Anthropic Unveils Project Glasswing to Counter AI-Driven Cyber Threats
Key Points
- Anthropic launches Project Glasswing to defend critical software from AI-powered attacks.
- Claude Mythos Preview, an unreleased model, has identified thousands of vulnerabilities across major OS and browsers.
- Partners include AWS, Apple, Microsoft, Google, NVIDIA, Cisco, CrowdStrike, Palo Alto Networks, JPMorgan Chase and the Linux Foundation.
- The initiative follows Anthropic's dispute with the Pentagon over AI safety guardrails and a reported misuse of Claude against Mexican agencies.
- Project Glasswing aims to integrate AI findings into partners' security tools for faster detection and patching.
Anthropic announced Project Glasswing, a collaborative effort to safeguard critical software from AI-powered attacks. The initiative brings together tech giants such as Amazon Web Services, Apple, Microsoft, Google, and others, leveraging Anthropic's unreleased Claude Mythos Preview model. Anthropic says the model has already identified thousands of exploitable vulnerabilities across major operating systems and browsers. The move follows the company's recent clash with the U.S. Department of Defense over AI guardrails and a reported misuse of its Claude system against Mexican government agencies.
Anthropic rolled out Project Glasswing on Monday, positioning the program as a direct response to growing concerns that artificial intelligence could amplify cyber threats. The company will work with a roster of industry leaders—including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks—to secure the world’s most critical software against AI-driven exploits.
At the core of the effort is Claude Mythos Preview, an unreleased, general‑purpose model that Anthropic says has already uncovered thousands of vulnerabilities. "We’ve found exploitable bugs in every major operating system and web browser," a spokesperson told reporters. Partners will integrate the model into their own security tools, aiming to detect and patch weaknesses before malicious actors can weaponize them.
Project Glasswing partners
The coalition spans cloud providers, hardware manufacturers, security firms and financial institutions. Amazon Web Services and Microsoft will likely host the model’s computing workloads, while Apple and NVIDIA contribute expertise in hardware acceleration. Security specialists CrowdStrike and Palo Alto Networks are set to embed the findings into threat‑intelligence platforms, and the Linux Foundation will help standardize remediation practices across open‑source ecosystems. JPMorgan Chase’s involvement signals a focus on protecting financial systems, a sector historically targeted by sophisticated attacks.
Anthropic's security push amid controversy
Project Glasswing arrives amid a turbulent year for Anthropic. Earlier this year the company resisted a Pentagon request to remove safety guardrails from its services, prompting the Department of Defense to label Anthropic a "supply chain risk." The designation underscored tensions between rapid AI deployment and national‑security concerns.
Compounding the controversy, a hacker reportedly used Anthropic’s Claude model in February to breach multiple Mexican government agencies. While details remain sparse, the incident highlighted the dual‑use nature of powerful language models. Anthropic argues that the new initiative demonstrates its commitment to responsible AI development, shifting from defensive postures to proactive defense.
Industry observers note that the collaboration could set a precedent for how AI firms address security challenges. By pooling resources and sharing vulnerability data, the partners aim to stay ahead of threat actors who increasingly rely on AI to automate attack vectors. "If AI can find bugs faster than humans, we need AI to fix them faster," said a representative from CrowdStrike during the announcement.
Anthropic plans to make the findings from Claude Mythos Preview available to its partners on a rolling basis. The company also hinted at future extensions of Project Glasswing to cover emerging technologies such as IoT devices and edge computing platforms, though no timeline was provided.
Critics caution that the effort may not be sufficient to stem the tide of AI‑enabled cybercrime. They point to the rapid pace of model development and the ease with which malicious actors can obtain or replicate similar capabilities. Nonetheless, the alliance marks a notable step toward a coordinated defense strategy in an era where AI tools can both protect and threaten digital infrastructure.