Anthropic Launches Project Glasswing: A Cybersecurity AI Too Dangerous to Release Publicly

Anthropic announced Project Glasswing on April 24 — a research initiative built around Claude Mythos, its most powerful model to date, which the company has decided is too dangerous to release to the general public. Instead, Mythos Preview is being shared exclusively with a curated list of cybersecurity organizations, including JPMorganChase and select government infrastructure partners, specifically for defensive security work. The reason for the restricted release is unusual candor from an AI lab: Anthropic believes Mythos has capabilities that could be misused for offensive cyberattacks if made broadly available. Rather than wait for those capabilities to be discovered and exploited by bad actors, Anthropic is deploying them first in controlled environments to build defenses. In practice, Mythos can find vulnerabilities in critical software — the kind of flaws that take human security researchers months to uncover — in hours. JPMorganChase is using it to stress-test financial system security. Government partners are evaluating its use for protecting power grids and water supply digital systems. Anthropic says it plans to use learnings from Project Glasswing to build safety guardrails into an upcoming public Claude Opus model, after which broader access may be considered. This is a meaningful departure from the usual AI product launch playbook: instead of releasing first and asking questions later, Anthropic is explicitly acknowledging the risk and choosing a restricted rollout. For security professionals, this signals that AI-assisted vulnerability discovery is no longer theoretical — it's happening now in production environments at major financial institutions.