Anthropic is pushing deeper into the security ecosystem with a major expansion of two related efforts: Project Glasswing, its vulnerability discovery program, and Mythos, which provides participating organizations access to Anthropic’s systems for security research. The company says it is scaling these initiatives to reach 150 organizations across more than 15 countries, with a deliberate focus on critical infrastructure—sectors where a cyberattack can quickly move from “incident” to “public impact.”
The announcement, reported by TechCrunch, frames the expansion around a simple but high-stakes idea: vulnerabilities don’t just exist in code; they exist in the real-world environments where software is deployed, maintained, and trusted. When those environments are tied to essential services—power generation and distribution, water systems, healthcare operations, and communications networks—the consequences of exploitation can ripple outward, affecting millions of people at once. Anthropic’s stated target is scenarios where a cyberattack could affect up to 100 million people, underscoring why the company is emphasizing both breadth (more organizations, more countries) and specificity (critical sectors rather than generic testing).
At first glance, this might look like another “AI company enters cybersecurity” story. But the structure of what Anthropic is doing suggests something more nuanced: it’s not merely offering tools for defensive work, nor is it positioning itself as a replacement for established security teams. Instead, Anthropic appears to be building a pipeline that connects vulnerability discovery to responsible disclosure and practical remediation—while using its own models and security-oriented workflows to accelerate parts of that pipeline.
Project Glasswing: scaling vulnerability discovery beyond the lab
Project Glasswing is Anthropic’s vulnerability discovery program. In broad terms, programs like this aim to identify weaknesses in software and systems before attackers do—then coordinate disclosure so that defenders can patch. What makes Glasswing notable is that it’s designed to operate at the intersection of AI-assisted research and real-world security processes. That matters because vulnerability discovery is rarely a purely technical exercise. It involves understanding how systems behave under constraints, how they fail in edge cases, and how fixes can be validated without breaking functionality.
Scaling to 150 organizations changes the shape of that work. With more participants, the program can cover a wider range of technologies, deployment patterns, and threat models. Critical infrastructure isn’t one monolith; it’s a patchwork of legacy systems, vendor-specific components, custom integrations, and operational constraints that make “standard” security advice difficult to apply. A vulnerability that looks straightforward in a controlled environment may be hard to reproduce in a production setting—or may require careful coordination to test safely. By expanding participation across countries and organizations, Glasswing can better reflect the diversity of real deployments.
There’s also a strategic element to the expansion: critical infrastructure tends to have higher barriers to entry for security research. Access is harder, testing windows are limited, and the cost of downtime is high. If Anthropic can help lower friction for vetted organizations to conduct security work, it can increase the odds that vulnerabilities are found earlier and handled more responsibly.
Mythos access: making security research more scalable
Alongside Glasswing, Anthropic is expanding access to Mythos. While the details of Mythos are not fully spelled out in the summary provided, the concept is clear enough to interpret the intent: Mythos is a mechanism for enabling participating organizations to use Anthropic’s capabilities in security contexts. In other words, it’s not just about discovering vulnerabilities; it’s about giving teams the ability to analyze, reason about, and validate security findings more efficiently.
In practice, security teams often face a bottleneck: time. Even when a vulnerability is identified, the work required to confirm impact, understand exploitability, map affected components, and draft actionable remediation guidance can be slow. AI systems—when used responsibly—can potentially reduce the time spent on certain classes of analysis, such as summarizing code paths, generating hypotheses about failure modes, or assisting with triage. The key is that these systems must be integrated into workflows that preserve human oversight and align with disclosure norms.
By expanding Mythos access to a larger set of organizations, Anthropic is effectively increasing the number of “hands” that can perform security research using its systems. That can improve throughput, but it also raises an important question: how does Anthropic ensure that access is used in ways that support defense rather than misuse? The answer likely lies in the structure of participation—vetted organizations, defined scopes, and security-oriented guardrails. The announcement’s emphasis on critical infrastructure suggests that Anthropic is targeting environments where the goal is defensive improvement, not experimentation for its own sake.
Why critical infrastructure is the center of gravity
The sectors Anthropic highlights—power, water, healthcare, and communications—are not random categories. They represent different operational realities and different risk profiles, but they share a common property: disruption can become systemic quickly.
Power systems involve complex control environments, distributed assets, and long-lived equipment. Water systems often combine industrial control components with monitoring and treatment processes that must remain stable. Healthcare environments include both clinical systems and administrative platforms, with safety implications that go beyond data loss. Communications networks underpin everything from emergency response to everyday connectivity, and their compromise can amplify the effects of other attacks.
When Anthropic says the program targets environments where a cyberattack could affect up to 100 million people, it’s pointing to the scale at which failures can cascade. A vulnerability in a widely used component, a misconfiguration pattern, or a weakness in an integration layer can turn into a large-scale incident if exploited across multiple sites or vendors. Expanding Glasswing and Mythos access to more organizations increases the chance that vulnerabilities are discovered in the components and configurations that matter most.
But there’s another angle that’s easy to miss: critical infrastructure is also where security research is hardest to do well. Many systems are constrained by safety requirements, regulatory obligations, and operational continuity. That means defenders need not only vulnerability discovery, but also practical guidance for remediation that respects uptime, change management, and safety validation. If Anthropic’s expanded program can help participating organizations produce findings that are more actionable—rather than just technically interesting—it could have outsized impact.
A global expansion: more countries, more threat context
The announcement specifies coverage across 15+ countries. That detail matters because cyber risk is not evenly distributed. Threat actors adapt to local conditions, languages, procurement practices, and regulatory environments. Software supply chains vary by region, and so do the common deployment patterns and legacy stacks. Even when the underlying technology is similar, the way it’s configured and maintained can differ dramatically.
By expanding across countries, Anthropic’s program can better capture those differences. That can improve the relevance of vulnerability discovery and the quality of disclosure. It also helps avoid a common failure mode in security research: optimizing for a narrow set of assumptions that don’t hold elsewhere.
There’s also a capacity-building implication. Security programs that bring together multiple organizations can create shared learning—patterns of vulnerabilities, lessons about remediation, and improved coordination practices. Over time, that can strengthen the broader ecosystem, not just the individual participants.
The “responsible” part of vulnerability discovery
Vulnerability discovery is not just about finding flaws; it’s about handling them correctly. Responsible disclosure requires coordination, timelines, and communication that allow affected parties to patch without giving attackers a roadmap. For critical infrastructure, this is even more important. The window between public knowledge and exploitation can be short, and the consequences of premature disclosure can be severe.
Programs like Glasswing typically aim to formalize that process. Scaling to 150 organizations suggests Anthropic is trying to increase the number of entities that can participate in that responsible workflow. That can reduce the time between discovery and mitigation, especially when participating organizations have direct relationships with the systems being tested or the vendors involved.
However, scaling also introduces complexity. More participants means more variation in how organizations handle findings, how they validate impact, and how they communicate with stakeholders. Anthropic’s role—through Mythos access and program structure—likely includes standardization: ensuring that research outputs are consistent enough to be useful and safe to act on.
A unique take: AI as an amplifier of security operations
Many AI security announcements focus on “AI can find vulnerabilities.” That’s true in a narrow sense, but it misses the operational reality: security teams don’t just need vulnerability candidates; they need end-to-end support for the work that follows.
Anthropic’s approach, as described, reads more like an attempt to amplify security operations. Glasswing expands the discovery side, while Mythos access expands the analytical and reasoning side. Together, they can help organizations move faster from “something might be wrong” to “here’s what’s exploitable, here’s what’s affected, and here’s what to fix.”
This is where the critical infrastructure focus becomes especially meaningful. In those environments, the cost of slow or unclear remediation is high. If AI-assisted workflows can help teams produce clearer findings and more efficient triage, the benefit isn’t just speed—it’s better decision-making under pressure.
There’s also a subtle cultural shift implied by the expansion. Security research has historically been concentrated among a relatively small number of specialized groups. By bringing in 150 organizations across many countries, Anthropic is effectively broadening the circle of entities that can contribute to vulnerability discovery and analysis. That can help reduce the gap between cutting-edge research and the day-to-day realities of defenders.
What this could mean for defenders and vendors
For defenders, the immediate value is access: more organizations can participate in security research, and those organizations can use Mythos to support analysis. For vendors and operators in critical infrastructure, the potential benefit is earlier detection of weaknesses in the systems they rely on.
But there’s also a second-order effect: increased pressure on the security lifecycle. When more organizations are actively searching for vulnerabilities—and when those searches are supported by advanced tools—vendors may face faster feedback loops. That can encourage more robust secure development practices, better logging and monitoring, and more disciplined patching strategies.
Still, it’s important to keep expectations grounded. AI-assisted security research doesn’t eliminate the need for engineering