Anthropic lets Glasswing partners publish Mythos-found flaws

Anthropic will allow Project Glasswing partners to publicly disclose software flaws identified by its Claude Mythos model, reversing earlier confidentiality restrictions. Partners can share findings with other partners, affected vendors, government authorities, the media and the public.

Project Glasswing, announced last month, brings together companies including Apple, AWS, CrowdStrike, Google and Microsoft to use Mythos to find security weaknesses in widely used software. Anthropic had limited access to Mythos after the model reportedly identified thousands of serious flaws across major operating systems and web browsers to reduce the risk of misuse.

Anthropic confirmed the change in a statement and provided a written comment: “While there was never a specific Glasswing NDA, confidentiality protections were something partners asked for at the outset and were built into agreements partners signed. As the program has matured, we’ve adapted them to ensure key information can be shared broadly — including outside the program — for maximum defensive impact.”

The updated policy lets partners report and work directly with affected vendors and other outside parties instead of routing every finding through Anthropic. That approach is intended to prevent a single coordination point for remediation if Mythos continues to surface large numbers of vulnerabilities.

Anthropic said it will keep the Mythos Preview tightly controlled because the capability could be abused if widely available. The company has argued that defenders need stronger tools to keep pace with threats. OpenAI has introduced a comparable product built on its code-analysis tools and a newer model, describing its design as pairing expanded defensive capability with safeguards and accountability.

Industry analysts have warned that AI-driven discovery can shorten the time between when a flaw is found and when it can be exploited. The analyst firm Gartner recommended that security providers adopt AI tools to assess code in the wild and in development and to speed coordination with partners on remediation.

Project Glasswing remains an active collaboration among major technology and security firms. Anthropic says it will continue to control direct access to the Mythos Preview while allowing broader sharing of findings.