Anthropic launches cybersecurity initiative around preview AI model

A frontier model is being pointed at defense first

Anthropic says it is giving a preview version of a new AI model to a coalition of technology and security organizations as part of a cybersecurity effort aimed at finding weaknesses in critical software infrastructure before attackers do.

The initiative, called Project Glasswing, brings together companies and organizations including Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, and Palo Alto Networks. Anthropic said the model will be used for defensive security work and that findings will be shared more broadly across the industry.

The move reflects a growing tension at the center of AI development. More capable models can increase the risk of offensive cyber misuse, but they may also give defenders new tools for discovering vulnerabilities at a scale and depth that conventional testing struggles to match.

What Anthropic says the model can do

According to the report, Anthropic discovered strong security applications while training what it called “Claude Mythos Preview” for coding and reasoning tasks. The company said the model has already identified thousands of zero-day vulnerabilities in recent weeks, many of them critical.

Among the examples Anthropic cited were a 27-year-old bug in OpenBSD and a 16-year-old flaw in widely used video software that automated testing tools had not found. The company also described internal testing against 1,000 open-source repositories in which Mythos Preview produced substantially more serious crash results than earlier models.

In Anthropic’s description, the previous generation produced many lower-tier crashes and only a single tier 3 crash, while Mythos Preview generated 595 crashes across tiers 1 and 2, a handful in tiers 3 and 4, and full control-flow hijacks on 10 fully patched targets. Anthropic said the model was not specifically trained to perform those exploits and that the capability emerged from broader gains in coding, reasoning, and autonomous behavior.

Why critical software is the focus

Project Glasswing is centered on critical software infrastructure because flaws in widely used foundations can ripple across governments, businesses, and open-source ecosystems. Anthropic said it is extending access beyond the initial partner set to around 40 additional organizations that build or maintain critical software.

The company is also committing up to $100 million in model usage credits and $4 million in direct donations to open-source security organizations. That combination suggests an effort not just to prove model capability, but to seed a defensive workflow around software that underpins large parts of the digital economy.

If the model can reliably identify vulnerabilities that have survived for years inside mature code bases, then its value may be highest where software is oldest, most trusted, and hardest to audit comprehensively with existing tools.

The double-edged nature of stronger AI

The announcement arrives amid mounting concern that advanced models could make cyberattacks more sophisticated. Anthropic acknowledged that tension directly, arguing that frontier capabilities may advance substantially over the coming months and that defenders need to act quickly if they are to keep pace.

That framing is important. Anthropic is not presenting the model merely as a productivity aid for security researchers. It is presenting it as part of a race between offensive and defensive capability, one in which delay could favor attackers.

There is also an implicit policy argument in the structure of the release. The preview is limited, not generally available, and tied to a defined security mission. That suggests Anthropic is trying to demonstrate a controlled deployment path for high-capability systems in domains where the upside is real but the misuse potential is also unusually high.

An emerging model for AI security deployment

The initiative may prove significant even beyond Anthropic’s own system. If Project Glasswing succeeds, it could become a template for how frontier labs introduce sensitive capabilities: limited access, vetted partners, mission-bounded use, and an expectation that results are shared outward rather than hoarded.

Anthropic also said it has been in ongoing discussions with U.S. government officials about the model’s offensive and defensive cyber capabilities. That detail points to another reality now shaping the sector: cybersecurity is no longer a side application for advanced AI labs. It is rapidly becoming one of the core tests of how these systems will be governed, evaluated, and integrated into critical infrastructure.

For now, the company’s claim is clear. It believes Mythos-class capability can materially strengthen software defense, and it is trying to prove that proposition in partnership with some of the largest institutions in technology.

What to watch next

The next phase will matter more than the headline. The central questions are whether partner organizations validate Anthropic’s claims in real-world workflows, whether the vulnerabilities uncovered are fixed and disclosed effectively, and whether the same class of model can be kept aligned with defensive use as capabilities continue to improve.

AI companies have spent the last two years arguing that their systems will reshape coding. Project Glasswing tests a narrower, harder proposition: whether they can reshape software security in ways that meaningfully reduce risk before adversaries catch up.

This article is based on reporting by Fast Company. Read the original article.