Overview
- Anthropic withheld public release of its Claude Mythos model after finding the AI could both find and exploit software flaws, so it opened a controlled preview called Project Glasswing for selected partners.
- Project Glasswing gives roughly 40–50 vetted companies access to Mythos and includes large tech firms, with Anthropic offering substantial usage credits to encourage defensive testing.
- Anthropic revised partner confidentiality to let Glasswing users disclose vulnerability findings outside the program to promote wider defensive coordination and faster mitigation.
- Cloudflare and other early users found Mythos can chain low‑severity bugs into higher‑severity exploits and produce working proofs of concept but also yields false positives and works best inside a narrowed multi‑agent 'harness.'
- Governments, regulators and critical sectors are weighing participation and tighter controls after reports of limited unauthorized access and the Pentagon flagged supply‑chain risk, while defenders press for faster patching and stronger architectural protections.