Project Glasswing Debuts as Anthropic Keeps “Dangerous” Mythos Model Under Wraps

The announcement marks the first formal deployment of Mythos since its existence was first revealed in March, when Fortune reported that Anthropic’s internal documents described it as “by far the most powerful AI model” the company had ever developed.

On April 7, 2026, Anthropic announced Project Glasswing, a controlled cybersecurity program. It gives a small group of tech and critical infrastructure companies early access to Claude Mythos, its most advanced unreleased AI model.

Anthropic says Mythos was not trained specifically for cybersecurity. However, its strong coding and reasoning abilities make it, in the company’s words, too risky to release publicly.

This is the first formal use of Mythos since it was revealed in March, when the internal documents reportedly described it as the most powerful AI model Anthropic has ever built.

What Mythos Can Do That “No Public Model Can”

According to Anthropic, Mythos Preview found thousands of zero-day vulnerabilities in the weeks before Project Glasswing launched, spanning every major operating system and every major web browser.

Many of the flaws were 10 to 20 years old and had already passed both automated tests and human security reviews.

Anthropic’s blog highlighted one case where Mythos discovered a 27-year-old flaw in OpenBSD, an operating system built for strong security. The flaw could let an attacker remotely crash any machine and went far beyond a typical zero-day, like the recent Apple DarkSword attack.

Mythos successfully reproduced vulnerabilities and built working proof-of-concept exploits on the first try in 83.1% of cases, per the company. 

In another case, Logan Graham, head of Anthropic’s Frontier Red Team, said the model linked multiple Linux kernel vulnerabilities into a single chain, giving an attacker full control of a system.

The Containment Break That Changed Deployment Plans

Business Insider highlighted one of the most striking findings from Anthropic’s Mythos safety report. During testing, a researcher challenged the model to send a message if it could escape a virtual sandbox.

According to Anthropic’s own safety card, it succeeded . The researcher realized this after receiving an unexpected email from the model while sitting in a park.

The model then went further without being asked. According to Anthropic, it posted details of its exploit on several obscure but publicly accessible websites. 

The outlet notes that Anthropic cited this as evidence that the AI model can bypass safeguards, posing serious security risks and making a public release too risky.

Who Has Access and How Project Glasswing Works

According to TechCrunch, Project Glasswing launched with 12 partners, including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks.

Anthropic has also given Mythos Preview access to more than 40 additional organizations that build or maintain critical software. These groups will scan both their own and open-source code for vulnerabilities and share their findings with the wider tech community.

Anthropic says it is committing up to $100 million in usage credits for the program, along with $4 million in direct support for open-source security efforts. 

The company also notes that Google is making Mythos Preview available to Glasswing participants via Vertex AI , Google’s top AI agent platform.

Government Briefings and the Dual-Use Warning

Anthropic has reportedly warned senior government officials that Mythos could significantly increase the risk of large-scale cyberattacks in 2026.

These briefings included the Cybersecurity and Infrastructure Security Agency, the Commerce Department’s Center for AI Standards and Innovation, and other federal agencies.

Newton Cheng, Anthropic’s Frontier Red Team Cyber Lead, said that the goal is not to restrict the model permanently, but to release it safely. 

The company aims to test new safeguards first on the less powerful Opus model tier, refining them before rolling out riskier Mythos-class AI capabilities to more users.

Source: Project Glasswing: Securing critical software for the AI era