Anthropic expands Claude Mythos access to 200 partners across critical infrastructure worldwide

Anthropic scales Claude Mythos to critical infrastructure in 15+ countries

Anthropic is expanding Project Glasswing, its joint industry initiative to find and fix critical software vulnerabilities using AI, to about 150 new organizations across more than 15 countries, the company said Tuesday. The news comes a day after Anthropic said it had filed confidentially for an initial public offering, following a $65 billion funding round at a nearly $1 trillion valuation. Anthropic's Claude Mythos is at the heart of Project Glasswing. The AI firm dubbed the model its most powerful yet, able to identify thousands of zero-day vulnerabilities over several weeks. In early April, Anthropic gave 50 initial partners, including the U.S. government, access to Claude Mythos Preview to scan their codebases for vulnerabilities and security flaws. The expanded list of organizations with access to Mythos as of today covers power, water, healthcare, communications, and hardware -- industries that weren't "well-represented" in Anthropic's initial cohort, the company said. Many who will now have access are companies or nonprofits that maintain codebases which other organizations and governments rely upon, Anthropic noted in a blog post. "What each partner has in common is that a successful attack on their codebase could be catastrophic," the company said. "For most partners, we estimate that a major attack could affect more than 100 million people, with important ramifications for both global and national security." The expanded group includes organizations in countries friendly to the U.S., including Australia, Canada, France, Germany, Italy, Switzerland, the Netherlands, Spain, Belgium, Sweden, India, Japan, New Zealand, and South Korea, according to The Financial Times, citing a person familiar with the matter. The FT also reported several organizations that have been given access to Mythos, including: U.S.-based identity and security management tool Okta; South Korean companies Samsung, SK Hynix, and SK Telecom; NATO, the U.S.-led military alliance headquartered in Brussels; and the EU's cyber security agency ENISA. TechCrunch has reached out to Anthropic to confirm. Anthropic has said it expects other AI companies to soon develop models as capable as Mythos Preview, which is why the firm is racing to establish safeguards within Project Glasswing. Since releasing Mythos, rival OpenAI released its own cybersecurity-focused model GPT-5.5-Cyber, which it has rolled out to a large group of partners for testing.

UK banks offered access to OpenAI's GPT-5.5 amid exclusion from Anthropic's Glasswing expansion

UK banks are set to receive access to OpenAI's GPT-5.5 Cyber after being excluded from Anthropic's latest expansion of Project Glasswing. Project Glasswing, and access to the Mythos Preview model, is geared toward ensuring critical infrastructure providers are prepared to handle the threat posed by advanced AI models, once they inevitably make their way into the public domain, and therefore the hands of attackers. However, amid a fourfold expansion of Glasswing's partners, only JPMorganChase was named among the financial institutions to receive access to Mythos Preview, despite financial services falling under the critical infrastructure umbrella. In light of the news, HSBC, Lloyds Banking Group, and Nationwide will be among the banks to receive access to GPT-5.5 Cyber, the BBC reported, while NatWest and Santander have already been playing with it as part of separate agreements. OpenAI offered nine UK banks access to its Mythos-rival model in total, after they were snubbed from Glasswing. It is not clear if this number also includes the Bank of England, whose governor, Andrew Bailey, has been outspoken about its exclusion from Glasswing. Bailey told Bloomberg TV last week that despite pushing for access so the UK's financial system is protected, Anthropic has not handed over the keys to Mythos Preview. Liam Salsi, director of architecture at Talion, told The Register he suspects the decision to exclude UK banks was political. Bailey had also previously alluded to suspicions that Anthropic had not yet granted access to Mythos Preview due to processes at play related to the US administration. "The US government wants to control who has access to the platform and this is largely because it will limit the chances of it falling into the wrong hands," said Salsi. "However, limiting access will ultimately leave some banks more exposed to cyber threats and could impact their vulnerability management, leaving larger windows of opportunities for attackers. "It's hopeful these gaps won't exist for too long because of competition among Advanced AI platforms. GPT-5.5 was issued only a few weeks after Mythos, and it's safe to assume more advanced AI platforms will surface soon, closing gaps and delivering more of these systems to a larger pool of critical organizations." He added that it could also introduce a single point of failure in the global banking sector if every institution were using the same product. Anthropic has not commented publicly on its approach regarding which financial institutions receive Mythos access, although it's not just financiers who are pondering the company's decision-making. It transpired this week that the EU's cybersecurity agency, ENISA, will receive access to Mythos Preview, while the US equivalent, CISA, is yet to be selected. Glasswing goes big In other news, Anthropic said on Tuesday it is looking to induct many more organizations into its Project Glasswing initiative, taking the total number of members from around 50 to 200. The additional 150 or so organizations hail from 15 different countries and will join the old guard, comprised of security shops and other tech giants, government agencies, and open-source maintainers. It has not named these organizations officially, although reports suggest that South Korea is among the 15 countries, and its science ministry, Samsung, SK Hynix, and SK Telecom are among the new inductees. Project Glasswing is something of a private members' club - a carefully selected cohort of organizations with early access to Anthropic's most advanced Mythos Preview model, the one the company claims will fundamentally alter the cybersecurity landscape. The cynics among us may see such claims as an extension of Anthropic's marketing playbook, which some believe involves stoking excitement about a product through fear. When the AI biz announced Mythos in April, it did so by dubbing it too dangerous to unleash on the public. It was billed as an expert bug hunter and zero-day specialist, capable of finding vulnerabilities in code far more efficiently than humans. The oft-touted nugget from launch was the 27-year-old OpenBSD bug Mythos found during initial testing, but there were many more zero-days and other critical vulnerabilities - novel ones - Anthropic said its model was able to unearth. Those who have tinkered with Mythos Preview already report mixed results. Cloudflare CISO Grant Bourzikas wrote in May that the model represented "a real step forward," and was able to find a series of low-severity bugs and chain them into working exploits. Others, such as cURL's Daniel Stenberg, called Mythos Preview "an amazingly successful marketing stunt," after it found just one vulnerability in the data transfer software. Likewise, security expert Kevin Beaumont said the model "is not great," and "it's marketing, essentially." He said Mythos Preview was good at finding bugs in vibe-coded applications, but aside from that, it was not discovering much beyond what the models of yesteryear were capable of. Regarding the new intake of Glasswing partners, Anthropic but said each would have to pass its own security requirements before being granted access to Mythos Preview. It also said the new organizations brought into the fold all managed critical infrastructure services, and a successful attack on their systems could be "catastrophic." "For most partners, we estimate that a major attack could affect more than 100 million people, with important ramifications for both global and national security," the company said on Tuesday. "This expansion is the next step toward our long-term goals: for AI to make all software more secure, and for us to help the industry adjust to how AI could change many of the core assumptions of cybersecurity." The big when? As for when the Mythos model will be made available to the wider public, Anthropic has kept that largely under wraps, but don't expect it to be anytime soon. In its latest Glasswing announcement, the company said the safeguards required to prevent abuse are not yet available. "We're working as quickly as we can to safely release Mythos-level capabilities in general access," it stated. "To do so, we'll need highly robust safeguards that prevent the model's cyber capabilities from being misused - safeguards that we (and, to our knowledge, all other AI developers) have yet to develop. "Because cybersecurity has both helpful and destructive uses, making safeguards that are both strong and precise enough is a major challenge." Anthropic may face some tough decisions in the next year, however, as by its own reckoning other AI companies will produce Mythos-level capabilities within their own models inside 6-12 months. Confusingly, it also said on Friday that it would be releasing Mythos-class models to all customers in the coming weeks. Anthropic said it will expand Glasswing further before Mythos is more widely launched, bringing in more critical infrastructure orgs, open-source maintainers, and safety testers. "We intend for future expansions to cover organizations in the US and overseas, just as this one does. We also intend to scale up our Cyber Verification Program, which would grant Mythos-class capabilities to many more organizations for specific cyberdefense tasks." ®

Anthropic Mythos access to quadruple to about 200 Glasswing partners

SAN FRANCISCO, June 2 (Reuters) - Anthropic on Tuesday said it was planning a wider rollout of its artificial intelligence that has caught the attention of government and financial institutions around the world for its ability to find software vulnerabilities. Project Glasswing, Anthropic's partnership of around 50 organizations using its AI to secure software, is expanding to roughly 200, the San Francisco-based startup said. Each member must meet certain security requirements before accessing Anthropic's powerful AI called Claude Mythos Preview, it said. Anthropic collaborated with the U.S. government, existing Glasswing partners and others in the security industry on the ⁠rollout, it said. The news comes a day after Anthropic filed confidentially for what could be one of the biggest initial public offerings ever, culminating a frenzy of business and government interest in its AI. Its April Mythos Preview announcement sowed panic that AI could hack software that was not first buttoned up, thanks to Anthropic's technology, which can surface ways to stitch together and exploit small bugs. U.S. Treasury Secretary Scott Bessent and then-Federal Reserve Chair Jerome Powell convened an urgent meeting with bank CEOs to warn of the risks, while financial institutions pushed for access and raced to plug holes. Anthropic said its partners have found more than 10,000 security flaws they considered highly or critically severe, though some industry experts have said fears of unfettered hacking have been overstated. GOLDMAN SACHS: MORE ⁠INFORMATION, GUARDRAILS KEY Goldman Sachs CEO David Solomon said at an economic event on Tuesday that information about these models should be shared more broadly among companies, while emphasizing the need for guardrails, as open-source models can quickly do the same things. "They're very, very powerful models," he said. "What I can say is that a large group of companies are doing a lot of testing. It's also important that the ⁠information is shared more broadly so other companies and the economy can learn." Goldman is among the banks testing Mythos. Anthropic declined to name the organizations it is bringing into the fold. However, it said its new Glasswing partners are based in more than 15 countries and boost defenses ⁠in the healthcare, power, water, communications and hardware industries. The expansion includes government organizations, an Anthropic spokesperson said. A big attack on partner organizations could affect more than 100 million people, Anthropic estimated. Project Glasswing aims to bolster such software infrastructure before ⁠AI this powerful is widely available from other providers, a prospect that is no more than six to 12 months away, Anthropic said. The startup has also said it aims to bring Mythos-class models to all its customers, with additional safeguards, in the coming weeks. Reporting by Jeffrey Dastin in San Francisco; Editing by Stephen Coates and Rod Nickel Our Standards: The Thomson Reuters Trust Principles., opens new tab * Suggested Topics: * Cybersecurity Jeffrey Dastin Thomson Reuters Jeffrey Dastin is a correspondent for Reuters based in San Francisco, where he reports on the technology industry and artificial intelligence. He joined Reuters in 2014, originally writing about airlines and travel from the New York bureau. Dastin graduated from Yale University with a degree in history. He was part of a team that examined lobbying by Amazon.com around the world, for which he won a SOPA Award in 2022.

Anthropic offers EU access to Mythos

Simply sign up to the Artificial intelligence myFT Digest -- delivered directly to your inbox. Anthropic has offered the EU access to its Mythos artificial intelligence model, in the first instance of expanded access to the highly capable cyber security software outside the US and the UK. A spokesperson for the EU's cyber security agency Enisa confirmed it was in talks to use the model, a development that was first reported by Bloomberg. "It's been offered but the conditions are still being agreed," the spokesperson said. European Commission officials visited San Francisco last week to negotiate with the company about joining its so-called Project Glasswing -- an industry coalition of mainly US companies that have been using it since early April to find and patch security vulnerabilities in their systems. "I can confirm that the Commission had several productive meetings with Anthropic. We welcome the latest developments on potential future access," European Commission spokesperson Thomas Regnier said on Monday. "This is the result of the Commission's strong bilateral co-operation and engagement with Anthropic," he said, adding that "this latest development is of utmost importance to get a clear picture of the potential risks". The exact conditions for the EU's access to Anthropic's program still need to be defined, including how much access the US company would gain to the bloc's own systems while using Mythos, according to people familiar with the discussions. Anthropic declined to comment. Earlier this year, Anthropic chief executive Dario Amodei told the FT that the company was keen to share Mythos with US-allied governments. "We're excited for the US government . . . and the governments of all our allies to use this technology to defend Ukraine, to defend Taiwan, to defend democracies under attack," Amodei said in April. "But I don't want them turned on our own people or used for undemocratic ends, whether by autocracies or our own governments." Anthropic initially limited the release of Claude Mythos Preview to a small group of companies considered part of critical infrastructure, due to its advanced cyber capabilities and the potential for it to be used as a weapon for cyber attacks. These included tech companies such as Microsoft and Apple, banks including JPMorgan, and cyber security groups such as CrowdStrike, among others. The company has been working closely with the US government on testing and deploying the model internally with national security and other sensitive departments. Outside the US, the UK government is the only known entity to have gained access via the government's AI Security Institute, which evaluated it prior to its rollout. Last week Anthropic said it was working on releasing Mythos to all its customers. "Models of this capability level require stronger cyber safeguards before they can be generally released," the company said in a statement. "We're making swift progress on developing these safeguards and expect to be able to bring Mythos-class models to all our customers in the coming weeks." Additional reporting by Paola Tamma in Brussels

Anthropic expands its Claude Mythos preview to more partners - Engadget

The company has invited approximately 150 more organizations to Project Glasswing. When Anthropic announced Claude Mythos at the start of April, the company didn't release the new frontier model to the public. Instead, it a made a preview available to select organizations through an effort it called Project Glasswing. "We formed Project Glasswing because of capabilities we've observed in a new frontier model trained by Anthropic that we believe could reshape cybersecurity," the company wrote at the time. "AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities." Anthropic announced Project Glasswing alongside nearly 50 partners, including Apple, Amazon, Broadcom, CrowdStrike, Microsoft and NVIDIA. Today, the company is inviting another 150 organizations to the effort. Anthropic says the invitees are based in more than 15 countries and hail from industries that weren't well-represented in Glasswing's original cohort. Think: public utilities like power, water and telecom companies, as well as healthcare providers. Each organization will need to pass Anthropic's security requirements before they're granted access to Claude Mythos. "What each partner has in common is that a successful attack on their codebase could be catastrophic," the company notes. "For most partners, we estimate that a major attack could affect more than 100 million people, with important ramifications for both global and national security." Anthropic says it's working "as quickly as we can to safely release Mythos-level capabilities" to the public, but adds it won't make the model widely available until it implements "highly robust safeguards" to prevent potential misuse of its cyber capabilities. In May, the announcement of Claude Mythos appeared to make the Trump administration rethink its stance on AI regulation. The president was expected to sign an executive order that would have established a process by which the federal government would have had the means to share information about software vulnerabilities identified by AI systems with critical institutions before those models were made publicly available. However, the signing ceremony was reportedly postponed at the last minute due to objections from Trump himself and the tech industry.

Anthropic to offer EU access to its advanced Mythos model

Anthropic is sharing access to its most advanced AI model Mythos with the EU after the region sought access over months due to cybersecurity concerns. The European Commission confirmed to CNBC on Monday that it had "several productive meetings" with the American AI firm and official terms and conditions of the deal are not yet clear. "We welcome the latest developments on potential future access," EU tech sovereignty spokesperson Thomas Regnier said in emailed statements, adding that the bloc aims to get a clearer idea of the potential risks that the technology poses. Anthropic initially rolled out Mythos to a limited number of companies in April as part of Anthropic's cybersecurity venture Project Glasswing, with the model excelling at identifying security flaws and weaknesses in software. The launch prompted a wave of concern over cybersecurity threats from bad actors. "Let's not forget that Mythos is not one off, a new wave of powerful models are coming to the market," Regnier said. "This is a shared challenge, and we are intensifying our discussions with like-minded partners, including the United States." Anthropic did not immediately respond to CNBC's request for comment.

Anthropic Lets Claude Mythos Spread Its Glasswings

Anthropic, fresh off becoming the most valued frontier AI lab in the game and announcing plans for its initial public offering, has expanded access to Claude Mythos Preview, its model that would supposedly destroy the very concept of cybersecurity as we know it if released in the wild. According to the company, it is expanding access to the model via its Project Glasswing initiative, making it available to 150 new organizations across 15 countries. Per Anthropic, its new partner organizations include those in the power, water, healthcare, communications, and hardware industries. Many are vendors that "maintain codebases that are relied upon by lots of other organizations around the world, including governments." They also are potential targets for "catastrophic" cyberattacks. By Anthropic's math, a major cyberattack against any of them could impact more than 100 million people and have ramifications for national and global security. Their access to Claude Mythos Preview will be the same as past partners: They'll get to use the model in a limited capacity to test and identify security vulnerabilities so they can be patched and addressed before being exploited by hackers or other models for malicious purposes. Mythos remains a bit of a mystery to those who aren't part of the in-group (makes its name fitting!), but we have gotten a couple of peeks at the model and how it's being used. Cloudflare, for instance, shared that Mythos Preview was particularly adept at exploit chain construction, which is basically spotting how several bugs can be used to create a series of attacks that do more damage than a single exploited flaw. But Anthropic also revealed that Mythos isn't necessarily ready for primetime, which might also be part of why it's actually keeping it to such a small and controlled base of users. It found that the model's organic safeguards (i.e., what requests it will say "no" to) were inconsistent and could change after seemingly unrelated changes. It also found that while Mythos Preview is good at spotting vulnerabilities, it's not nearly as equipped to patch them. The company found that letting the model write its own patches would typically result in breaking another part of the codebase in the process. Cloudflare also noted that other models found a lot of the same bugs as Mythos -- an observation that has been made elsewhere. A security company called Aisle tested several small, open-source models and was able to find the same vulnerabilities that Anthropic highlighted when it announced Mythos -- vulnerabilities that went unnoticed by humans for decades. That's not to say that Mythos Preview isn't a step up from other models, but it does make Project Glasswing and the slow rollout feel more like a marketing gimmick than a true safety precaution. Some cybersecurity experts suggested to the New York Times that keeping the model under lock and key doesn't actually solve the problem of widespread security vulnerabilities -- it just gives a handful of players a head start. It also has the added effect (and benefit to Anthropic) of making it extremely hard to evaluate Mythos Preview if you aren't one of the few organizations with access. It's a modern version of "security through obscurity," a method that is widely derided in modern cybersecurity practices. But it seems Anthropic's plan for now is to see just how high it can build the walls of its black box.

Anthropic gives EU cybersecurity agency ENISA access to Mythos AI

Anthropic will give ENISA, the EU's cybersecurity agency, access to its Mythos AI model through Project Glasswing, making it the first EU institution to access the system that discovered 10,000+ zero-day vulnerabilities. The decision ends weeks of contentious negotiations. Anthropic has agreed to give the European Union's cybersecurity agency, ENISA, access to Claude Mythos, the AI model that has autonomously discovered more than 10,000 high- and critical-severity zero-day vulnerabilities across every major operating system and web browser. The decision, communicated to the European Commission over the weekend, makes ENISA the first EU institution to join Project Glasswing, Anthropic's controlled-access cybersecurity initiative. The move ends a weeks-long standoff that had become one of the most visible flashpoints in the transatlantic AI relationship. Euro-area finance ministers, the European Central Bank, and multiple EU member states had demanded access after learning that Mythos had found vulnerabilities in systems that European banks, governments, and critical infrastructure providers rely on daily, while no European institution could see the findings. What Mythos can do Mythos is not a conventional cybersecurity tool. Launched in April 2026 as Claude Mythos Preview, the model can autonomously identify security flaws in complex codebases, generate working exploits on the first attempt in more than 83% of cases, and execute attack simulations that would traditionally require teams of human researchers working for months. In its first month inside Project Glasswing, the model discovered over 10,000 zero-day vulnerabilities across the world's most critical software. Anthropic partnered with more than 50 major technology organisations, including Microsoft, Apple, Google, and Cloudflare, to deploy Mythos against highly targeted codebases. The model's strength in cybersecurity is a direct result of its broader capability: an AI system that can deeply understand and modify complex software is also one that can find and fix its vulnerabilities. Until now, access has been restricted to approximately 40 vetted US companies and select government entities, plus recent access granted to UK financial institutions. OpenAI has launched its own competing initiative, Daybreak, aimed at finding software vulnerabilities and generating patches, but Mythos remains the benchmark after its unprecedented zero-day discovery rate. The negotiations The path to EU access was contentious. Anthropic and the Commission held four to five meetings starting shortly after Mythos was announced, but progress stalled. Commission officials flew to San Francisco last week to press the case in person. An ENISA spokesperson told reporters, "It's been offered but the conditions are still being agreed," confirming that the decision to grant access had been made but the specific terms remained under negotiation. The sticking points have not been disclosed publicly but are likely to include data sovereignty provisions, restrictions on how findings can be shared with EU member states, and the scope of systems ENISA will be permitted to test. The standoff had already prompted BNP Paribas and Mistral to begin developing a European alternative, an effort that will continue regardless of ENISA's access to the original. Why it matters The Mythos access crisis exposed a structural vulnerability in Europe's digital security posture. The EU AI Act, which enters full enforcement in August 2026, regulates how AI models can be deployed within Europe. But it has no mechanism to compel an American company to share its most powerful model with European regulators, regardless of how consequential the model's findings are for European security. The 10,000-plus zero-day vulnerabilities Mythos has identified include flaws in software that runs European banking systems, government networks, and critical infrastructure. Every day that European security agencies could not see those findings was a day they could not assess whether their own systems were affected or begin remediation. The ECB convened euro-area banks to discuss the cybersecurity implications after learning that Mythos had found vulnerabilities in financial software widely used across the eurozone. That pressure, combined with the finance ministers' demand and the Commission's direct engagement, appears to have shifted Anthropic's position. What comes next ENISA joining Project Glasswing does not resolve the broader issue. EU member states will want their own national cybersecurity agencies to access Mythos findings, and the financial sector will push for direct access rather than relying on ENISA as an intermediary. The episode has reinforced European concerns about dependency on American AI infrastructure for critical security functions, an argument that will strengthen the case for sovereign AI capabilities in cybersecurity. Anthropic's Mythos is priced at $25 per million input tokens and $125 per million output tokens for Glasswing participants, accessible via the Claude API, Amazon Bedrock, Google Cloud Vertex AI, and Microsoft Foundry. Whether ENISA's access will be on commercial terms or under a government-to-government arrangement is among the details still being finalised. The European Commission confirmed it had "several productive meetings" with Anthropic, but declined to elaborate on the terms.

EU seeks to 'intensify' talks with U.S. on advanced cyber AI models, official tells CNBC, amid Mythos concerns

The White House says it's working closely with AI labs to strike a balance between innovation and safety, as the U.S. seeks to preserve its lead over China in the global AI race. The European Union is looking to "intensify" discussions with the U.S. administration on the most advanced AI models, including those with "cyber capabilities," a Commission official told CNBC. Anthropic's powerful Mythos model, announced in April, sent governments and businesses into a frenzy, prompting a wave of concerns about AI-powered cyberattacks. That same month, the Wall Street Journal reported that the White House opposed Anthropic's plan to expand access to its powerful Mythos model. The White House says it's working closely with AI labs to strike a balance between innovation and safety, as the U.S. seeks to preserve its lead over China in the global AI race. Anthropic initially rolled out the model to a select group of companies and organisations in preview as part of an initiative called Project Glasswing. But the AI lab has yet to grant the EU, its AI office or any government organizations outside of the U.S., aside from the U.K.'s AI Security Institute, preview access to review it. The WSJ reported that Anthropic had proposed letting roughly 70 additional companies and organizations use Mythos, with administration officials opposing the move because of security concerns. "Cybersecurity is a shared priority and we have agreed to mutually recognise our respective standards in this area," Thomas Regnier, Commission spokesperson, told CNBC, referring to talks between the Commission and the U.S. administration. "In parallel we are now expanding technical discussions with Anthropic and other model developers which have notified their latest models to the AI office."

Anthropic expands Glasswing as it promises public Claude Mythos-class model releases

Anthropic unveiled its Claude Mythos AI model in April, only sharing access with select partners like Apple. The controlled release is part of Anthropic's Project Glasswing cybersecurity initiative. Now Anthropic says it's sharing Claude Mythos access with more partners in more countries. Meanwhile, the company says Mythos-class models will be available to all customers in a matter of weeks. Project Glasswing is growing ahead of Mythos-class model releases Anthropic announced that its Project Glasswing cybersecurity effort is expanding, one day after publicly sharing plans to become a public company later this year. "Following several weeks of close collaboration with our Project Glasswing partners, the security industry, open-source software maintainers, and the US government, we're extending the partnership to approximately 150 new organizations," Anthropic says. "Each one will need to meet our security requirements before they gain access." Per the Financial Times, the expansion reportedly now includes Samsung and NATO. Anthropic adds that Project Glasswing now includes partners in over 15 countries. Companies responsible for communications and hardware are better represented in the expanded effort, Anthropic adds. Today's planned expansion will bring Project Glasswing's partner list to around 200 organizations. Meanwhile, Anthropic shared last week as part of its Claude Opus 4.8 model introduction that it plans to release "Mythos-class models" to all customers soon. "Models of this capability level require stronger cyber safeguards before they can be generally released, " Anthropic shared last week. "We're making swift progress on developing these safeguards and expect to be able to bring Mythos-class models to all our customers in the coming weeks."

EU to talk with Anthropic over access to Mythos AI Model

The European Commission is sending representatives to San Francisco * The European Commission is lobbying to secure Mythos Preview access for EU firms * US officials recently blocked wider distribution citing security risks * Mythos Preview can surface decades‑old vulnerabilities and generate exploits at speed The European Commission (EC) is trying to secure access to Anthropic's AI model Mythos Preview for European companies and is sending emissaries across the pond to try and lobby for that outcome. Citing anonymous sources familiar with the matter, Bloomberg said that the EC is sending a few officials to San Francisco this week to meet with the representatives of Anthropic PBC to learn more about the tool, and to try and make it available to the bloc. The publication says the EU has been pushing for access ever since Anthropic first disclosed Project Glasswing, looking to test its networks, as well as those of EU banks, critical infrastructure firms, and tech companies. Apparently, Anthropic is also eager to expand the number of organizations that are part of the trial phase but is being held back by the US government. Project Glasswing is important "White House officials recently rejected Anthropic's plans to distribute Mythos to several dozen additional companies and organizations, citing security concerns," the publication wrote. At the same time, French ministers have been "demanding" access for EU banks and companies, it was also said, and in early May, Eurogroup President Kyriakos Pierrakakis stressed how important Mythos is: "I don't think we have the luxury of not trying to establish channels of communication with the US." Pierrakakis said. "The challenge here is that technologies like AI necessitate international governance frameworks at a moment when multilateralism is challenged." Anthropic's announcement of the Mythos Preview model shook the entire cybersecurity industry. Apparently, the tool can easily surface decades-old vulnerabilities in fully patched systems and programs and use them to create working exploits. The AI was deemed too dangerous to be shared with the public and was instead given to a handful of key organizations (banks, critical infrastructure firms, and similar) so that they may secure their products before bad actors get their hands on the tool. Via Bloomberg Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Anthropic Expands Access to Claude Mythos After AI Giant Files for IPO

Researchers and government agencies continue to scrutinize the model's ability to identify vulnerabilities and conduct complex cyber operations. Anthropic is expanding access to its Claude Mythos AI model through Project Glasswing, a program meant to let tech and security firms and governments discover and fix bugs and potential exploits before the powerful model is publicly released. In a blog post on Tuesday, Anthropic said it is adding roughly 150 organizations to its controlled program as the company prepares for a broader release of the controversial model. The expansion comes after Anthropic said it expects to bring Mythos-class models to customers "in the coming weeks" once it completes additional safeguards. The news also comes as Anthropic prepares to go public after confidentially filing for an IPO on Monday with the U.S. Securities and Exchange Commission. "Following several weeks of close collaboration with our Project Glasswing partners, the security industry, open-source software maintainers, and the U.S. government, we're extending the partnership to approximately 150 new organizations," Anthropic wrote. "Each one will need to meet our security requirements before they gain access." The latest Project Glasswing expansion adds organizations from critical infrastructure sectors, including power, water, healthcare, communications, and hardware. Anthropic said many of the new organizations maintain software used by governments and hundreds of millions of people. "What each partner has in common is that a successful attack on their codebase could be catastrophic," Anthropic wrote. "For most partners, we estimate that a major attack could affect more than 100 million people, with important ramifications for both global and national security." Claude Mythos emerged publicly in March after draft Anthropic materials leaked online. According to Anthropic, organizations that previously received access have already used Mythos Preview to identify more than 10,000 high or critical-severity software vulnerabilities. Partners are also using the model to write patches, conduct security reviews, and test software before release. The model's capabilities have raised concerns among researchers and government agencies that increasingly capable AI systems could make cyberattacks easier to execute. The U.K. AI Security Institute reported that Mythos autonomously completed a 32-step simulated corporate network attack during testing. Mozilla said the model identified 271 vulnerabilities that it fixed in the Firefox web browser, while security startup Calif claimed a preview version helped researchers develop an exploit chain targeting Apple's M5 computer chips. Anthropic said it is expanding access to Mythos because it believes defenders need increasingly capable AI tools before attackers gain similar capabilities. The company said it expects other developers to release Mythos-class models within six to 12 months, potentially without comparable safeguards, raising the prospect of more frequent and less predictable cyberattacks. "In the future, frontier model releases will become increasingly high-stakes. Capabilities will continue to improve across all domains, including many that -- like cybersecurity -- can empower attackers and defenders alike," Anthropic wrote. "If we're successful, we hope to enable a permanent advantage for defenders." Anthropic did not immediately respond to a request for comment by Decrypt. With the expanded private access, users on Myriad -- a prediction market platform operated by Decrypt's parent company, Dastan -- are losing confidence that Claude Mythos will be released to the public by the end of June. They pencil in just a 26.5% chance as of this writing, down from a peak of 58.5% last week.

Anthropic widens Mythos testing despite warnings of mass cyberattacks

Anthropic is expanding access to Mythos, its powerful cybersecurity model, to 150 new partners across more than 15 countries even as the company warns that a successful attack on any of their systems could affect more than 100 million people. Anthropic is expanding testing of Mythos, its latest cybersecurity model, by bringing in around 150 additional partners. The company, seen as the main rival to OpenAI's ChatGPT, announced in April that it was launching Mythos, a model it said "has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser." Mythos was initially restricted to 50 initial partners who had access to the preview model under the so-called "Project Glasswing" and, according to Anthropic, have used it to find more than 10,000 high or critical security flaws. Now, the project includes organisations from more than 15 countries and covers many industries, including power, water, healthcare, communications and hardware, the company said. "What each partner has in common is that a successful attack on their codebase could be catastrophic," the company said, estimating that a cyberattack would affect more than 100 million people for most of their new partner organisations. One potential customer is the European Commission, which confirmed to US media that Anthropic had approached it to use Mythos. Euronews Next is working to independently confirm this. The company is expanding their programme because it estimates that in the next year, more AI companies will have similarly powerful models and "could release them without safeguards that prevent misuse." "In that world, cyberattacks could occur much more often, and in much more unpredictable forms," the company wrote. The expansion of Project Glasswing comes just a day after Anthropic filed confidentially for an initial public offering. The company also recently received $65 billion (€59bn) in funding and is now worth nearly $1 trillion (€878bn).

Anthropic invites 150 more organizations into Project Glasswing

Anthropic invited approximately 150 more organizations to participate in Project Glasswing, which provides access to its new model, Claude Mythos. Previously, the model was available only to select organizations since its announcement in early April. Project Glasswing aims to leverage the capabilities of Claude Mythos, with Anthropic stating that AI models have reached a level where they can detect and exploit software vulnerabilities at a higher level than most skilled human engineers. The initial announcement saw nearly 50 partners, including major companies like Apple, Amazon, Broadcom, CrowdStrike, Microsoft, and NVIDIA. The newly invited organizations come from over 15 countries and include sectors such as public utilities and healthcare, which were not well represented in the initial group. However, they must meet Anthropic's security requirements before gaining access to Claude Mythos. Anthropic highlighted the potential catastrophic impact of successful cyber-attacks on its partners' codebases, estimating that a major attack could affect over 100 million people, with significant implications for both global and national security. The company indicated it is working to release Mythos capabilities to the public but stated that it would implement "highly robust safeguards" to prevent misuse beforehand. In May, the announcement of Claude Mythos influenced a reconsideration of AI regulation by the Trump administration, which was anticipated to sign an executive order aimed at facilitating the sharing of AI-identified software vulnerabilities with critical institutions. However, the signing was postponed due to objections from Trump and the tech industry.

Anthropic expands access to powerful Mythos AI model

Anthropic has opened access to its new AI model, Mythos, to 150 organisations worldwide. This powerful AI can rapidly find computer security flaws. Early tests revealed thousands of vulnerabilities. Now, groups from over 15 countries, including critical infrastructure sectors, are joining the program. This move aims to proactively address potential cyber threats before they can be exploited. Anthropic on Tuesday gave approximately 150 organisations around the world access to Mythos, its powerful new AI model whose rapid ability to identify weaknesses in computer security that has sparked global concern. The California AI company had initially restricted access to Mythos in early April, after tests showed the model was extraordinarily good at finding security holes in software code - identifying thousands of them in a short period of time. At first, only around 50 partners - mostly US companies - were brought into the program called Project Glasswing to test the model's powers before it could be weaponized by hackers. Among them were major tech companies including Amazon, Google, Nvidia, Apple and Microsoft, along with cybersecurity firms CrowdStrike and Palo Alto Networks. By late May, those early partners had already used Mythos to uncover more than 10,000 serious security weaknesses that hackers could exploit to cause real damage. Now Anthropic is opening the program to groups from more than 15 countries. Most of them run software that millions of other organisations - including governments - depend on every day. A successful cyberattack on any one of them, Anthropic says, could affect "more than 100 million people, with important ramifications for both global and national security." The new participants cover industries that were missing from the original group, including power grids, water systems, hospitals, phone networks and hardware manufacturers. The company declined to name the new partners. When Project Glasswing launched, some critics accused Anthropic of overhyping the threat to generate attention. The company, which is also behind the popular Claude chatbot, announced on Monday that it had filed confidentially for an initial public offering (IPO). But companies that have tested Mythos have since backed up its capabilities, with the US government, which had been in a legal dispute with Anthropic, eventually testing the model over security concerns. Some observers link that government shift to a broader policy change from the Trump administration, which struck deals with Google, Microsoft and Elon Musk's xAI in early May to have their most powerful AI models reviewed for safety before going on sale. A presidential order to make that policy official was drafted but then put on hold after disagreements inside the White House. On Monday, a European Commission spokesperson confirmed to AFP that Anthropic had invited ENISA - the European Union's cybersecurity agency - to join Project Glasswing.

EU has had productive meetings with Anthropic over possible future access to Mythos

The European Commission has held productive discussions with Anthropic concerning future access to its Mythos AI product. The EU's cybersecurity agency, ENISA, is expected to gain access to Mythos. This AI tool is designed to identify vulnerabilities in computer code, enhancing defenses against cyberattacks. Initial concerns about the tool enabling attacks appear to be overstated. The European Commission has had several productive meetings with Anthropic regarding possible future access for EU bodies to Anthropic's Mythos AI product, it said ⁠on Monday. ⁠The EU was responding after Bloomberg News reported earlier that Anthropic was set to give the EU's cybersecurity agency access to Mythos. Designed to find flaws in ⁠computer code to help bolster defences against cyberattacks, Mythos was ⁠initially seen by some cybersecurity experts as enabling attacks on the technology systems it aims to protect, although such fears now seem overstated. "I can confirm that the Commission had several productive meetings with Anthropic. We welcome the latest developments on potential future access," ⁠said Commission spokesman Thomas Regnier. The EU cybersecurity agency - called ENISA - is the body that is expected to get access to Mythos once there is agreement with Anthropic.

Anthropic Gives 100 New Organizations Access to Mythos | PYMNTS.com

The project had initially given around 50 organizations access to the artificial intelligence (AI) startup's Mythos model. Now, that number will expand to 150 organizations, Anthropic said in its announcement Tuesday (June 2). "This expansion is the next step toward our long-term goals: for AI to make all software more secure, and for us to help the industry adjust to how AI could change many of the core assumptions of cybersecurity," the announcement said. The organizations in question are spread across more than 15 countries and cover industries Anthropic said weren't well-represented in the initial group that was offered access to Mythos: power, water, hardware, healthcare and communications. "And many of the new partners are vendors -- companies or nonprofits that maintain codebases that are relied upon by lots of other organizations around the world, including governments," the company added. Project Glasswing is Anthropic's effort to use AI to combat AI-driven cyberattacks. It is centered around Mythos Preview, an AI model that the company has offered only limited access to, arguing it could be used for hacking. Last month, Anthropic issued a report on Project Glasswing which said the company and its partners had uncovered more than 10,000 "high- or critical-severity vulnerabilities" in "the most systemically important software in the world." Research by PYMNTS Intelligence and Trulioo has found that major enterprises are increasingly contending with AI-related cyberattacks. "Larger firms, with their larger footprints, can be more susceptible to the AI-powered spoofing of identity documents thanks to the industrialization of deepfakes and automated data scraping capabilities by adversarial cyber actors," PYMNTS wrote last month. According to the research, 58% of companies with upwards of $1 billion in annual revenue reported dealing with AI-generated documents or deepfake-related attacks in the prior year, a full 11 percentage points more than smaller companies. "Against this backdrop, enterprise-grade firms increasingly depend on identity systems not only to stop fraudsters, but also to determine whether legitimate customers can transact, onboard, access services and remain engaged," PYMNTS wrote. "In that environment, every authentication decision becomes a revenue decision." In other Anthropic news, the company this week filed to go public in what could be a $1 trillion initial public offering (IPO). Anthropic also recently became the most valuable AI startup in the world after a $65 billion funding round gave the company a $965 billion post-money valuation. For all PYMNTS AI coverage, subscribe to the daily AI Newsletter.

India Among 15 Countries to Get Access to Claude Mythos To Scan Critical Codebases

Anthropic announced that it was expanding its Project Glasswing to find and fix critical software vulnerabilities to 150 more organisations across 15 countries On a day when President Trump signed an executive order watering down his administration's plans for government nod to future AI models, Anthropic expanded its Project Glasswing to include 150 more organisations across 15 countries. India is one of the countries where the Claude-maker will release Mythos that can find and fix critical software vulnerabilities. While Anthropic took to its blog to share the update that Project Glasswing, its joint industry initiative to find and fix zero-day vulnerabilities, reports of India being part of the countries friendly to the United States getting access was revealedby the Financial Times. "We're now expanding Project Glasswing. Following several weeks of close collaboration with our Project Glasswing partners, the security industry, open-source software maintainers, and the US government, we're extending the partnership to approximately 150 new organizations. Each one will need to meet our security requirements before they gain access," the blog said. Anthropic said this new group is based in more than 15 countries and most of them provide critical infrastructure, covering several industries such as power, water, healthcare, hardware and communications. Many of the new partners are vendor companies or nonprofits that maintain codebases relied upon by other global enterprises and governments. The Claude-maker also revealed in its blog that in the future they plan to expand the geographical reach of Project Glasswing much further. The reveal comes a day after Anthropic filed confidentially for an IPO after a $65 billion fundraise that valued it at close to a $1 trillion. The original list of 12 partners to whom Anthropic gave early access in early April include Microsoft, Apple and Amazon among others. Thereafter, this list was expanded to 50 partners that included the US government, which nudged banks to scan their codebases for security flaws. Now the same list has expanded to 150, ostensibly after countries like India had repeatedly sought access on local servers.

Anthropic Negotiates EU Access to Mythos | PYMNTS.com

"It's been offered but the conditions are still being agreed," an ENISA spokesperson said, per the report. Anthropic did not immediately reply to PYMNTS' request for comment. The move would mark the first time Anthropic has extended access to Mythos to anyone outside the United States and the United Kingdom, according to the report. If an agreement is reached, ENISA would join Anthropic's Project Glasswing, which allows organizations to use Mythos to identify security vulnerabilities in their systems, the report said. The company has limited access to the AI model due to its potential to be used in cyberattacks. The ENISA spokesperson's statement confirmed a Monday report by Bloomberg that Anthropic was set to give the EU organization access to Mythos. That report said Anthropic communicated its decision to the EU's executive branch, the European Commission, over the weekend after the EU pushed for access to Mythos since the model was previewed in April. The launch of Project Glasswing was reported in April, with the initiative's first participants including Amazon, Apple and Microsoft, as well as cybersecurity and infrastructure players like Crowdstrike, Google, Nvidia and Palo Alto Networks. Anthropic said at the time in an announcement: "We are hopeful that Project Glasswing can seed a larger effort across industry and the public sector, with all parties helping to address the biggest questions around the impact of powerful models on security." The company said May 22 that when deployed by Anthropic and its 50 partner organizations in Project Glasswing, Mythos had found more than 10,000 "high- or critical-severity vulnerabilities" in "the most systemically important software in the world." It also said several of the companies reported that their rate of bug-finding had risen by more than a factor of 10. Anthropic said in a May22 update on Project Glasswing that it aimed to help more organizations improve their cybersecurity posture. "Next, we will work with critical partners -- including U.S. and allied governments -- to expand Project Glasswing to additional partners," the company said. "And in the near future, once we've developed the far stronger safeguards we need, we look forward to making Mythos-class models available through a general release." For all PYMNTS AI coverage, subscribe to the daily AI Newsletter.

Anthropic Scales Global Cybersecurity Push With Project Glasswing Expansion

The move comes just a day after Anthropic confirmed that it had confidentially filed for an initial public offering (IPO). It highlights the company's growing influence in both artificial intelligence and cybersecurity. has announced a major expansion of Project Glasswing, its cybersecurity initiative designed to help organizations identify and fix critical software vulnerabilities using AI. "We're now expanding Project Glasswing. Following several weeks of close collaboration with our Project Glasswing partners, the security industry, open-source software maintainers, and the US government, we're extending the partnership to approximately 150 new organizations. Each one will need to meet our security requirements before they gain access," the company stated. was launched earlier this year as a joint industry initiative to strengthen cybersecurity through artificial intelligence. In April, Anthropic provided access to Claude Mythos Preview to an initial group of around 50 partners, including organizations connected to the US government. According to the company, many organizations maintain software and digital infrastructure that millions of people rely on every day. Anthropic stated that a successful cyber attack against many of these systems could have serious consequences for national security, public services and critical infrastructure. The company estimated that a major attack on some participating organisations could potentially affect more than 100 million people.

Anthropic Mythos access to grow four-fold to about 200 Glasswing partners

SAN FRANCISCO -- Anthropic on Tuesday said it was planning a wider rollout of its artificial intelligence that has caught the attention of government and financial institutions around the world for its ability to find software vulnerabilities. Project Glasswing, Anthropic's partnership of around 50 organizations using its AI to secure software, is expanding to roughly 200, the San Francisco-based startup said. Each member has to meet certain security requirements before accessing Anthropic's powerful AI called Claude Mythos Preview, it said. Anthropic collaborated with the U.S. government, existing Glasswing partners and others in the security industry on the rollout, it said. The news comes a day after Anthropic filed confidentially for what could be one of the biggest initial public offerings in history, culminating a frenzy of business and government interest in its AI. Its April Mythos Preview announcement sowed panic that AI could hack software that was not first buttoned up thanks to Anthropic's technology, which can surface ways to stitch together and exploit small bugs. U.S. Treasury Secretary Scott Bessent and then-Federal Reserve Chair Jerome Powell convened an urgent meeting with bank CEOs to warn of the risks, while financial institutions pushed for access and raced to plug holes. Anthropic said its partners so far have found more than 10,000 security flaws they considered highly or critically severe, though some industry experts have said fears of unfettered hacking have been overstated. Anthropic declined to name the organizations it is now bringing into the fold. However, it said its new Glasswing partners are based in more than 15 countries and boost defenses in the healthcare, power, water, communications and hardware industries. The expansion includes government organizations, an Anthropic spokesperson said. A big attack on partner organizations could impact more than 100 million people, Anthropic estimated. Project Glasswing aims to bolster such software infrastructure before AI this powerful is widely available from other providers, a prospect that is no more than 6 to 12 months away, Anthropic said. The startup has also said it aims to bring Mythos-class models to all its customers, with additional safeguards, in the coming weeks.

Anthropic embeds engineers at NSA to deploy Mythos AI model - FT By Investing.com

Investing.com - Anthropic is deploying engineers inside the US National Security Agency to assist with the use of its Mythos AI model for offensive cyber operations. The San Francisco-based company has installed about half a dozen staff within the NSA as forward-deployed engineers to guide the technology's use and customize models for specific applications, according to Financial Times, citing two people familiar with the arrangement. The deployment occurs while Anthropic is engaged in a legal battle with the Pentagon over restrictions on how its Claude AI models are used in warfighting. Anthropic attempted to limit government use of Claude for mass surveillance of American citizens and lethal autonomous drones, prompting the Pentagon to label the AI lab a "supply-chain risk." The company has sued over the designation, which could force it to end contracts with organizations that work with the US military. Anthropic unveiled Claude Mythos in April, initially making it available only to select US-based organizations. Earlier this week, the company announced it would distribute Mythos to 150 organizations across 15 countries. The model has triggered concern among governments, financial institutions and IT companies over its ability to detect and exploit software vulnerabilities. One person close to the situation said Mythos would be useful for infiltrating the networks of nations such as China or Iran. A person close to Anthropic said adversaries are probably building their own AI-driven offensive technology. Anthropic has filed for an initial public offering that could value the company at more than $1 trillion. Since Mythos' release, rival OpenAI has released a model with similar capabilities. This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.

Anthropic expands Claude Mythos cybersecurity initiative across 15 countries, includes India: All details

Anthropic says Claude Mythos has already helped partners identify more than 10,000 high and critical-severity software vulnerabilities. Anthropic has officially expanded the access to its cybersecurity focused AI model, Claude Mythos Preview to India and other countries. In a blog post, the company added that around 150 new organisations across more than 15 countries have been added to its Project Glasswing programme. India is among the countries selected for the expansion, alongside nations such as Japan, South Korea, Germany, France, Australia and Canada. According to Anthropic, the program focuses on organisations that operate critical infrastructure in sectors such as financial services, healthcare, telecommunications, cybersecurity, power, water, and technology. Many of the new participants are also software vendors and maintainers, with products and codebases used by governments, enterprises, and millions of users around the world. The company also stated that the organisations participating in the programme have already identified over 10,000 high and critical severity security vulnerabilities using Claude Mythos Preview, within just a few weeks of deployment. The company also claimed that the AI model is capable of analysing large codebases, uncovering hidden software flaws and assisting security teams in detecting the vulnerabilities which might otherwise remain unnoticed for years. Also read: Sam Altman and OpenAI under legal fire, lawsuit claims ChatGPT puts children at risk The company stated that advanced cyber-focused AI models similar to Mythos could become widely available across the industry within the next six to twelve months. So, the company also stated that organisations should prepare for a future where both attackers and defenders have access to increasingly powerful AI driven cybersecurity tools. The company also mentioned that many of the organisations joining Project Glasswing manage systems where a successful cyberattack could potentially affect more than 100 million people, making them high-priority targets for enhanced security testing and vulnerability detection. Beyond identifying flaws, Anthropic says Claude Mythos is also being used to help write software patches, conduct penetration testing, automate threat detection, and strengthen the security of critical open-source projects.