Anthropic today announced it is expanding Project Glasswing — its restricted program giving select organizations access to Claude Mythos, its most powerful and deliberately un-released AI model — to 150 new partners across more than 15 countries. That brings the total to over 200 organizations working with a model Anthropic has described as too dangerous for public release.

The expanded partner list includes Okta, Samsung, the EU Agency for Cybersecurity (ENISA), and NATO. Participating countries now span Australia, Canada, France, Germany, Italy, Switzerland, the Netherlands, Spain, Belgium, Sweden, India, Japan, New Zealand, and South Korea — all nations with strong US diplomatic ties.

What Glasswing Partners Are Actually Doing

The premise of Project Glasswing is defensive: give AI-capable defenders access to a model that could otherwise outpace them if it fell into the wrong hands. Participating organizations use Claude Mythos to identify vulnerabilities in their own systems before attackers can exploit them.

The results so far are striking. Mythos has identified more than 23,000 potential vulnerabilities across participating organizations’ systems. Anthropic estimates that over 6,000 of those will be confirmed as severe flaws — the kind that, unpatched, could enable significant breaches.

The program started in April 2026 with roughly 50 initial partners. Anthropic gave that first cohort access to Claude Mythos Preview and asked them to test the model against their own infrastructure. The expansion announced today brings in critical infrastructure providers in sectors including power, water, healthcare, communications, and hardware manufacturing.

Why Mythos Still Isn’t Public

Anthropic is not planning a public release anytime soon. In its announcement, the company reiterated that it is working “as quickly as we can to safely release Mythos-level capabilities” to the public, but won’t do so until it implements “highly robust safeguards” to prevent misuse.

That caution is not hypothetical. In internal testing, Mythos autonomously identified and exploited vulnerabilities in every major operating system and web browser, including a 17-year-old remote code execution flaw in FreeBSD with no human direction beyond an initial prompt. Anthropic’s own assessment is that the model “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.”

That tension — a model powerful enough to matter for defense, but dangerous enough that Anthropic won’t release it — is what makes Glasswing unusual. It is not a beta program. It is a controlled deployment of a capability the company believes carries real systemic risk.

What This Means for Business

Most businesses won’t get access to Mythos this year. But the Glasswing expansion signals a few things worth paying attention to.

Critical infrastructure is the first frontier. The organizations Anthropic added — power grids, water systems, healthcare providers, telecom operators — are sectors where a successful cyberattack has physical consequences. AI-driven vulnerability discovery is moving fastest where the stakes are highest.

Security AI is becoming an institutional concern. The addition of NATO and ENISA alongside Samsung and Okta reflects a shift: AI-powered security is no longer just a vendor product. It is becoming part of how governments and multinational bodies think about defense posture.

The gap between capable AI and publicly available AI is widening. Mythos is reportedly well ahead of any publicly available model on cybersecurity tasks. If you are building AI security tooling today, you are building against models that are already being outpaced behind closed doors.

What you can do now: If your business runs critical systems or handles sensitive data, the time to audit your security posture against current AI capabilities is before public Mythos-class models arrive — not after. Anthropic’s timeline suggests that window could be weeks to months, not years.

For organizations that want to strengthen their data and AI capabilities in preparation for a world where these tools are more widely available, Enterprise DNA’s Omni Advisory helps business leaders build the data foundations and governance frameworks that AI agents — whether defensive or operational — actually require.