Anthropic is expanding its controlled access to Claude Mythos. The company stated that approximately 150 new agencies will be included in Project Glasswing to identify vulnerabilities, fix flaws, and assess potential misuse risks before the model is rolled out more widely.

This arrangement covers technology companies, security agencies, and government departments. Anthropic stated that new partners must first meet security requirements before gaining access. The company previously indicated that after completing additional safeguards, the Mythos-level model may be made available to more customers in the coming weeks.

Tens of thousands of high-risk vulnerabilities have been discovered.

Claude Mythos came to public attention in March of this year due to the leak of related materials. Anthropic has now disclosed that organizations that gained early access have used Mythos Preview to identify more than 10,000 high-risk or critical software vulnerabilities.

These partners are also using the model to write patches, conduct security reviews, and complete testing before the software is released. Anthropic believes that defenders need to acquire more powerful AI tools before attackers can achieve the same level of capability.

• Approximately 150 new partner organizations were added.
• More than 10,000 high-risk or critical vulnerabilities have been identified.
• Wider customer access is expected to proceed in the coming weeks.

Cybersecurity capabilities are under continuous scrutiny.

As the model's capabilities improve, researchers and government agencies are continuously assessing its cyberattack risks. The UK's AI Security Institute reported that Mythos autonomously completed 32 steps in a test simulating a corporate cyberattack.

Mozilla stated that the model identified 271 vulnerabilities in the Firefox browser, which were subsequently patched. Security startup Calif claimed that the preview model helped researchers build an exploit chain targeting Apple's M5 chip.

This performance has heightened concerns that stronger models could both aid in defense and lower the barrier to entry for sophisticated cyberattacks. Anthropic believes that other developers may release models of similar caliber within the next 6 to 12 months, and these models may not necessarily have comparable security limitations.

Proceed with the opening-up plan after submitting the IPO application

The day before expanding its testing scope, Anthropic had secretly filed for an IPO with the U.S. Securities and Exchange Commission, initiating preparations for its listing. This expansion of the Glasswing program has also drawn market attention to how the company will balance commercialization with security controls.

According to Anthropic, the release of cutting-edge models will become increasingly sensitive, especially in areas such as cybersecurity that affect both attackers and defenders. The company hopes that through controlled openness, defenders can first establish a tool advantage before deciding on a wider release schedule.