Anthropic’s decision to route early access to its Claude Mythos Preview model to a small group of major technology firms is raising fresh concerns, particularly as the artificial intelligence (AI) company faces growing scrutiny over cybersecurity lapses.
Under the initiative known as Project Glasswing, access is initially reserved for a concentrated group of infrastructure providers, cybersecurity firms, and cloud platforms, including Amazon Web Services, Microsoft, Apple, Google, Nvidia, Cisco, Broadcom, CrowdStrike, Palo Alto Networks, and JPMorganChase, alongside the Linux Foundation and others.
"We have a new model that we're explicitly not releasing to the public," Mike Krieger of Anthropic Labs said at a HumanX AI conference in San Francisco.
The approach mirrors OpenAI’s decision in 2019 to delay the release of GPT-2 due to safety concerns.
The concerns
Anthropic has said the model has already identified thousands of high-severity flaws across core software systems. In a blog post, it said Mythos Preview can autonomously detect and chain software vulnerabilities at a scale that exceeds human capability, with internal testing reportedly uncovering thousands of high-severity flaws across operating systems, browsers, and core internet software.
That capability is precisely what drives the security concern. Company documents, as reported by Fortune, show internal caution that the same systems designed for defence could be repurposed for offensive exploitation.
Why Big Tech?
To reduce risk, Anthropic is deliberately limiting exposure. Early deployment through Glasswing is designed to create what the company describes as a “defensive head start,” allowing trusted partners to harden codebases before broader release. Roughly 40 organisations are participating in the broader programme, with Anthropic committing up to $100 million in computing credits and additional funding for open-source security efforts, it said.
How does it matter to Anthropic?
Cloud providers like Amazon, Microsoft, and Google sit alongside cybersecurity firms such as CrowdStrike and Palo Alto Networks, while hardware and networking giants Cisco and Broadcom extend the reach into infrastructure layers. Apple and Nvidia bring consumer-scale and compute acceleration stakes, while JPMorgan Chase signals the financial system’s exposure to AI-driven cyber risk.
Cisco’s chief security officer described AI-driven vulnerability discovery as a threshold event, compressing the “window between discovery and exploitation” from months to minutes.
"This work is too important and too urgent to do alone," Cisco's Anthony Grieco said in a joint release about Glasswing.
The bottom line
Industry participants argue that restricting access would not eliminate risk; it would simply concentrate it elsewhere. Meanwhile, US Vice President JD Vance and Treasury Secretary Scott Bessent also questioned leading tech CEOs about AI model security and how to respond to cyberattacks, a week before Anthropic released its new Mythos model.
The list of who gets access first is, in effect, a map of who is expected to hold the line when that shift fully arrives.
Also Read: Anthropic’s revenue run rate crosses $30 billion, secures Broadcom deal
Under the initiative known as Project Glasswing, access is initially reserved for a concentrated group of infrastructure providers, cybersecurity firms, and cloud platforms, including Amazon Web Services, Microsoft, Apple, Google, Nvidia, Cisco, Broadcom, CrowdStrike, Palo Alto Networks, and JPMorganChase, alongside the Linux Foundation and others.
"We have a new model that we're explicitly not releasing to the public," Mike Krieger of Anthropic Labs said at a HumanX AI conference in San Francisco.
The approach mirrors OpenAI’s decision in 2019 to delay the release of GPT-2 due to safety concerns.
The concerns
Anthropic has said the model has already identified thousands of high-severity flaws across core software systems. In a blog post, it said Mythos Preview can autonomously detect and chain software vulnerabilities at a scale that exceeds human capability, with internal testing reportedly uncovering thousands of high-severity flaws across operating systems, browsers, and core internet software.
That capability is precisely what drives the security concern. Company documents, as reported by Fortune, show internal caution that the same systems designed for defence could be repurposed for offensive exploitation.
Why Big Tech?
To reduce risk, Anthropic is deliberately limiting exposure. Early deployment through Glasswing is designed to create what the company describes as a “defensive head start,” allowing trusted partners to harden codebases before broader release. Roughly 40 organisations are participating in the broader programme, with Anthropic committing up to $100 million in computing credits and additional funding for open-source security efforts, it said.
How does it matter to Anthropic?
Cloud providers like Amazon, Microsoft, and Google sit alongside cybersecurity firms such as CrowdStrike and Palo Alto Networks, while hardware and networking giants Cisco and Broadcom extend the reach into infrastructure layers. Apple and Nvidia bring consumer-scale and compute acceleration stakes, while JPMorgan Chase signals the financial system’s exposure to AI-driven cyber risk.
Cisco’s chief security officer described AI-driven vulnerability discovery as a threshold event, compressing the “window between discovery and exploitation” from months to minutes.
"This work is too important and too urgent to do alone," Cisco's Anthony Grieco said in a joint release about Glasswing.
The bottom line
Industry participants argue that restricting access would not eliminate risk; it would simply concentrate it elsewhere. Meanwhile, US Vice President JD Vance and Treasury Secretary Scott Bessent also questioned leading tech CEOs about AI model security and how to respond to cyberattacks, a week before Anthropic released its new Mythos model.
The list of who gets access first is, in effect, a map of who is expected to hold the line when that shift fully arrives.
Also Read: Anthropic’s revenue run rate crosses $30 billion, secures Broadcom deal
