Project Glasswing

New Capabilities

Active and expanding; UK financial sector institutions in talks for access; EU AI Office in negotiations but not yet granted access

Anthropic built an AI model so capable at finding software vulnerabilities that it decided not to sell it. Claude Mythos Preview, announced on April 7, autonomously discovered thousands of previously unknown security flaws in every major operating system and web browser — including a remote crash bug in OpenBSD that had gone undetected since 1999. Rather than offering the model commercially, Anthropic restricted access to 12 major technology companies through Project Glasswing, backed by $100 million in usage credits. On April 16, Anthropic separately released Claude Opus 4.7 — its most capable publicly available model — explicitly positioned as its strongest model cleared for wide deployment, with Mythos remaining off-limits.

Updated Apr 17

New Capabilities

Active; partner organizations scanning critical software

An AI model that can find software flaws no human has caught in nearly three decades has triggered a coordinated response from central banks across the Western world. Anthropic's Claude Mythos Preview, which the company says discovered thousands of previously unknown vulnerabilities in every major operating system and web browser, prompted the US Treasury and Federal Reserve to summon Wall Street chief executives to Washington on April 8. By April 11, the Bank of England, the Bank of Canada, and their respective financial regulators had convened or scheduled their own emergency sessions with banks.

Updated Apr 11