Anthropic introduced a new cybersecurity initiative that reflects both the promise and the deep unease surrounding AI, enlisting a rare alliance of industry heavyweights including Amazon, Microsoft, Apple, Google, and NVIDIA. The program, known as Project Glasswing, brings these firms together with cybersecurity and infrastructure partners to test a powerful AI model designed to identify software vulnerabilities before they can be exploited.

Glasswing’s AI model, called Claude Mythos Preview, is not being made publicly available. Anthropic says the restrictions are necessary given the model’s ability to uncover and potentially exploit weaknesses in widely used systems.

Early results suggest the model operates at a scale beyond existing tools. Anthropic reports that it has already identified thousands of serious vulnerabilities across operating systems, browsers, and other core software components. In several cases, these flaws had remained undetected for years despite extensive testing. Some vulnerabilities have already been patched following responsible disclosure.

“When tested against CTI-REALM, our open-source security benchmark, Claude Mythos Preview showed substantial improvements compared to previous models,” said Igor Tsyganskiy, Global CISO, EVP Security and Microsoft Research, Microsoft.

AI’s Threat to Cybersecurity

In the current cybersecurity environment, the time between discovering a vulnerability and its exploitation has narrowed sharply, driven by automation and AI-assisted techniques. That compression has raised concerns that traditional defensive approaches may no longer be sufficient.

With Project Glasswing, participating companies are using the model to test their own systems and contribute findings to a broader effort to strengthen shared infrastructure. Anthropic has also committed financial support, including usage credits and funding for open-source security projects, with the aim of helping maintainers address vulnerabilities identified by the system.

The scale and nature of the coordination is remarkable. Companies that typically compete in cloud computing and cybersecurity are collaborating in a shared framework. This alignment reflects how seriously the industry regards the emerging threats created by AI. The underlying assumption is that no single organization can manage risks introduced by increasingly capable AI systems.

Supporting Defenders

Glasswing faces practical and logistical challenges. Processing large volumes of vulnerability reports requires careful validation and prioritization, particularly for open-source projects that often rely on limited resources. Anthropic says it has developed a triage process that includes human review and coordinated disclosures to avoid overwhelming developers.

The company’s decision to withhold public release of the model reveals a tension in AI development. While the AI is used to strengthen defenses, it also can accelerate hackers’ capabilities if widely distributed. Anthropic has indicated that similar capabilities may become more common in the near future, adding urgency to current defensive efforts.

That urgency, to be sure, is warranted. Surveys indicate that a majority of large organizations have already encountered AI-assisted threats within the past year. Anthropic itself has acknowledged prior instances in which its models were misused in coordinated attacks.

“Claude Mythos Preview demonstrates what is now possible for defenders at scale, and adversaries will inevitably look to exploit the same capabilities,” said Elia Zaitsev, Chief Technology Officer, CrowdStrike.

Anthropic Takes the Lead

The launch of Project Glasswing comes during a period of rapid growth for Anthropic. The company has reported a sharp increase in revenue and enterprise adoption, alongside expanded investments in computing infrastructure. On one hand, Glasswing represents a distinct effort to apply its technology beyond commercial applications. Yet at the same time, Anthropic’s coordination of an industry-wide effort greatly boosts its enterprise profile.

For now, the success of the program will depend on whether collaboration can keep pace with the evolving capabilities of AI systems. The model’s ability to uncover long-standing vulnerabilities suggests a meaningful defensive advantage. Still, if replicated elsewhere, it could alter the balance between attackers and defenders.

Anthropic has said it plans to share findings from the initiative over the coming months. The big question is whether Project Glasswing can establish a durable framework for managing AI-driven risks, or whether it will merely be a stopgap as AI-based cyberthreats grow in volume and complexity.