On April 7th, 2026, Anthropic did something unusual. They announced their most powerful AI model ever built — and then refused to release it.
Instead, they locked it behind a restricted initiative called Project Glasswing, giving access only to a coalition of twelve major technology and finance companies: Apple, Microsoft, Google, Amazon Web Services, CrowdStrike, Cisco, NVIDIA, JPMorganChase, Broadcom, Palo Alto Networks, and the Linux Foundation. An additional 40+ organizations that maintain critical software infrastructure were also granted access.
The model in question is Claude Mythos Preview. And the reason Anthropic chose to restrict it tells you everything you need to know about where cybersecurity is heading.
What Is Claude Mythos, and Why Is It Different?
Claude Mythos is a general-purpose AI model, similar in nature to the models you might already use for writing, analysis, or coding assistance. Anthropic described it in leaked internal documents as “by far the most powerful AI model” they had ever developed. But what makes Mythos genuinely unprecedented isn’t its general intelligence — it’s what that intelligence can do when pointed at software.
In just a few weeks of testing, Mythos Preview identified thousands of previously unknown security flaws — known in the industry as zero-day vulnerabilities — across every major operating system and every major web browser. These aren’t theoretical weaknesses. These are exploitable flaws in the systems your business runs on every single day: Windows, macOS, Linux, Chrome, Safari, Firefox.
To put the scale in perspective: one of the vulnerabilities Mythos found had been sitting undetected in OpenBSD — an operating system whose entire reputation is built on security — for 27 years. Another had been hiding in FFmpeg, a video processing library embedded in countless applications, for 16 years. Automated testing tools had executed that particular line of code five million times without ever catching the problem. Mythos caught it.
Perhaps most striking is the model’s ability to chain vulnerabilities together. Where a single flaw might be harmless on its own, Mythos can identify three, four, or even five separate weaknesses and combine them into a sophisticated attack sequence — the kind of work that previously required an elite team of security researchers working in coordination. In one case, the model autonomously wrote a browser exploit that chained four vulnerabilities together, escaping multiple layers of security sandboxing.
Nicholas Carlini, a researcher working on the project, put it plainly: he found more bugs in two weeks with Mythos than he had in the rest of his career combined.
What Is Project Glasswing?
The name comes from the glasswing butterfly (Greta oto), whose transparent wings allow it to hide in plain sight — a fitting metaphor for software vulnerabilities that can sit undetected in critical code for decades.
Project Glasswing is Anthropic’s answer to a difficult question: what do you do when your AI model is so effective at finding security flaws that releasing it publicly could arm attackers faster than defenders can respond?
Their answer was to create a controlled coalition. The twelve launch partners — representing a massive share of the world’s computing infrastructure — receive access to Mythos Preview exclusively for defensive security work. They use the model to scan their own systems, identify vulnerabilities, develop patches, and share what they learn with the broader industry. Anthropic is backing this with up to $100 million in usage credits for Mythos Preview across these efforts, plus $4 million in direct donations to open-source security organizations like the Linux Foundation’s OpenSSF and the Apache Software Foundation.
The explicit goal is to give defenders a head start. As Anthropic stated in their announcement: “Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely.”
This isn’t hypothetical. They’ve already warned US government officials that Mythos makes large-scale cyberattacks significantly more likely this year. The clock is ticking.
The Speed Problem: Why This Changes Everything
Here’s where this stops being an interesting AI story and starts being an urgent business problem.
The cybersecurity landscape has always been a race between attackers finding vulnerabilities and defenders patching them. For decades, the pace of that race was constrained by human limitations. Finding a critical vulnerability in a well-audited codebase could take months or years of expert review. Developing a working exploit could take weeks. This gave defenders time — imperfect, insufficient time, but time nonetheless.
AI has compressed that timeline dramatically. CrowdStrike’s Chief Technology Officer, Elia Zaitsev, described the shift this way: the window between a vulnerability being discovered and being exploited has collapsed from months to minutes with AI assistance.
Now consider what happens when the Glasswing partners begin deploying Mythos at scale across their systems. They are going to find vulnerabilities at a rate the industry has never seen. And that means they are going to push security patches and updates at a rate the industry has never seen.
This is unambiguously good news for security. But it creates a new problem for every organization downstream: if you are slow to apply those patches, you are more exposed than ever before. Every security update that gets published effectively announces the existence of a vulnerability to the world. Before AI, the gap between “patch released” and “exploit developed by attackers” might have been weeks or months. With AI-capable adversaries, that gap could shrink to hours or days.
What This Means for Your Business
You don’t need to be a technology company to be affected by this. If your organization uses computers — and it does — you are running software built on the same operating systems, browsers, and open-source libraries that Mythos is now auditing.
That last point deserves emphasis. Most business leaders don’t realize how deeply their technology stack depends on open-source software. The FFmpeg vulnerability mentioned earlier is a perfect example: it’s a library most executives have never heard of, yet it’s embedded in an enormous number of applications that handle video across the internet. A vulnerability in FFmpeg isn’t just a problem for developers — it’s a problem for every business that uses software dependent on it. And that’s nearly everyone.
The Linux Foundation’s CEO, Jim Zemlin, highlighted this reality when discussing Project Glasswing. Open-source maintainers — whose software underpins much of the world’s critical infrastructure — have historically been left to figure out security on their own, often without dedicated security teams or budgets. Project Glasswing, and the $4 million in donations accompanying it, is a step toward changing that. But the fix only works if organizations actually install the updates.
This is the core message every business leader needs to internalize: the most sophisticated AI-powered security initiative in history is only as effective as your patch management process.
The Bigger Picture: Offense and Defense in the AI Era
It’s important to understand the dual nature of what’s happening here. The same AI capabilities that make Mythos invaluable for defenders also make it dangerous in the wrong hands. Anthropic has been explicit about this tension. Their model wasn’t specifically trained for cybersecurity — these capabilities emerged as a natural consequence of improvements in coding and reasoning ability. Any sufficiently advanced AI model will eventually develop similar skills.
This is exactly why Anthropic chose not to release Mythos publicly and why Project Glasswing exists. The goal is to give defenders a window — likely measured in months, not years — to find and patch the most critical vulnerabilities before models with comparable capabilities become widely available. Anthropic themselves have acknowledged that frontier AI capabilities are likely to advance substantially in the coming months.
The optimistic view, shared by Anthropic’s own security researchers, is that in the long run, these tools will benefit defenders more than attackers. Defenders can use AI to systematically audit entire codebases and fix vulnerabilities before they’re ever exploited. Attackers still need to find a vulnerability the defender missed, develop an exploit, and successfully deploy it — all while racing against an AI-augmented defense.
But the transitional period — the one we’re entering right now — could be turbulent. The organizations that move quickly to shore up their defenses will weather it. The ones that don’t will be the ones making headlines.
What You Should Do Right Now
The good news is that the most important actions you can take are not complex or expensive. They are, however, urgent.
First, audit your patch management process. Talk to your IT and security teams. How quickly are critical security updates applied across your infrastructure? If the answer is “weeks” or “it depends,” that needs to change. In an AI-accelerated threat landscape, days matter.
Second, understand your software supply chain. Your organization almost certainly depends on open-source libraries and components you’ve never heard of. A software bill of materials (SBOM) — an inventory of every component in your software stack — is no longer a nice-to-have. It’s essential for understanding where your exposure lies.
Third, automate where possible. Manual patch management processes cannot keep pace with the volume of updates that’s coming. Automated patching, continuous vulnerability scanning, and real-time monitoring should be standard, not aspirational.
Fourth, stay informed. Anthropic has committed to publishing a public report within 90 days detailing what Project Glasswing has uncovered and the improvements made. The Glasswing partners will also share best practices and practical recommendations covering everything from vulnerability disclosure processes to software development lifecycle improvements. These publications will be essential reading for any organization that takes security seriously.
The Bottom Line
We are entering a new era in cybersecurity. AI models like Claude Mythos can find vulnerabilities that survived 27 years of expert human review and millions of automated tests. They can chain together subtle flaws into sophisticated attacks that previously required elite hacking teams. And these capabilities are only going to become more widely available.
Project Glasswing is the industry’s attempt to get ahead of that curve — to use the most powerful AI available to secure the most critical software before attackers can exploit it. It is backed by the biggest names in technology and supported by $100 million in resources. It is, by any measure, the most ambitious cybersecurity initiative in the history of the industry.
But none of it matters if the patches don’t get installed.
The age of AI-driven cybersecurity is here. The organizations that stay current will be protected. The ones that don’t will be the low-hanging fruit.
Capolla