Anthropic’s Claude Mythos is now defending the power grids, water systems, and hospitals of 15+ countries from cyberattack — and it’s doing so by autonomously finding vulnerabilities no human team could locate fast enough. Here’s everything you need to know about how this frontier AI model, and the Project Glasswing initiative behind it, is redefining what AI-powered cybersecurity looks like in 2026.
What Is Claude Mythos and Why Does It Matter for Critical Infrastructure Security?
Claude Mythos is Anthropic’s most advanced AI model, currently not available to the general public. It was purpose-built with a security-first mandate and debuted publicly in April 2026 as the engine behind Project Glasswing, Anthropic’s joint industry initiative to identify and patch critical software vulnerabilities before malicious actors can exploit them.
Unlike general-purpose AI assistants, Claude Mythos critical infrastructure security work involves deep codebase analysis — scanning millions of lines of software that power hospitals, water treatment facilities, electricity grids, and telecommunications networks for what cybersecurity professionals call zero-day vulnerabilities: flaws that are unknown to the software’s developers and therefore unpatched and actively exploitable.
In its first weeks of deployment with 50 initial partners, the model reportedly identified thousands of zero-day vulnerabilities — a volume that would take traditional human-led security teams months or years to uncover. The implications for critical infrastructure AI protection are profound: the speed at which Mythos operates may be the only viable defense against the equally fast-moving threat landscape of state-sponsored and criminal cyber operations.
Claude Mythos vs. Standard AI Models: A Security-First Design
To understand why Claude Mythos is different from other AI tools, it helps to compare its design philosophy against both general-purpose models and the broader AI cybersecurity market.
| Feature | Claude Mythos | Standard AI Assistants | Traditional Security Tools |
|---|---|---|---|
| Primary Use Case | Zero-day vulnerability discovery | General productivity | Known CVE scanning |
| Codebase Analysis Depth | Millions of lines, cross-system | Limited or none | Rule-based pattern matching |
| Speed of Discovery | Thousands of vulnerabilities in weeks | N/A | Weeks to months per audit |
| Deployment Model | Controlled partner access only | Public API | Licensed enterprise software |
| Sectors Targeted | Critical national infrastructure | All sectors | Enterprise IT |
| Comparable Competitor | GPT-5.5-Cyber (OpenAI) | GPT-4o, Gemini, Sonnet | Tenable, CrowdStrike |
This comparison makes clear that Claude Mythos critical infrastructure security capability is not incremental — it represents a categorical shift in how defensive cyber operations can be conducted at scale.
What Is Project Glasswing? Anthropic’s Global Vulnerability Program Explained
Project Glasswing is a controlled, invitation-only program through which Anthropic grants access to Claude Mythos to vetted organizations whose codebases, if compromised, could cause catastrophic harm to large populations.
The program takes its name from the glasswing butterfly — a species notable for its near-invisible wings, a metaphor for the transparent, proactive nature of the vulnerability disclosure approach Anthropic is promoting.
How Project Glasswing Works
The mechanics of the program are straightforward but deliberately selective:
- Partner vetting: Organizations must demonstrate that a breach of their systems could affect 100 million or more people, or carry significant national/global security ramifications.
- Codebase access: Vetted partners submit their codebases to Mythos for analysis.
- Vulnerability reporting: Claude Mythos generates detailed reports of identified vulnerabilities, ranked by severity.
- Remediation support: Partners receive guidance on patching or mitigating identified flaws.
- Confidentiality: The program operates under strict non-disclosure given the sensitive nature of the infrastructure involved.
Anthropic has been explicit about why this closed model is necessary: openly publishing details of zero-day vulnerabilities before they are patched would hand a roadmap to attackers. Project Glasswing is, in effect, a race between defenders and adversaries — and Claude Mythos is Anthropic’s bet that AI can tip the balance toward defense.
How Claude Mythos Detects Zero-Day Vulnerabilities at Scale
Zero-day vulnerability detection is one of the most technically demanding problems in cybersecurity. The term “zero-day” refers to a flaw for which developers have had zero days to prepare a fix — because they don’t yet know it exists.
Traditional approaches to finding zero-days include:
- Penetration testing: Skilled human testers attempt to break into systems using known attack techniques.
- Static analysis tools: Software scans code for patterns associated with known vulnerability classes.
- Bug bounty programs: External researchers are financially incentivized to find and disclose flaws.
Each of these has serious limitations at the infrastructure scale. A major power grid operator may run tens of millions of lines of code across dozens of interdependent systems. Human pen-testers cannot cover this comprehensively; static analysis tools miss novel vulnerability patterns; bug bounty programs depend on the goodwill of the researcher community.
Claude Mythos approaches this differently. Rather than matching patterns to known vulnerabilities, the model applies contextual reasoning across entire codebases — understanding not just what individual functions do, but how they interact, where trust assumptions break down, and where a sophisticated attacker could chain multiple small weaknesses into a catastrophic exploit. This capability — AI zero-day vulnerability detection at codebase scale — is what makes Mythos qualitatively different from its predecessors.
Anthropic has not published detailed technical methodology, which is consistent with responsible disclosure practices in the security space. What the company has confirmed is that the model’s performance during its initial 50-partner deployment validated the decision to scale Project Glasswing significantly.
The 15+ Countries and 150 Organizations Now Protected by Claude Mythos
On June 2, 2026, Anthropic announced a major expansion of Project Glasswing: approximately 150 new organizations across more than 15 countries now have access to Claude Mythos for critical infrastructure AI protection.
Which Sectors Are Covered?
The expanded cohort deliberately targets sectors that were underrepresented in the initial 50-partner group:
- Power generation and distribution — electric grid operators and energy utilities
- Water treatment and distribution — municipal and regional water authorities
- Healthcare systems — hospital networks and health data infrastructure
- Communications networks — telecom providers and internet backbone operators
- Hardware manufacturers — companies producing chips and physical infrastructure components relied upon by other critical systems
Anthropic noted that many of the new partners are not end-user operators themselves, but organizations that maintain codebases that other organizations and governments depend on — upstream software suppliers whose compromise could cascade across entire industrial sectors.
Notable Partners in the Expanded Cohort
While Anthropic has not officially confirmed all partners, reporting from the Financial Times has identified several notable organizations now working within Project Glasswing:
- Okta — U.S.-based identity and access management platform used by thousands of enterprises and government agencies
- Samsung, SK Hynix, and SK Telecom — South Korean technology giants with critical roles in global semiconductor and communications infrastructure
- NATO — The transatlantic military alliance, headquartered in Brussels
- ENISA — The European Union’s official cybersecurity agency
The geographic footprint of the expanded program spans U.S. allies including Australia, Canada, France, Germany, Italy, Switzerland, the Netherlands, Spain, Belgium, Sweden, India, Japan, New Zealand, and South Korea.
The consistent thread across all partners is Anthropic’s stated criterion: a successful attack on any partner’s codebase could affect more than 100 million people, with consequences extending to national and global security.
Claude Mythos vs. GPT-5.5-Cyber: The AI Cybersecurity Race
Anthropic’s decision to scale Project Glasswing is explicitly tied to competitive urgency. The company has acknowledged publicly that it expects rival AI labs to develop models with comparable capabilities to Claude Mythos in the near term.
That prediction appears to be materializing. Since Mythos debuted in April 2026, OpenAI has released GPT-5.5-Cyber, a cybersecurity-specialized model it is currently rolling out to a select group of partners for testing.
This raises a critical question that the security community is actively debating: is AI-powered vulnerability detection a defensive advantage, or does it create new offensive risks?
The concern is legitimate. A model capable of finding thousands of zero-days in defensive mode could, in principle, be applied offensively to identify exploitable flaws in adversary systems — or misused by bad actors who gain unauthorized access. Anthropic’s response to this concern is the Project Glasswing model itself: by restricting access to vetted partners with clear defensive mandates, and by racing to patch known vulnerabilities before they can be exploited, the company is attempting to establish a defense-first norm before the technology proliferates more broadly.
Whether competitors will adopt similar norms — or whether the race to deploy will outpace the race to govern — is the defining policy question hanging over AI cybersecurity in 2026.
Why Critical Infrastructure AI Security Is the Defining Tech Challenge of 2026
The expansion of Claude Mythos critical infrastructure security coverage arrives at a moment of acute vulnerability for the systems that modern society depends on.
Several converging factors make this moment uniquely high-stakes:
- Aging codebases: Much critical infrastructure software was written decades ago, before modern security practices, and has accumulated years of technical debt and unreviewed code.
- Increasing connectivity: Infrastructure systems that were once air-gapped are now networked for operational efficiency, dramatically expanding their attack surface.
- State-sponsored threat actors: Nation-state hacking groups have demonstrated both the capability and willingness to target infrastructure — from the Colonial Pipeline attack to documented intrusions into power grid control systems.
- AI-accelerated offense: The same AI capabilities that make Mythos effective defensively could, in adversarial hands, be used to discover and exploit vulnerabilities faster than human defenders can patch them.
Against this backdrop, Anthropic’s argument for Project Glasswing is essentially that the only adequate response to AI-enabled offense is AI-enabled defense — and that the window to establish defensive infrastructure before offensive capabilities proliferate is closing rapidly.
The scale of the potential impact makes this more than a technology story. Anthropic estimates that a successful attack on any single partner’s codebase could affect over 100 million people. Multiply that across 150 partners across 15 countries, and the stakes of getting critical infrastructure AI protection right — or failing to — are difficult to overstate.
What This Means for the Future of AI-Powered Cybersecurity
The Claude Mythos Project Glasswing expansion is a landmark moment, but it also raises forward-looking questions about where AI-driven security is heading.
The Governance Gap
Perhaps the most urgent issue is governance. Project Glasswing currently operates on Anthropic’s internal criteria for partner vetting and vulnerability disclosure. There is no multilateral treaty framework governing AI-assisted vulnerability discovery, no international agreement on responsible disclosure timelines, and no established legal norms around AI’s role in offensive versus defensive cyber operations.
As Mythos-class capabilities spread — whether through Anthropic’s own expansion, OpenAI’s GPT-5.5-Cyber, or future models from other labs — the absence of governance frameworks becomes an increasing liability.
What Organizations Outside Project Glasswing Can Do Now
Not every organization can access Claude Mythos. For security teams working with existing tools, several principles from the Project Glasswing approach are instructive:
- Prioritize codebase visibility: You cannot defend what you cannot see. Comprehensive code inventory is a prerequisite for any AI-assisted security program.
- Treat upstream dependencies as your own attack surface: As Anthropic’s partner selection makes clear, your risk profile includes every library, framework, and third-party component your systems depend on.
- Adopt continuous scanning over point-in-time audits: The threat landscape changes faster than annual pen tests can capture.
- Assume AI-assisted adversaries: Threat modeling should now account for attackers using AI tools to accelerate vulnerability discovery.
- Invest in AI literacy within security teams: The gap between organizations that understand AI’s security implications and those that don’t is widening quickly.
The IPO Context
It is worth noting that Anthropic’s Project Glasswing expansion announcement came one day after the company filed confidentially for an initial public offering, following a $65 billion funding round at a valuation approaching $1 trillion. The timing is not incidental. Demonstrating that Claude Mythos can operate at global infrastructure scale — and that Anthropic has the governance model to manage it responsibly — is precisely the kind of proof point that differentiates a frontier AI company in a competitive market.
Claude Mythos critical infrastructure security deployment is simultaneously Anthropic’s most important safety initiative and its most compelling commercial differentiation. That both things can be true simultaneously is, in some ways, the central thesis of the company’s existence.
Frequently Asked Questions
What is Claude Mythos? Claude Mythos is Anthropic’s most advanced AI model, currently restricted to vetted partners under Project Glasswing. It is designed to identify zero-day security vulnerabilities in large codebases and is not available to the general public.
What is Project Glasswing? Project Glasswing is Anthropic’s controlled program for deploying Claude Mythos to critical infrastructure organizations — including energy, water, healthcare, and communications operators — to proactively identify and remediate security vulnerabilities before they can be exploited.
How many countries is Claude Mythos now deployed in? As of June 2026, Claude Mythos is deployed to approximately 150 organizations across more than 15 countries, primarily U.S. allies including Australia, Canada, France, Germany, Japan, South Korea, and others.
Is Claude Mythos available to the public? No. Claude Mythos is currently restricted to Project Glasswing partners due to cybersecurity concerns. Standard Claude models (Sonnet, Opus, Haiku) are available via claude.ai and the Anthropic API.
How does Claude Mythos compare to GPT-5.5-Cyber? Both are AI models purpose-designed for cybersecurity applications and currently deployed to limited partner groups. Claude Mythos was first to market in April 2026; OpenAI’s GPT-5.5-Cyber followed. Independent comparative benchmarks have not yet been publicly released.
Key Takeaways
- Claude Mythos is Anthropic’s most powerful AI model, deployed exclusively through Project Glasswing to defend critical infrastructure
- The program has expanded to 150 organizations across 15+ countries, covering power, water, healthcare, communications, and hardware sectors
- Each partner was selected because a successful attack on their systems could affect more than 100 million people
- Claude Mythos can identify thousands of zero-day vulnerabilities in weeks — a task that would take human teams years
- Anthropic’s expansion is partly driven by competitive urgency: OpenAI has since released GPT-5.5-Cyber, signaling that AI cybersecurity is now a major front in the AI race
- Governance frameworks for AI-assisted vulnerability discovery remain largely absent at the international level