations Across Critical Infrastructure — and Launches Claude Security for Everyone
Anthropic brings Claude Mythos Preview to ~150 new orgs in 15+ countries covering power, water, healthcare and more, plus launches Claude Security in public beta.
Anthropic launched Project Glasswing in early April 2026, giving around 50 organisations — AWS, Cisco, Google, Microsoft, NVIDIA, JPMorganChase, the Linux Foundation, and others — early access to Claude Mythos Preview, an unreleased frontier model capable of finding software vulnerabilities at a level that surpasses all but the most skilled human security researchers. The results from those first weeks were striking enough that Anthropic is now significantly widening the programme.
As of this week, roughly 150 additional organisations have joined Project Glasswing, bringing the total partner count to around 200. The new members span more than 15 countries and include sectors that weren’t part of the original cohort: power grids, water systems, healthcare providers, telecommunications companies, hardware vendors, and critical open-source maintainers including nonprofit groups.
Alongside that expansion, Anthropic has launched Claude Security in public beta, making AI-powered codebase scanning available to any organisation on an Enterprise plan today.
What the first wave of partners found
The numbers from the initial 50 partners are worth sitting with for a moment. Collectively, those organisations identified more than 10,000 high- or critical-severity security flaws in their own codebases using Mythos Preview. Cloudflare alone found 2,000 bugs across its critical-path systems, including 400 rated high or critical, with a false-positive rate the company described as better than human testers. Mozilla found and fixed 271 vulnerabilities in Firefox 150 during testing, more than ten times the number surfaced in a previous Firefox version using an earlier Anthropic model.
Anthropic also ran its own scan of more than 1,000 open-source projects using Mythos, flagging over 23,000 potential vulnerabilities. Of the 1,752 high- or critical-rated findings that were independently reviewed, more than 90% were confirmed as valid.
These figures explain why Anthropic is moving quickly. The model can find vulnerabilities at scale and with high accuracy. The question is whether defenders can get access to it before attackers develop equivalent capabilities elsewhere.
Who the new partners are
The expansion includes some notable names. Okta, the identity and access management firm, is now part of the programme. So are Samsung, SK Hynix, and SK Telecom from South Korea. NATO and the EU’s cybersecurity agency ENISA have also joined.
The geographical spread covers countries including Australia, Canada, France, Germany, Italy, Switzerland, the Netherlands, Spain, Belgium, Sweden, India, Japan, New Zealand, and South Korea — all described by Anthropic as US-friendly nations.
Anthropic’s reasoning for who qualifies is direct: “What each partner has in common is that a successful attack on their codebase could be catastrophic. For most partners, we estimate that a major attack could affect more than 100 million people, with important ramifications for both global and national security.”
The programme has also updated its disclosure rules. Partners can now share vulnerability findings with regulators, industry groups, open-source maintainers, and the public, provided they follow responsible-disclosure standards. That’s a meaningful change from the earlier, more restrictive setup.
What Claude Security actually does
Claude Security is the publicly available product built on Anthropic’s current frontier models, including Claude Opus 4.8. It sits below Mythos Preview in capability, but it is already producing results: more than 2,100 vulnerabilities patched in its first three weeks.
The product is built around a few specific design choices worth understanding. Rather than pattern-matching against known vulnerability signatures, Claude Security reads code the way a security researcher does, tracing how data flows through an application, understanding how components interact, and catching logic and access-control flaws that rule-based tools miss. It focuses on high-severity issues: memory corruption, injection flaws, authentication bypasses, and complex logic errors that require understanding context across multiple files.
Every finding goes through multi-stage verification. Claude re-examines each result, filters false positives, and assigns severity and confidence ratings. For validated findings, it generates a targeted patch and creates a branch ready for pull-request review. Nothing ships without human approval.
The practical effect is that your security team gets a short, ranked list of confirmed issues with suggested fixes, rather than a large noisy report that still requires hours of manual triage.
What this means for your organisation
If you run an Enterprise plan, Claude Security is available to you now in public beta. That is the immediate, actionable item here. If your team is responsible for any significant codebase, it is worth running it through and seeing what surfaces.
For the broader picture: Anthropic has said it intends to release Mythos-class models to all customers soon. The firm is also scaling up its Cyber Verification Program, which will grant Mythos-level access to more organisations for specific defensive tasks. The delay is not commercial — it is that Anthropic acknowledges it does not yet have safeguards robust enough to prevent the model’s capabilities from being misused at general access. Cybersecurity is unusual in that the same capability that finds and fixes a vulnerability can also be used to exploit it.
The implication for security teams is clear. The tools available for automated vulnerability discovery are getting substantially more powerful, on a relatively short timeline. Organisations that build familiarity with AI-assisted scanning now, understand its outputs, and integrate it into their development workflow will be better positioned than those who treat it as something to evaluate later.
The gap between what AI can find and what traditional tooling catches is already large enough to matter. The Firefox and Cloudflare results make that concrete. Claude Security is the accessible entry point into that capability today, and Project Glasswing’s expansion signals where this is heading across the broader infrastructure that everyone depends on.