Anthropic Confirms Claude Mythos-Class Models Will Roll Out to the Public — Project Glasswing Expands to 200 Organisations

Anthropic made two significant announcements on 2 June 2026 that reshape the timeline of its most powerful AI model. The company confirmed that Mythos-class models will be made available to all customers in the coming weeks — the first time a concrete timeline has been attached to the public release of Claude Mythos-level capabilities — while simultaneously announcing a major expansion of Project Glasswing, its controlled-access cybersecurity initiative, to approximately 150 new organisations across 15 countries.

The pairing of these announcements is deliberate. Anthropic has been explicit that Claude Mythos Preview is withheld from public release due to cybersecurity concerns about its offensive capabilities — the company’s own testing concluded the model could “reshape cybersecurity as we know it” if released without appropriate safeguards. The Project Glasswing expansion, which brings the total partner count to approximately 200 organisations, is the mechanism through which Anthropic is building confidence that the model’s capabilities can be deployed safely at scale.

“Models of this capability level require stronger cyber safeguards before they can be generally released,” Anthropic stated. “We’re making swift progress on developing these safeguards and expect to be able to bring Mythos-class models to all our customers in the coming weeks.”

1. What Is Claude Mythos?

Claude Mythos is Anthropic’s most advanced frontier AI model — significantly more capable than the publicly available Claude Opus and Sonnet model lines in reasoning, coding, and agentic task completion. Anthropic has not published a detailed technical specification, but descriptions from Project Glasswing partners and Anthropic’s own communications describe capabilities in several dimensions:

• Advanced agentic coding — Mythos can autonomously plan, write, test, and iterate on large codebases with minimal human guidance, handling multi-file changes across complex software architectures
• Long-context vulnerability analysis — the model can process millions of lines of code in a single context window and reason about security properties across the entire codebase rather than isolated functions
• Automated exploit reasoning — Mythos can trace attack paths from identified vulnerabilities through to exploitation scenarios, enabling not just detection but comprehensive impact analysis
• Patch generation — the model can write security patches for identified vulnerabilities and validate those patches for correctness and completeness

Anthropic’s concern about releasing Mythos publicly is directly related to these capabilities. A model that can rapidly identify vulnerabilities in complex codebases and reason about exploitation paths is, by symmetry, a model that could be used by attackers to rapidly identify and exploit vulnerabilities in critical systems. Anthropic’s CEO Dario Amodei has described this capability profile as requiring “stronger cyber safeguards before general release” — a position that distinguishes Mythos from every previous Claude model, which were released publicly without such conditions.

2. Project Glasswing: The Controlled Rollout

Project Glasswing was announced in early April 2026 as Anthropic’s framework for controlled, supervised access to Claude Mythos Preview. The initiative was designed with a specific security philosophy: rather than deploying Mythos broadly and monitoring for abuse, Anthropic chose to restrict access to organisations that can use the model defensively and share their learnings to improve the broader security ecosystem.

The initial Project Glasswing cohort included approximately 50 organisations, a remarkable set of names for an AI preview programme. The initiative allows companies including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, and Nvidia to use Anthropic’s Mythos Preview for defensive security work and share their learnings with the wider industry. Anthropic also provided access to roughly 40 more organisations responsible for building or maintaining critical software infrastructure, allowing them to use the model to scan and secure both their own systems and open-source code.

Glasswing Security Requirements

Participation in Project Glasswing requires organisations to meet strict security criteria before gaining access. While Anthropic has not published a detailed checklist, the criteria include security programme maturity assessment, commitment to responsible vulnerability disclosure (sharing findings with Anthropic and, where relevant, with the maintainers of affected software), restriction of Mythos use to defensive security functions, and participation in Anthropic’s emerging best practices development for AI-assisted vulnerability research.

3. The June 2026 Expansion

On 2 June 2026, Anthropic announced it is expanding Project Glasswing, making Claude Mythos Preview available to approximately 150 new organisations across more than 15 countries. The newly onboarded organisations include those in power, water, healthcare, communications, and hardware industries.

The newly added organisations span more than 15 countries and include sectors critical to national and global stability, such as energy, healthcare, water systems, telecommunications, and hardware manufacturing. Many of these entities maintain widely used software or infrastructure, meaning vulnerabilities in their systems could impact hundreds of millions of users.

The expansion is notable for its sector focus. The initial Glasswing cohort was dominated by technology companies — organisations that already have mature security programmes and the internal capacity to work with an advanced AI model responsibly. The second wave prioritises critical infrastructure operators — utilities, water treatment providers, healthcare systems, and telecommunications companies — whose security posture often lags behind the technology sector but whose failures carry catastrophic consequences.

Why Critical Infrastructure Now?

The inclusion of critical infrastructure operators in the expanded Glasswing cohort reflects a specific threat assessment. Anthropic’s analysis of Mythos-level AI capabilities identified critical infrastructure as among the highest-priority sectors for defensive deployment precisely because these sectors face sophisticated, well-resourced threat actors (including nation-state adversaries) but often lack the internal security engineering capacity to identify and remediate vulnerabilities at scale. An AI model that can scan millions of lines of legacy operational technology (OT) and industrial control system (ICS) code represents a asymmetric advantage for defenders in these sectors.

4. What Glasswing Partners Have Found: 10,000+ Critical Vulnerabilities

Project Glasswing participants have used Claude Mythos Preview to identify more than 10,000 high- and critical-severity vulnerabilities across various codebases. This figure is striking in two ways.

First, the scale: 10,000 high-or-critical vulnerabilities across approximately 50 initial partner organisations in roughly six weeks implies an average of 200 significant findings per organisation. Even assuming some organisations contributed far more than others, this suggests that Mythos-class AI models are identifying security flaws at rates that dramatically exceed what human security engineers can achieve manually.

Second, the severity distribution: the figure specifically highlights high and critical vulnerabilities — not informational or low-severity findings that automated scanners routinely surface in large numbers. High and critical vulnerabilities are those that, if exploited, could result in significant data breaches, service outages, or system compromise. The implication is that Mythos is not just finding more issues; it is finding the serious ones that matter.

Types of Vulnerabilities Being Found

According to Anthropic, Project Glasswing participants are using Claude Mythos Preview not only to find vulnerabilities but also to fix them. The model has proven adept at writing cybersecurity patches. Some early adopters are also using it to scan new code for weak points before rolling it out to production.

Specific vulnerability classes that Mythos has demonstrated effectiveness at detecting include:

• Memory safety issues — buffer overflows, use-after-free bugs, and integer overflow vulnerabilities in C and C++ codebases that have accumulated over decades in legacy infrastructure software
• Authentication and authorisation flaws — logic errors in access control implementations that allow privilege escalation or unauthorised data access
• Cryptographic misconfigurations — incorrect use of cryptographic primitives, weak key derivation, and implementation errors in TLS/SSL handling
• Supply chain vulnerabilities — weaknesses in build systems, dependency management, and third-party library integrations
• Input validation issues — SQL injection, command injection, path traversal, and similar injection vulnerabilities across web and API interfaces

5. The Public Release Timeline

The most consequential detail in Anthropic’s June 2 announcement is the public release timeline. Last week, as part of its Claude Opus 4.8 model introduction, Anthropic stated: “Models of this capability level require stronger cyber safeguards before they can be generally released. We’re making swift progress on developing these safeguards and expect to be able to bring Mythos-class models to all our customers in the coming weeks.”

The phrase “Mythos-class models” is significant — Anthropic is not committing to releasing Claude Mythos Preview specifically, but rather models with Mythos-level capabilities that incorporate the cybersecurity safeguards developed through the Glasswing programme. This likely means a version of Mythos with specific capability restrictions or monitoring systems designed to reduce offensive misuse.

What “Cybersecurity Safeguards” Means in Practice

Anthropic has been developing a framework for deploying highly capable AI models safely in the context of cybersecurity. The safeguards being developed include:

• Usage monitoring — real-time monitoring of model outputs for patterns consistent with offensive rather than defensive security use
• Capability restrictions — specific restrictions on the model’s ability to provide step-by-step exploitation guidance, generate weaponised proof-of-concept exploits, or assist with attacks against specific targets
• Responsible disclosure integration — workflows that route high-severity vulnerability findings discovered via Mythos through responsible disclosure processes rather than allowing them to be retained without disclosure
• Access controls — tiered access systems that provide fuller capabilities to verified security researchers and organisations with demonstrated legitimate use cases

6. Claude Security: The Immediately Available Alternative

For organisations that cannot wait for Mythos-class public availability or that do not qualify for Project Glasswing, Anthropic has also launched Claude Security, a product built on its frontier public models, including Claude Opus 4.8, designed to scan codebases and suggest patches for organisations outside the programme.

Claude Security is positioned as the broadly available path for organisations seeking AI-assisted vulnerability detection today. While it lacks Mythos’s full capability profile — particularly the deep agentic reasoning and long-context codebase analysis that drives the 10,000+ vulnerability finding rate — Claude Security built on Opus 4.8 is still significantly more capable than the security tooling most organisations are currently using.

For Saudi businesses and GCC enterprises evaluating AI-assisted security tooling, Claude Security via the Anthropic API is the practical option available today. Mythos-class capabilities through Project Glasswing require meeting strict security programme requirements that most commercial organisations will not satisfy in the near term.

7. Cybersecurity Implications for Saudi Arabia and Enterprise IT

The Claude Mythos / Project Glasswing development has concrete implications for cybersecurity strategy in Saudi Arabia, where the National Cybersecurity Authority (NCA) has been actively developing frameworks for AI in cybersecurity and where Vision 2030’s digital transformation agenda has expanded the critical infrastructure that requires protection:

AI-Assisted Vulnerability Management

The 10,000+ vulnerability findings from Project Glasswing demonstrate that AI-assisted code scanning, when applied to legacy enterprise codebases, is likely to surface significant security debt that manual review has missed. Saudi organisations undergoing digital transformation — migrating from legacy on-premise systems to cloud — should consider AI-assisted security code review as part of their pre-migration assessment to identify vulnerabilities before they are exposed to broader internet attack surfaces.

Critical Infrastructure in the GCC

Saudi Arabia’s Vision 2030 giga-projects — NEOM, Red Sea Global, Diriyah — are among the world’s largest digital infrastructure deployments, with extensive OT and ICS components. The Glasswing expansion’s focus on energy, water, and telecommunications critical infrastructure is directly relevant to the security requirements of these projects.

NCA ECC Alignment

AI-assisted vulnerability detection, when combined with responsible disclosure workflows, aligns with NCA ECC requirements for continuous vulnerability assessment and management. As Mythos-class capabilities become publicly available, integrating them into a structured NCA-aligned security programme will become both a capability and a compliance question for Saudi organisations.

8. The Anthropic IPO Context

Anthropic, fresh off becoming the most valued frontier AI lab and announcing plans for its initial public offering, expanded access to Claude Mythos Preview. The timing of the Glasswing expansion announcement — one day after the IPO announcement — is not coincidental. Project Glasswing is Anthropic’s most visible demonstration of responsible AI development in the highest-stakes context: frontier model capabilities applied to critical infrastructure security.

For potential IPO investors evaluating Anthropic’s market position and growth strategy, the Glasswing narrative serves several functions: it demonstrates that Anthropic’s most advanced models are both technically superior (10,000+ critical findings) and commercially relevant (enterprise and infrastructure deployment), it positions Anthropic as the responsible frontier AI lab relative to competitors, and it establishes a credible pathway to monetising Mythos-class capabilities at scale once the safeguards framework matures.

9. Frequently Asked Questions

Conclusion

The Project Glasswing expansion and the Mythos-class public release commitment together signal that 2026 will be the year that truly frontier AI capabilities become available for enterprise security use. The Project Glasswing data — 10,000+ critical vulnerabilities identified by 50 organisations in six weeks — is the clearest evidence yet that AI-assisted vulnerability detection is not a distant promise but a present capability that is actively finding and fixing serious security flaws in critical infrastructure worldwide.

The public release of Mythos-class models in the coming weeks will democratise access to these capabilities, though with safeguards that will shape how they can be used. For businesses in Saudi Arabia and across the GCC, the practical path today is Claude Security on Opus 4.8. The Mythos-class path will become available to all customers soon, with the safety architecture that Anthropic has been building through Project Glasswing informing how it is deployed.