Blab AI
Anthropics Project Glasswing Expands, AI Shifts Cybersecurity Focus from Finding to Fixing Vulnerabilities
Anthropic’s Project Glasswing, an initiative that gives select organizations access to the Claude Mythos Preview model, has grown to more than 150 participants in over 15 countries. The program has identified more than 10,000 high‑ or critical‑severity software vulnerabilities, according to materials released by the company. The expansion, which includes the UK’s BT Group as the first publicly announced member, signals a shift in cybersecurity strategy: defenders are using AI to prioritize and remediate flaws faster than attackers can exploit them.
Project Glasswing was launched by Anthropic to harness the capabilities of Claude Mythos Preview, a frontier large‑language model designed specifically for vulnerability detection. Anthropic reports that the program now serves a cross‑industry coalition that spans telecommunications, healthcare, energy, government, and major technology and financial firms. Participants listed by the company include Microsoft, Google, Apple, Nvidia, Amazon Web Services, CrowdStrike, Cisco, and JPMorgan Chase.
BT Group’s participation was highlighted by TechRadar, which noted that the telecommunications company plans to use the technology to strengthen defenses across its networks and customer systems. BT said it blocks approximately 4 million cyber attacks each day, and the company has announced that it will apply the AI model to identify and patch weaknesses in its software supply chain.
Security experts point to AI’s ability to process large codebases quickly and to uncover relationships among vulnerabilities that may be difficult for human analysts to see. According to a report in The Wall Street Journal, executives at Visa involved in the initiative said that Claude Mythos Preview can link multiple lower‑severity flaws into realistic attack chains, helping defenders spot risks that might otherwise go unnoticed.
The benefits of the technology are tempered by concerns about misuse. Anthropic has stated that Claude Mythos Preview is not broadly available because the same capabilities that help defenders could also aid attackers in locating weaknesses more efficiently. The company limits access to vetted organizations to mitigate the risk that advanced cybersecurity models could be used for offensive purposes if released widely.
These concerns are part of a broader debate as governments and regulators examine the security implications of frontier AI systems. Anthropic frames Project Glasswing as a defensive initiative while maintaining restrictions on public access to the underlying model. The debate continues over whether AI will primarily strengthen defenses, enable more sophisticated attacks, or both.
For now, supporters of the technology argue that AI is addressing a long‑standing problem: the inability to identify and remediate vulnerabilities fast enough. If the model continues to improve, cybersecurity professionals say the bottleneck may shift from finding flaws to deciding which ones to fix first.
Updates on Project Glasswing are available on Anthropic’s website, where the company outlines the program’s scope, participant list, and technical approach. The initiative represents a growing trend of AI companies positioning advanced models as tools for protecting critical infrastructure and large enterprises.
In the coming months, the program’s expansion and the continued refinement of Claude Mythos Preview will likely influence how organizations prioritize vulnerability remediation. Regulatory bodies may also weigh in on the balance between defensive benefits and potential misuse, shaping the future landscape of AI‑driven cybersecurity.
Project Glasswing was launched by Anthropic to harness the capabilities of Claude Mythos Preview, a frontier large‑language model designed specifically for vulnerability detection. Anthropic reports that the program now serves a cross‑industry coalition that spans telecommunications, healthcare, energy, government, and major technology and financial firms. Participants listed by the company include Microsoft, Google, Apple, Nvidia, Amazon Web Services, CrowdStrike, Cisco, and JPMorgan Chase.
BT Group’s participation was highlighted by TechRadar, which noted that the telecommunications company plans to use the technology to strengthen defenses across its networks and customer systems. BT said it blocks approximately 4 million cyber attacks each day, and the company has announced that it will apply the AI model to identify and patch weaknesses in its software supply chain.
Security experts point to AI’s ability to process large codebases quickly and to uncover relationships among vulnerabilities that may be difficult for human analysts to see. According to a report in The Wall Street Journal, executives at Visa involved in the initiative said that Claude Mythos Preview can link multiple lower‑severity flaws into realistic attack chains, helping defenders spot risks that might otherwise go unnoticed.
The benefits of the technology are tempered by concerns about misuse. Anthropic has stated that Claude Mythos Preview is not broadly available because the same capabilities that help defenders could also aid attackers in locating weaknesses more efficiently. The company limits access to vetted organizations to mitigate the risk that advanced cybersecurity models could be used for offensive purposes if released widely.
These concerns are part of a broader debate as governments and regulators examine the security implications of frontier AI systems. Anthropic frames Project Glasswing as a defensive initiative while maintaining restrictions on public access to the underlying model. The debate continues over whether AI will primarily strengthen defenses, enable more sophisticated attacks, or both.
For now, supporters of the technology argue that AI is addressing a long‑standing problem: the inability to identify and remediate vulnerabilities fast enough. If the model continues to improve, cybersecurity professionals say the bottleneck may shift from finding flaws to deciding which ones to fix first.
Updates on Project Glasswing are available on Anthropic’s website, where the company outlines the program’s scope, participant list, and technical approach. The initiative represents a growing trend of AI companies positioning advanced models as tools for protecting critical infrastructure and large enterprises.
In the coming months, the program’s expansion and the continued refinement of Claude Mythos Preview will likely influence how organizations prioritize vulnerability remediation. Regulatory bodies may also weigh in on the balance between defensive benefits and potential misuse, shaping the future landscape of AI‑driven cybersecurity.
