{"id":"project-glasswing","title":"Project Glasswing","content":"**Project Glasswing** is a cybersecurity consortium led by the AI safety and research company Anthropic. Announced on April 7, 2026, the project brings together major technology and finance companies to use a powerful, unreleased AI model, Claude Mythos Preview, for defensive cybersecurity purposes. The initiative's goal is to proactively discover and remediate security vulnerabilities in critical open-source software and digital infrastructure before similar AI capabilities can be used by malicious actors. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP)\n\n## Overview\n\nProject Glasswing was established as a direct response to the powerful, dual-use capabilities observed in Anthropic's frontier AI model, Claude Mythos Preview. After internal testing demonstrated the model's ability to autonomously find and exploit software flaws, Anthropic decided against a public release, deeming the model too potent for general availability. [\\[2\\]](#cite-id-13a9KWrVqrWXgLIi) [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc)\n\nThe core mission of the consortium is to leverage Claude Mythos Preview in a controlled environment to fortify digital defenses. By providing private, early access to the model, Project Glasswing allows partners to discover and fix vulnerabilities in their own systems and in widely used open-source software. The project operates on the principle of coordinated vulnerability disclosure, aiming to give cybersecurity professionals a critical head start and a \"durable advantage\" against the anticipated proliferation of AI-driven cyber threats. [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc)\n\nThe initiative addresses the concern that AI models with advanced cyber-offense capabilities will soon become widespread, potentially empowering state and non-state actors to conduct more frequent and sophisticated attacks. By harnessing the same technology for defense, the project seeks to rebalance the security landscape and establish new best practices for vulnerability management in an era of AI-accelerated threats. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP)\n\n## History and Background\n\n### Motivation and Rationale\n\nThe impetus for Project Glasswing arose from Anthropic's internal development and red-teaming of its frontier AI models. The company discovered that its latest model, Claude Mythos Preview, possessed emergent capabilities for autonomously identifying software vulnerabilities and creating functional exploits with minimal human guidance. This discovery prompted what the company described as an \"urgent attempt\" to prioritize a defensive application for this powerful technology. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP)\n\nThe project's rationale is rooted in managing the dual-use nature of advanced AI. While the model is a powerful tool for defense, its capabilities make it an equally potent instrument for malicious cyberattacks. Anthropic executives stated that they anticipate adversaries will develop AI with similar capabilities in \"months, not years,\" framing the project as a \"critical race to secure infrastructure.\" This sense of urgency was echoed by Logan Graham, Anthropic's [Frontier](https://iq.wiki/wiki/frontier) Red Team Lead, who stated, \"We need to prepare now for a world where these capabilities are broadly available in 6, 12, 24 months. Many of the assumptions that we’ve built the modern security paradigms on might break.\" [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc) [\\[2\\]](#cite-id-13a9KWrVqrWXgLIi)\n\n### Launch and Initial Commitments\n\nProject Glasswing was officially announced on April 7, 2026. [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc) Along with the launch, Anthropic publicly committed to reporting on the project's progress, including specific findings and fixed vulnerabilities, within 90 days. The project was framed not only as a technical initiative but also as a collaborative effort to engage with government and security organizations to inform national security strategies and evolve industry-wide security practices. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP)\n\n## Core Technology: Claude Mythos Preview\n\nThe central technology enabling Project Glasswing is **Claude Mythos Preview**, a proprietary frontier AI model developed by Anthropic. It is not slated for public release due to its potent and potentially dangerous dual-use capabilities in cybersecurity. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP)​\n\nThe model's advanced cybersecurity skills are an emergent property of its general advanced coding and reasoning abilities, rather than the result of specific training for cyber tasks. Anthropic has assessed the model's capabilities as comparable to a \"senior security researcher.\" [\\[2\\]](#cite-id-13a9KWrVqrWXgLIi)​\n\n### Demonstrated Capabilities\n\nInternal testing and initial use within the consortium have shown that Claude Mythos Preview is capable of a range of advanced security tasks, including:\n\n* **Autonomous Vulnerability Discovery:** The model can autonomously search for and identify software vulnerabilities in codebases.\n* **Exploit Development:** It can generate complete attack chains and proofs of concept for the vulnerabilities it finds.\n* **Offensive Security Simulation:** It can be used for penetration testing and endpoint security assessments.\n* **Binary Analysis:** The model can hunt for system misconfigurations and evaluate software binaries even without access to the original source code.\n\nThese abilities represent a significant advancement over previous publicly available models and underscore the decision to restrict access to a controlled environment. [\\[2\\]](#cite-id-13a9KWrVqrWXgLIi) [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc)​\n\n### Notable Discoveries\n\nIn its pre-launch and initial phases, the model has been used to identify thousands of previously unknown (zero-day), high-severity vulnerabilities across major software projects. [\\[4\\]](#cite-id-1K87iBna786EVpbw) Notable examples of its discoveries include:\n\n* A **27-year-old vulnerability** in the OpenBSD operating system that could allow a remote attacker to crash a targeted machine. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP) [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc)\n* A **16-year-old vulnerability** in the widely used FFmpeg multimedia library. This flaw was particularly significant as it had been missed by automated scanning tools that had run on the code an estimated five million times. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP) [\\[4\\]](#cite-id-1K87iBna786EVpbw)\n* An autonomously generated exploit chain that combined multiple vulnerabilities in the Linux kernel to achieve privilege escalation, allowing an attacker to move from a standard user account to full system control (root access). [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP)\n\nAll vulnerabilities identified during the initial testing phase were reportedly patched in coordination with the respective software maintainers before the project's public announcement. [\\[4\\]](#cite-id-1K87iBna786EVpbw)​\n\n### Benchmark Performance\n\nClaude Mythos Preview demonstrates a notable performance increase in cybersecurity, coding, and reasoning benchmarks compared to Anthropic's next-best publicly available model at the time of launch, Claude Opus 4.6. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP) [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc)​\n\n| Benchmark              | Claude Mythos Preview | Claude Opus 4.6 | Description                                                                   |\n| ---------------------- | --------------------- | --------------- | ----------------------------------------------------------------------------- |\n| **CyberGym**           | 83.1%                 | 66.6%           | Measures performance in cybersecurity tasks.                                  |\n| **SWE-bench Pro**      | 77.8%                 | 53.4%           | An advanced benchmark for fixing real-world bugs in GitHub repositories.      |\n| **SWE-bench Verified** | 93.9%                 | 80.8%           | A benchmark for fixing real-world bugs in GitHub repositories.                |\n| **Terminal-Bench 2.0** | 82.0%                 | 65.4%           | Measures performance in agentic, terminal-based tasks.                        |\n| **GPQA Diamond**       | 94.6%                 | 91.3%           | A benchmark measuring advanced reasoning capabilities.                        |\n| **OSWorld-Verified**   | 79.6%                 | 72.7%           | Measures performance in agentic tasks within an operating system environment. |\n\nThe data from these benchmarks illustrates the increase in capability that prompted the creation of Project Glasswing. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP) [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc)​\n\n## Project Goals and Methodology\n\n### Primary Objectives\n\nProject Glasswing operates with several key goals:\n\n* **Vulnerability Remediation:** The core activity involves partners using Claude Mythos Preview for security tasks such as local vulnerability detection, black-box testing, and penetration testing on their own foundational software and systems.\n* **Information Sharing:** Anthropic coordinates the sharing of project learnings with the broader industry. Partners are contractually obligated to share their findings to improve collective security.\n* **Public Reporting:** The project is committed to transparency, with a public report on findings and progress scheduled for release within 90 days of launch.\n* **Evolving Security Practices:** The consortium aims to collaborate with security organizations to generate new recommendations for vulnerability disclosure processes, software update mechanisms, and secure-by-design principles suited for an AI-accelerated environment.\n* **Government Engagement:** Anthropic maintains an ongoing dialogue with U.S. government officials regarding the model's capabilities to help inform national security strategies.\n\nThese goals collectively aim to create a more resilient digital ecosystem prepared for the next generation of cyber threats. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP) [\\[4\\]](#cite-id-1K87iBna786EVpbw)\n\n### Vulnerability Disclosure Process\n\nTo manage its powerful findings responsibly, Project Glasswing follows a structured, multi-step process for vulnerability disclosure:\n\n1. **Internal Triage:** All potential bugs discovered by the AI model are first triaged internally by Anthropic's team.\n2. **Human Validation:** High-severity vulnerabilities are passed to professional human security experts for manual validation to confirm authenticity and assess their potential impact.\n3. **Coordinated Reporting:** Before submitting bug reports, Anthropic contacts the relevant software maintainers to establish a manageable reporting cadence, preventing them from being overwhelmed by a high volume of reports.\n4. **Patch Assistance:** For open-source projects, Anthropic endeavors to provide a candidate patch alongside the vulnerability report. These patches are explicitly labeled as either AI-generated or AI-assisted and human-reviewed.\n5. **Coordinated Disclosure Timeline:** The project adheres to a standard coordinated vulnerability disclosure (CVD) framework, typically waiting 45 days after a patch has been made available before publishing any technical details about the vulnerability.\n\nThis methodology is designed to maximize the defensive benefits of the AI model while minimizing the risk of discovered flaws being exploited. [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc)\n\n## Partnerships and Collaboration\n\nProject Glasswing was launched as a consortium of over 45 organizations, led by Anthropic. [\\[2\\]](#cite-id-13a9KWrVqrWXgLIi)​\n\n### Founding Partners\n\nThe founding members of the consortium include major companies from the technology, finance, and cybersecurity sectors:\n\n* Amazon Web Services (AWS)\n* Anthropic\n* Apple\n* Broadcom\n* Cisco\n* CrowdStrike\n* Google\n* JPMorganChase\n* The Linux Foundation\n* Microsoft\n* NVIDIA\n* Palo Alto Networks\n\nIn addition to the core founding group, access to Claude Mythos Preview has been granted to over 40 other organizations responsible for maintaining critical software infrastructure. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP) [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc) [\\[4\\]](#cite-id-1K87iBna786EVpbw)​\n\n### Partner Perspectives\n\nRepresentatives from partner companies have publicly supported the initiative. Heather Adkins, Google's Vice President of Security Engineering, stated, \"Google is pleased to see this cross-industry cybersecurity initiative coming together. We have long believed that AI poses new challenges and opens new opportunities in cyber defense.\" Similarly, Igor Tsyganskiy, Microsoft's Global CISO, noted, \"Joining Project Glasswing, with access to Claude Mythos Preview, allows us to identify and mitigate risk early and augment our security and development solutions so we can better protect customers and Microsoft.” [\\[2\\]](#cite-id-13a9KWrVqrWXgLIi)​\n\n## Funding, Resources, and Access\n\n### Financial Commitments\n\nAnthropic has committed significant resources to support the project and the broader open-source security ecosystem:\n\n* **Model Access Credits:** A commitment of **$100 million in free usage credits** for Claude Mythos Preview is being distributed to project partners and other organizations maintaining critical infrastructure. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP)\n* **Direct Donations:** A total of **2.5 million** to the Alpha-Omega Project and the Open Source Security Foundation (OpenSSF) via The Linux Foundation, and **$1.5 million** to the Apache Software Foundation. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP) [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc)\n\n### Access and Pricing\n\nDuring the initial research preview phase, participants can use the model with costs largely covered by Anthropic's commitment of usage credits. Following this phase, approved participants can access the model at a rate of **125 per million output tokens**. The model is available to participants through multiple platforms, including the Claude API, Amazon Bedrock, Google Cloud's Vertex AI, and Microsoft Foundry. [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc)​\n\n## Public Attention and Pre-Launch Events\n\nThe official announcement of Project Glasswing on April 7, 2026, was preceded by two unrelated security incidents at Anthropic in late March 2026 that drew public attention.\n\n* **CMS Data Leak:** In late March 2026, a misconfiguration in a publicly searchable Content Management System (CMS) resulted in the unintended exposure of internal company assets, including a draft blog post that detailed Project Glasswing.\n* **NPM Package Leak:** On March 31, 2026, the full source code for an internal development tool named \"Claude Code\" was accidentally published to the public npm package registry, where it remained accessible for approximately three hours before being removed.\n\nAnthropic officially responded to these incidents, characterizing them as \"human errors in publishing tooling, not breaches of our security architecture.\" The company stated that it had implemented improved processes to prevent such errors in the future. [\\[3\\]](#cite-id-9g9G4aiQKE0Nt6qc)\n\n## Etymology\n\nThe project is named after the **glasswing butterfly** (*Greta oto*). The name serves as a dual metaphor for the project's mission:\n\n1. **Hidden Vulnerabilities:** The butterfly's transparent wings allow it to blend into its environment, symbolizing the subtle and difficult-to-detect software vulnerabilities that the project aims to uncover.\n2. **Transparency for Safety:** The butterfly's transparency is also a defense mechanism. This reflects the project's goal of using a transparent, collaborative approach to information sharing to improve cybersecurity for everyone.\n\nThis name was chosen to reflect both the challenge of finding hidden flaws and the collaborative nature of the solution. [\\[1\\]](#cite-id-e7V8b8Fxx1yBPrSP)","summary":"Project Glasswing is a cybersecurity consortium led by Anthropic. It uses the unreleased AI model, Claude Mythos Preview, to proactively discover and remediate security vulnerabilities in critical open-source software before such AI can be exploited.","images":[{"id":"QmT4Jhg21uRxPdikaUD2KP2CrKr5jc3KhboibJ4Ba91Wce","type":"image/jpeg, image/png"}],"categories":[{"id":"organizations","title":"organizations"}],"tags":[{"id":"AI"},{"id":"Organizations"}],"media":[],"metadata":[{"id":"references","value":"[\n  {\n    \"id\": \"e7V8b8Fxx1yBPrSP\",\n    \"url\": \"https://www.anthropic.com/glasswing\",\n    \"description\": \"Anthropic's announcement of Project Glasswing\",\n    \"timestamp\": 1775592958867\n  },\n  {\n    \"id\": \"13a9KWrVqrWXgLIi\",\n    \"url\": \"https://www.wired.com/story/anthropic-mythos-preview-project-glasswing/?utm\\\\_brand=wired\\\\&utm\\\\_social-type=owned\\\\&utm\\\\_source=twitter\\\\&utm\\\\_medium=social\\\\&utm\\\\_campaign=aud-dev\",\n    \"description\": \"WIRED article on Project Glasswing's launch\",\n    \"timestamp\": 1775592958867\n  },\n  {\n    \"id\": \"9g9G4aiQKE0Nt6qc\",\n    \"url\": \"https://venturebeat.com/technology/anthropic-says-its-most-powerful-ai-cyber-model-is-too-dangerous-to-release\",\n    \"description\": \"VentureBeat report on Anthropic's AI model and Glasswing\",\n    \"timestamp\": 1775592958867\n  },\n  {\n    \"id\": \"1K87iBna786EVpbw\",\n    \"url\": \"https://cyberscoop.com/project-glasswing-anthropic-ai-open-source-software-vulnerabilities/\",\n    \"description\": \"Cyberscoop on thousands of vulnerabilities found\",\n    \"timestamp\": 1775592958867\n  }\n]"},{"id":"website","value":"https://www.anthropic.com/glasswing"},{"id":"references","value":"https://www.wired.com/story/anthropic-mythos-preview-project-glasswing/?utm_brand=wired&utm_social-type=owned&utm_source=twitter&utm_medium=social&utm_campaign=aud-dev"},{"id":"previous_cid","value":"\"https://ipfs.everipedia.org/ipfs/QmbJB5ZeXnqwoNpMrFAV5nAi72pJku5FH2TtAgp22b57qq\""},{"id":"commit-message","value":"\"Removed Project Glasswing section\""},{"id":"previous_cid","value":"QmbJB5ZeXnqwoNpMrFAV5nAi72pJku5FH2TtAgp22b57qq"}],"events":[{"id":"224836ce-96ec-45ad-9f39-744c7e83469b","date":"2026-04","title":"Project Glasswing Launched","type":"CREATED","description":"Anthropic officially announced the formation of Project Glasswing, a cybersecurity consortium to proactively find and fix software vulnerabilities using its Claude Mythos Preview AI model.","link":"https://www.anthropic.com/glasswing","multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null},{"id":"10883165-1d80-4a77-9815-4fee72a12f24","date":"2026-04","title":"Disclosed 27-Year-Old OpenBSD Vulnerability","type":"DEFAULT","description":"As part of its initial findings, the project revealed it found a remote crash vulnerability in the OpenBSD operating system that had existed for 27 years.","link":"https://venturebeat.com/technology/anthropic-says-its-most-powerful-ai-cyber-model-is-too-dangerous-to-release","multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null},{"id":"92a97a79-733e-4efe-a69a-368431900e38","date":"2026-04","title":"Identified 16-Year-Old FFmpeg Bug","type":"DEFAULT","description":"The project identified a 16-year-old vulnerability in the FFmpeg multimedia library that had been missed by over five million automated test runs.","link":"https://cyberscoop.com/project-glasswing-anthropic-ai-open-source-software-vulnerabilities/","multiDateStart":null,"multiDateEnd":null,"continent":null,"country":null}],"user":{"id":"0x8af7a19a26d8fbc48defb35aefb15ec8c407f889"},"author":{"id":"0x8af7a19a26d8fbc48defb35aefb15ec8c407f889"},"operator":{"id":"0x1E23b34d3106F0C1c74D17f2Cd0F65cdb039b138"},"language":"en","version":1,"linkedWikis":{"blockchains":[],"founders":[],"speakers":[]},"recentActivity":"{\"items\":[{\"id\":\"81395da4-c07c-4732-bbf4-cd31e144a6e0\",\"title\":\"Project Glasswing\",\"description\":\"Project Glasswing is a cybersecurity consortium led by Anthropic. It uses the unreleased AI model, Claude Mythos Preview, to proactively discover and remediate security vulnerabilities in critical open-source software before such AI can be exploited.\",\"timestamp\":\"2026-04-07T20:49:36.354Z\",\"category\":\"organizations\",\"status\":{\"icon\":\"RiGlobalLine\",\"label\":\"Wiki Updated\",\"iconClassName\":\"text-green-500\"},\"user\":{\"name\":\"0x8af7a19a26d8fbc48defb35aefb15ec8c407f889\",\"address\":\"0x1E23b34d3106F0C1c74D17f2Cd0F65cdb039b138\"},\"button\":{\"label\":\"View Summary\",\"icon\":\"RiFileTextLine\"},\"summarySections\":[{\"title\":\"Metadata\",\"subtitle\":\"The unique identifier (ID) of the wiki page was updated.\",\"variant\":\"modified\",\"changeCount\":1,\"changes\":[\"Changed ID from 'QmZx2dvKACMkZTv2AJJ9dQnEpFgsPocDwTM46SFeQicRDV' to 'QmT4Jhg21uRxPdikaUD2KP2CrKr5jc3KhboibJ4Ba91Wce'.\"]},{\"title\":\"Benchmark Performance\",\"subtitle\":\"The formatting of the benchmark performance table was updated.\",\"variant\":\"modified\",\"changeCount\":1,\"changes\":[\"Updated the Markdown formatting of the table and removed a link from its header.\"]},{\"title\":\"Founding Partners\",\"subtitle\":\"An internal link was removed from a partner's name.\",\"variant\":\"modified\",\"changeCount\":1,\"changes\":[\"Removed the internal link from 'The Linux Foundation'.\"]},{\"title\":\"Financial Commitments\",\"subtitle\":\"Information regarding direct donations was rephrased and simplified.\",\"variant\":\"modified\",\"changeCount\":1,\"changes\":[\"Restructured the text about direct donations, removing the summary sentence with the '$4 million' total and internal links. [[1]](#cite-id-e7V8b8Fxx1yBPrSP) [[3]](#cite-id-9g9G4aiQKE0Nt6qc)\"]},{\"title\":\"Access and Pricing\",\"subtitle\":\"Pricing information for the model was updated.\",\"variant\":\"modified\",\"changeCount\":1,\"changes\":[\"Removed the pricing details for input tokens. [[3]](#cite-id-9g9G4aiQKE0Nt6qc)\"]}]}]}"}