Anthropic Holds Back New Claude Model, Forms Project Glasswing to Tackle AI‑Driven Cyber Threats
Key Points
- Anthropic's Claude Mythos can locate and exploit software vulnerabilities at a level comparable to elite human researchers.
- The model will not be released publicly due to the risk of AI‑driven cyber attacks.
- Project Glasswing, a consortium of 40+ tech giants, will receive private access to Mythos for security testing.
- Anthropic commits $100 million in usage credits and $4 million in donations to open‑source security projects.
- Early partners report thousands of severe flaws uncovered in major operating systems and browsers.
- Industry leaders including Apple, AWS, Microsoft and Google are participating in the effort.
- Senator Mark Warner praised the initiative as a step toward protecting critical infrastructure.
Anthropic announced that its latest Claude model, dubbed Mythos, can locate and exploit software vulnerabilities at a level that rivals top human experts. Because the technology poses a significant security risk if released publicly, the company is restricting access to a select group of infrastructure providers through a new initiative called Project Glasswing. The consortium, which includes Apple, Amazon Web Services, Microsoft, Google and more than 40 other firms, will receive $100 million in usage credits and $4 million in donations to open‑source security projects. Anthropic says the partnership aims to shore up defenses before malicious actors can weaponize the model.
Anthropic, the AI firm behind the Claude series, revealed Tuesday that its newest model, Claude Mythos, is so adept at finding and exploiting software vulnerabilities that it will not be made available to the public. In a blog post, the company warned that the model’s coding capabilities now surpass all but the most skilled human researchers, raising the specter of AI‑driven cyber attacks.
To prevent the technology from falling into the wrong hands, Anthropic is rolling out a private access program named Project Glasswing. The effort brings together a coalition of more than 40 industry leaders, including Apple, Amazon Web Services, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks. Participants will receive early access to Mythos for the purpose of identifying and patching vulnerabilities across operating systems, browsers and cloud services.
Anthropic has pledged $100 million in usage credits for the consortium and an additional $4 million in donations to open‑source security organizations. "The dangers of getting this wrong are obvious, but if we get it right, there is a real opportunity to create a fundamentally more secure internet," CEO Dario Amodei wrote on X.
Early testers report that Mythos has already uncovered thousands of severe flaws in major platforms. "What we have found has been illuminating," Cisco’s chief security and trust officer Anthony Grieco said in a blog post. AWS’s vice‑president and chief information security officer Amy Herzog called the model "a step‑change in reasoning and AI capabilities for cybersecurity," noting that even its most rigorously vetted codebases yielded new weaknesses.
Security experts acknowledge that AI‑assisted vulnerability research is not new—DARPA’s Cyber Grand Challenge demonstrated the concept years ago—but the scale and accessibility of a model like Mythos marks a watershed moment. Norton’s threat intelligence director Michal Salát noted that while top‑tier models already possess similar abilities, Anthropic’s decision to limit release and mobilize a consortium is a proactive response to a rapidly evolving threat landscape.
Lawmakers are watching the development closely. Senator Mark Warner praised the initiative, saying the collaboration could help protect critical infrastructure as AI accelerates the discovery of new exploits. The senator, whose state hosts a growing number of AI data centers, has previously warned about the societal risks of unchecked AI development.
Project Glasswing’s success will hinge on how quickly member companies can translate Mythos‑found vulnerabilities into patches and updates. Anthropic believes the partnership can set a new standard for responsible AI deployment, balancing breakthrough capabilities with the imperative to safeguard digital systems worldwide.