Skip to main content
CybersecurityVulnerability Management

Anthropic Widens AI Vulnerability Detection to 200 Organizations

Diverse group of people collaborate in modern conference room with laptops and notepads.

Anthropic announced on June 2 that access to its most capable AI model has been extended to an additional 150 organizations under Project Glasswing.

Project Glasswing expands: who and how much

Project Glasswing — Anthropic's program that uses its Claude Mythos Preview model to find vulnerabilities in critical software — began with roughly 50 partners in April and has now grown by 150 more organizations, the company said. The new cohort spans more than 15 countries and includes sectors that were thinly represented at launch: power, water, healthcare, communications and hardware. Anthropic said many of the newly admitted partners are software vendors whose code is embedded in other organizations.

Claude Mythos Preview's reported output: more than 10,000 high- or critical-severity flaws

Anthropic reported that the original cohort has used Claude Mythos Preview to uncover more than 10,000 high- or critical-severity flaws. The company framed the expansion as a targeted reinforcement: it chose organizations whose codebases, it estimated, if breached could be catastrophic — for most, a major breach could affect more than 100 million people.

Why Anthropic widened the scope and its risk calculus

Anthropic said the expansion is preparatory. The firm expects that within six to 12 months rival developers may field models with comparable cyber capabilities and that such models could be released without safeguards against misuse. Anthropic also acknowledged that general access to Mythos-class models remains off the table, saying the safeguards needed to release one safely do not yet exist anywhere.

Discovery is outpacing the fix

Anthropic and independent commentators described a growing operational mismatch: while AI is accelerating vulnerability discovery, the final steps — verifying, disclosing and patching — are not keeping pace. Anthropic itself has said the bottleneck lies in verifying, disclosing and patching the vulnerabilities these models surface.

Jeff Williams, founder of OWASP and CTO of Contrast Security, summed the tension bluntly: "AI is turning vulnerability discovery into an industrial-scale activity, but most organizations still remediate at human speed." Williams added that finding more flaws does not make software safer unless organizations can validate, prioritize, fix and deploy at the same pace, and he suggested the greater opportunity is to apply AI to threat modeling and secure design rather than to a scan-and-patch cycle.

Gunter Ollmann, CTO of Cobalt, observed that automated tools such as SAST and DAST have limits and argued that pairing AI analysis with skilled human direction surfaces flaws conventional approaches miss. "The organizations that benefit most from these advances will be the ones that can rapidly validate, prioritize and remediate the issues being discovered before attackers find them first," Ollmann concluded.

What this means for technologists and security teams, policymakers and regulators, and affected enterprises

  • Technologists and security teams: Expect a larger intake of AI-identified findings to validate and prioritize. The public statements emphasize verification, disclosure and patching as the current chokepoints — teams will need processes that triage AI output rather than treat each finding as immediately actionable.
  • Policymakers and regulators: Anthropic's warning that comparable models could appear without safeguards within six to 12 months places a timeline on regulatory and standards conversations; Anthropic's own position that safe-release safeguards do not yet exist highlights a gap between capability and safe deployment.
  • Affected enterprises and procurement leaders: Organizations that incorporate third‑party embedded code should note Anthropic's rationale for selection — a single vulnerable codebase in these vendors can cascade. The company's estimate that a major breach could affect more than 100 million people for most chosen partners underscores scale risk in procurement and vendor management.

Anthropic's expansion of Project Glasswing amplifies an evident paradox: AI can find vulnerabilities at scale, but the defensive ecosystem — human teams, disclosure workflows, and patch deployment pipelines — remains rate-limited. The firm has opened a wider front with Claude Mythos Preview in anticipation of comparable capabilities appearing elsewhere, while also acknowledging that safe, general release of Mythos-class models is not yet possible. Whether the newly enlarged network of partners can turn large volumes of AI-discovered flaws into timely fixes will determine if the program reduces systemic risk or simply accelerates the discovery timeline ahead of remediation capability.

Original story