Anthropic allows partners to share Mythos cybersecurity findings beyond Project Glasswing
2 Sources
[1]
Anthropic to let partners share Mythos cybersecurity findings with others
May 18 (Reuters) - Anthropic said on Monday it is revising its earlier position to allow users of its Mythos cybersecurity model to share information about cyber threats with others who may be exposed to similar vulnerabilities. Mythos, announced on April 7, is being deployed as part of Anthropic's "Project Glasswing," a controlled initiative under which select organizations, including major tech firms such as Amazon (AMZN.O), opens new tab, Microsoft (MSFT.O), opens new tab, Nvidia (NVDA.O), opens new tab and Apple (AAPL.O), opens new tab, are permitted to use the unreleased Claude Mythos Preview model for defensive cybersecurity purposes. Mythos' capabilities to code at a high level have given it a potentially unprecedented ability to identify cybersecurity vulnerabilities and devise ways to exploit them, according to experts. Last week, Anthropic began telling partners that they are generally permitted to disclose their involvement in Glasswing and, at their own discretion, share findings, best practices, tools or code developed through the program. "We fully support our partners sharing findings with each other and companies outside of Glasswing to triage vulnerabilities," an Anthropic spokesperson said in a statement. "While there was never a specific Glasswing NDA, confidentiality protections were something partners asked for at the outset and were built into agreements partners signed." The protections were included in agreements with participating companies under which the model is provided, after partners sought assurances before sharing sensitive findings and expressed concern about being targeted by attackers. "As the program has matured, we've adapted them to ensure key information can be shared broadly - including outside the program - for maximum defensive impact," the spokesperson added. Anthropic said partners may share that information with security teams at other companies, industry bodies, regulators and government agencies, open-source maintainers, the media or the public, subject to responsible-disclosure norms. The Pentagon is deploying Mythos to find and patch software vulnerabilities across the U.S. government even as it races to complete a transition away from the AI company, the Defense Department's top technology official said last week. Reporting by Juby Babu in Mexico City; Editing by Shailesh Kuber Our Standards: The Thomson Reuters Trust Principles., opens new tab
[2]
Anthropic to let partners share Mythos cybersecurity findings with others
May 18 (Reuters) - Anthropic said on Monday it is revising its earlier position to allow users of its Mythos cybersecurity model to share information about cyber threats with others who may be exposed to similar vulnerabilities. Mythos, announced on April 7, is being deployed as part of Anthropic's "Project Glasswing," a controlled initiative under which select organizations, including major tech firms such as Amazon, Microsoft, Nvidia and Apple, are permitted to use the unreleased Claude Mythos Preview model for defensive cybersecurity purposes. Mythos' capabilities to code at a high level have given it a potentially unprecedented ability to identify cybersecurity vulnerabilities and devise ways to exploit them, according to experts. Last week, Anthropic began telling partners that they are generally permitted to disclose their involvement in Glasswing and, at their own discretion, share findings, best practices, tools or code developed through the program. "We fully support our partners sharing findings with each other and companies outside of Glasswing to triage vulnerabilities," an Anthropic spokesperson said in a statement. "While there was never a specific Glasswing NDA, confidentiality protections were something partners asked for at the outset and were built into agreements partners signed." The protections were included in agreements with participating companies under which the model is provided, after partners sought assurances before sharing sensitive findings and expressed concern about being targeted by attackers. "As the program has matured, we've adapted them to ensure key information can be shared broadly - including outside the program - for maximum defensive impact," the spokesperson added. Anthropic said partners may share that information with security teams at other companies, industry bodies, regulators and government agencies, open-source maintainers, the media or the public, subject to responsible-disclosure norms. The Pentagon is deploying Mythos to find and patch software vulnerabilities across the U.S. government even as it races to complete a transition away from the AI company, the Defense Department's top technology official said last week. (Reporting by Juby Babu in Mexico City; Editing by Shailesh Kuber)
Share
Copy Link
Anthropic has reversed its earlier confidentiality stance to allow Project Glasswing partners to share cybersecurity findings from its Mythos AI model. Major tech firms including Amazon, Microsoft, Nvidia, and Apple can now disclose vulnerabilities discovered through the program to security teams, regulators, and the public under responsible disclosure norms.
Anthropic Revises Policy on Mythos Cybersecurity Information Sharing
Anthropic announced on Monday a significant policy shift that allows users of its Mythos cybersecurity model to share cybersecurity findings with organizations facing similar vulnerabilities. The move marks a departure from earlier confidentiality restrictions that had governed the unreleased Claude Mythos Preview model since its April 7 announcement
1
. According to an Anthropic spokesperson, the company "fully support[s] our partners sharing findings with each other and companies outside of Glasswing to triage vulnerabilities"2
. This revision reflects the maturation of Project Glasswing and addresses the growing need for collaborative defense against cyber threats.
Source: Reuters
Project Glasswing Partners Gain Disclosure Flexibility
Project Glasswing operates as a controlled initiative where select organizations—including tech giants Amazon, Microsoft, Nvidia, and Apple—deploy the model for defensive cybersecurity purposes . Last week, Anthropic began informing partners they can now disclose their involvement in the program and, at their discretion, share findings, best practices, tools, or code developed through it. Partners may distribute this information to security teams at other companies, industry bodies, regulators, government agencies, open-source maintainers, the media, or the public, provided they follow responsible-disclosure norms
2
. The initial confidentiality protections were built into agreements after partners requested assurances before sharing sensitive findings and expressed concern about becoming targets for attackers.High-Level Coding Capabilities to Identify and Patch Vulnerabilities
Experts note that Mythos' capabilities to code at a high level give it a potentially unprecedented ability to identify cybersecurity vulnerabilities and devise ways to exploit them
1
. This advanced functionality positions the model as a powerful tool for organizations seeking to proactively identify and patch vulnerabilities before malicious actors can exploit them. The Pentagon has already begun deploying Mythos to find and patch software vulnerabilities across the U.S. government, even as it completes a transition away from the AI company, according to the Defense Department's top technology official2
. This government adoption signals confidence in the model's defensive capabilities despite ongoing organizational changes.Related Stories
Maximum Defensive Impact Through Broader Information Sharing
The policy adaptation aims to ensure key information can be shared broadly for "maximum defensive impact," as Anthropic's spokesperson explained
1
. While there was never a specific Glasswing non-disclosure agreement, confidentiality protections were incorporated into partner agreements at the program's outset. As the initiative has evolved, Anthropic recognized that limiting information sharing could hinder collective security efforts. The shift toward openness suggests that the benefits of collaborative threat intelligence outweigh concerns about exposing sensitive security research. Organizations participating in Project Glasswing can now contribute to a broader ecosystem of cyber defense, potentially accelerating the identification and remediation of vulnerabilities across multiple sectors. This approach aligns with industry trends favoring coordinated vulnerability disclosure and collective defense strategies against increasingly sophisticated cyber threats.References
Summarized by
Navi
[2]
Related Stories
OpenAI launches GPT-5.4-Cyber model days after Anthropic's Mythos sparks global security concerns
14 Apr 2026•Technology
GPT-5.5 matches Mythos in cybersecurity tests, challenging Anthropic's restricted release
30 Apr 2026•Technology
Microsoft embeds Anthropic Mythos into security framework to detect vulnerabilities faster
23 Apr 2026•Technology
Recent Highlights
Recent Highlights
Today's Top Stories
Don’t drown in AI news. We cut through the noise - filtering, ranking and summarizing the most important AI news, breakthroughs and research daily. Spend less time searching for the latest in AI and get straight to action.
