Anthropic just announced Claude Mythos Preview a frontier AI model so powerful at finding software vulnerabilities that the company won't make it publicly available. Instead, they've built an entire coalition of the world's biggest tech companies around it, and they're calling it Project Glasswing.
This might be the most significant cybersecurity announcement of 2026. Here's why.
What Is Project Glasswing?
Project Glasswing brings together 12 major organizations Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks alongside Anthropic in a coordinated effort to secure the world's most critical software before attackers can exploit it.
The name comes from the glasswing butterfly (Greta oto), whose transparent wings let it hide in plain sight just like the software vulnerabilities this project is hunting. Beyond the 12 launch partners, over 40 additional organizations that build or maintain critical software infrastructure have also been granted access to the model.
This is not a marketing exercise. This is the tech industry collectively looking at what this model can do and deciding they need to move together, right now.
What Makes Mythos Different?
Here's the thing that makes Mythos genuinely terrifying and exciting in equal measure: it wasn't specifically trained for cybersecurity. It's a general-purpose frontier model with exceptionally strong agentic coding and reasoning abilities. It just happens to be devastatingly effective at reading code, spotting vulnerabilities, and figuring out how to exploit them skills that previously required elite human security researchers.
Think of it less like a tool trained to sniff out bugs, and more like an autonomous security researcher that never sleeps, never gets tired, and can reason through millions of lines of code with superhuman thoroughness.
On Anthropic's CyberGym benchmark, Mythos scored 83.1% compared to 66.6% for Claude Opus 4.6 a massive leap. But the benchmarks only tell part of the story. In agentic coding tasks, Mythos hit 93.9% on SWE-bench Verified (versus 80.8% for Opus 4.6), 77.8% on SWE-bench Pro (versus 53.4%), and 82.0% on Terminal-Bench 2.0 (versus 65.4%). On reasoning, it scored 94.6% on GPQA Diamond and 64.7% on Humanity's Last Exam with tools. These aren't incremental improvements. This is a different class of model.
The Bugs It Already Found Are Insane
Over the past few weeks, Mythos has already identified thousands of zero-day vulnerabilities flaws that were completely unknown to the developers of the software. Many of these bugs are critical severity, and they were found in every major operating system and every major web browser. Some highlights:
A 27 year old vulnerability in OpenBSD, one of the most security-hardened operating systems on the planet, used to run firewalls and critical infrastructure. The flaw allowed an attacker to remotely crash any machine running the OS simply by connecting to it. Twenty-seven years. Undetected.
A 16 year old vulnerability in FFmpeg, the media framework used by countless applications to encode and decode video. The bug caused heap corruption, and it existed in a line of code that automated testing tools had hit five million times without catching the problem.
Linux kernel privilege escalation chains, Mythos autonomously found and linked together multiple vulnerabilities in the Linux kernel (which runs most of the world's servers) to demonstrate how an attacker could escalate from ordinary user access to complete control of the machine.
And those are just the ones that have been patched and publicly disclosed. Anthropic says the vast majority of the vulnerabilities discovered remain unpatched, with details being held under cryptographic hashes until fixes are in place.
Nearly all of these were found autonomously no human steering required.
The Partner List Reads Like a Who's Who of Global Infrastructure
The organizations involved in Project Glasswing aren't random. They represent the backbone of global digital infrastructure:
Cloud & Compute: Amazon Web Services, Google, Microsoft, NVIDIA Device & OS: Apple, Broadcom, Cisco Cybersecurity: CrowdStrike, Palo Alto Networks Finance: JPMorganChase Open Source: The Linux Foundation
CrowdStrike's CTO Elia Zaitsev put it bluntly: the window between a vulnerability being discovered and being exploited has collapsed from months to minutes with AI. Palo Alto Networks' Chief Product & Technology Officer Lee Klarich warned that everyone needs to prepare for AI-assisted attackers because there will be more attacks, faster attacks, and more sophisticated attacks.
When the people whose entire job is protecting the internet are this urgent about it, you pay attention.
Anthropic Is Putting $100 Million Behind This
This isn't cheap talk. Anthropic is committing up to $100 million in usage credits for Claude Mythos Preview across Project Glasswing and the additional participating organizations. On top of that, they're donating $2.5 million to Alpha Omega and OpenSSF through the Linux Foundation, and $1.5 million to the Apache Software Foundation direct funding to help open-source maintainers who typically operate on shoestring budgets respond to this new landscape.
Partners can access the model through the Claude API, Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry. After the initial credit period, pricing is set at $25 per million input tokens and $125 per million output tokens.
Why Won't They Release It Publicly?
This is the part that should make everyone sit up straight. Anthropic is explicitly saying that Claude Mythos Preview is too capable β and too dangerous β to release publicly. The same abilities that make it extraordinary for defense make it terrifying for offense. If this model can autonomously discover zero-day vulnerabilities and develop working exploits, putting it in the wrong hands would essentially give attackers a tireless, genius-level hacking tool.
Anthropic is following its Responsible Scaling Policy. Access is restricted to vetted defensive partners only. The company says it doesn't plan to make Mythos Preview generally available, but its eventual goal is to enable Mythos-class models to be deployed safely at scale once they've developed safeguards that can detect and block the most dangerous outputs. New safeguards are expected to ship with an upcoming Claude Opus model first.
Security professionals whose legitimate work is affected by these restrictions will be able to apply to an upcoming Cyber Verification Program.
The Bigger Picture And Why This Should Concern Everyone
Logan Graham, who leads Anthropic's frontier development team, framed it in stark terms: if you can functionally automate the ability to find and exploit software vulnerabilities and make those attacks cheap and fast, the world enters entirely new territory.
This announcement also lands during a complicated moment for Anthropic. The company is locked in a legal dispute with the U.S. Department of Defense after a $200 million contract was scrapped over disagreements about how the Pentagon could use Claude. Defense Secretary Pete Hegseth labeled Anthropic a "supply chain risk" after President Trump directed federal agencies to phase out the company's services. Anthropic filed two lawsuits challenging that designation. Meanwhile, the company is reportedly evaluating an IPO as early as October 2026, and just recently had to deal with an embarrassing incident where nearly 2,000 source code files were accidentally exposed through a Claude Code package update.
Despite all of that, Anthropic says it has been in ongoing discussions with U.S. government officials about Mythos Preview's offensive and defensive capabilities. The company is framing this in national security terms arguing that maintaining AI leadership is a strategic priority for the United States and its allies.
What Happens Next
Project Glasswing is designed as a long term effort, not a one-off announcement. Within 90 days, Anthropic will report publicly on what they've learned the vulnerabilities fixed, the improvements made, and the lessons that other organizations can apply. Partners will share information and best practices with each other, and Anthropic plans to collaborate with leading security organizations on practical recommendations for how security practices need to evolve in the AI era.
The areas they're targeting include vulnerability disclosure processes, software update workflows, open-source supply chain security, secure-by-design development practices, standards for regulated industries, and patching automation.
The honest reality is this: offensive AI capabilities are coming regardless of whether Anthropic releases this model or not. The company itself acknowledges that frontier AI capabilities will advance substantially over just the next few months. The question isn't whether these tools will exist it's whether defenders will have them first.
Project Glasswing is Anthropic's bet that giving defenders a head start is the best play available. Whether that head start is enough remains to be seen.
