Anthropic's Project Glasswing Enlists 40+ Tech Giants to Hunt Zero-Days With Claude Mythos
Anthropic launched Project Glasswing, a defensive AI cybersecurity coalition that uses Claude Mythos Preview to autonomously discover high-severity vulnerabilities at scale. Apple, AWS, Cisco, CrowdStrike, Google, Microsoft, and NVIDIA are among the 40+ founding partners.
Anthropic announced Project Glasswing on April 27 — a defensive AI cybersecurity initiative that deploys Claude Mythos Preview to autonomously discover high-severity vulnerabilities in production systems at scale. More than 40 organizations are founding partners, including AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, Palo Alto Networks, and the Linux Foundation.
What Glasswing actually does
During early access, the system already found thousands of high-severity zero-days in legacy codebases — vulnerabilities that traditional static analysis and fuzzing pipelines had missed. Claude Mythos Preview handles the autonomous scanning: analyzing codebases, tracing execution paths, reasoning about attacker behavior patterns, and writing proof-of-concept exploits to confirm findings before disclosing them.
The scale is the critical variable here. Human security researchers are expensive, limited in number, and can only audit so much code in parallel. An AI model that can run hundreds of simultaneous analysis threads across millions of lines of legacy C and C++ — code that nobody wants to touch but everyone depends on — changes the economics of vulnerability discovery entirely.
The system operates under coordinated disclosure. Glasswing reports confirmed findings directly to affected vendors and does not provide exploits or technical details to any party outside the organization that owns the affected code. Anthropic is explicit that this is a defensive-only initiative.
Why the timing is deliberate
APT28 weaponized CVE-2026-32202 within days of Microsoft’s incomplete February patch. North Korean operators exploited a Solana convenience feature to steal $285 million from Drift Protocol. The time between patch release and active exploitation has compressed to days or hours for high-value targets.
Traditional vulnerability disclosure cycles assume a 90-day window between discovery and public disclosure — time for vendors to build and ship patches while coordinating with the original researcher. That model doesn’t survive contact with well-resourced nation-state actors who have their own fuzzing pipelines, their own models, and no obligation to coordinate with anyone.
CISA added dozens of actively exploited flaws to its Known Exploited Vulnerabilities catalog throughout April 2026. Federal agencies are chasing remediation deadlines in May and June. The vulnerability debt in legacy enterprise software is real, it’s being actively exploited, and it’s larger than the global security research community can manually audit.
The coalition structure
Each partner category contributes differently. Cloud providers (AWS, Google, Microsoft) contribute infrastructure and large software asset libraries. Security vendors (CrowdStrike, Palo Alto Networks) contribute threat intelligence and exploit validation pipelines. Hardware companies (NVIDIA, Apple, Broadcom) contribute firmware and driver codebases — historically among the hardest to analyze and most impactful when compromised. The Linux Foundation brings open-source infrastructure that underlies most of the internet.
Anthropic has explicitly avoided positioning Glasswing as a commercial product for now. Partners contribute codebases to scan in exchange for access — a reciprocal model that builds the research library and establishes Claude’s capability in security work simultaneously.
The strategic subtext
This is a pre-regulatory move. Frontier AI labs face increasing pressure to demonstrate that AI capability improvements are paired with safety applications, not just risks. Glasswing gives Anthropic a concrete, measurable answer to the “what are you doing to make AI safe?” question: we’re using our most capable model to find vulnerabilities before adversaries do, and we’ve enlisted 40+ of the world’s most important technology companies to contribute.
Whether the thousands of zero-days found during early access represent a genuine breakthrough in automated vulnerability research or careful scope selection will become clearer as the program publishes coordinated disclosures. But the coalition assembled — and the willingness of Apple, Microsoft, and Google to participate simultaneously — is itself a signal that the security industry has concluded AI-powered offensive capability is no longer theoretical and that finding vulnerabilities proactively is better than waiting.