Anthropic launched Project Glasswing, an initiative focused on defending global software infrastructure against AI-driven cyber threats, along with unveiling its AI model, Claude Mythos Preview.
Project Glasswing aims to harness the capabilities of Claude Mythos Preview, which has demonstrated advanced coding skills, surpassing most skilled human security experts. The model identifies and exploits software vulnerabilities, marking a significant evolution in cyber defense technology.
In initial tests, Claude Mythos Preview discovered thousands of high-severity, zero-day vulnerabilities across major operating systems and web browsers. Key detection successes include a 27-year-old vulnerability in OpenBSD, a 16-year-old flaw in FFmpeg that had survived five million automated tests, and multiple vulnerabilities in the Linux Kernel that allowed for escalated user access.
All identified vulnerabilities have been reported and patched by relevant developers. To prevent bad actors from exploiting this technology, Anthropic formed the Glasswing Coalition, with founding partners including Amazon Web Services, Apple, Google, Microsoft, NVIDIA, Broadcom, Cisco, CrowdStrike, Palo Alto Networks, JPMorganChase, and the Linux Foundation.
As part of its commitment, Anthropic is providing $100 million in usage credits for Mythos Preview to its partners and 40 additional organizations that maintain critical infrastructure, alongside a $4 million donation to open-source security organizations, including the Apache Software Foundation and OpenSSF.
Internal evaluations show significant improvements in performance metrics for Claude Mythos Preview. In the CyberGym benchmark, the model scored 83.1%, compared to 66.6% for the previous Claude Opus 4.6. On the SWE-bench Verified coding test, it achieved 93.9% accuracy, compared to 80.8% for its predecessor.
Anthropic will not make Claude Mythos Preview generally available due to potential risks. The model is intended for defensive security applications, including penetration testing and securing endpoints. The pricing structure for partners will be set at $25 per million input tokens and $125 per million output tokens via AWS Bedrock and Google Cloud’s Vertex AI.
The initiative includes a pledge to report public findings within 90 days. Anthropic is currently in discussions with the U.S. government about the national security implications of Claude Mythos Preview. Elia Zaitsev, CTO of CrowdStrike, highlighted the urgency of collaboration, noting, “The window between a vulnerability being discovered and being exploited has collapsed. That is not a reason to slow down; it’s a reason to move together, faster.”
